ppThreema is the world’s best-selling secure messenger for both private users and businesses. Since 2012, we have been working tirelessly to ensure that our users can communicate freely without worrying about their privacy. Our growing user base includes millions of private customers and thousands of businesses and organizations from all over the world. /p h3Your Role /h3 pThreema is a company that not only promises security and data protection in its advertising, but also lives up to these promises. This is also reflected in our successful product. However, with our strong growth from a small to a medium-sized company, it has become necessary to formalize many internal processes. Until now, these topics have been shared across various team members – now we are looking for a dedicated person to take on this responsibility in a consolidated role. /p h3Your Responsibilities /h3 h3Organizational responsibilities /h3 ul liDeveloping a company-wide security strategy /li liBuilding and operating an Information Security Management System (ISMS) /li liDeveloping and enforcing security policies /li liConducting risk assessments and business impact analyses /li liDeveloping incident response and disaster recovery plans /li liSupporting certification processes /li liEnsuring compliance with data protection regulations in collaboration with our Legal Counsel /li liResponding to security questionnaires and customer requirements /li liRaising employee awareness of information security topics /li /ul h3Technical responsibilities /h3 ul liEvaluating and assessing security solutions for our infrastructure (Linux, macOS, on-premises, open source) /li liConducting or overseeing penetration tests and security audits /li liContinuously analyzing and improving technical security measures /li liContributing to the implementation of security requirements together with the Operations team /li /ul h3Your Skills /h3 pOur IT environment is not typical of a classic Swiss SME with Microsoft technologies and many cloud services. Instead, we rely on macOS and Linux, use open-source services where appropriate and possible, and operate most of the services we use on-premises. We are looking for someone who likes to get involved and is willing to help lead and execute projects. /p pIdeally, you will have the following: /p ul liA degree in Computer Science or an equivalent qualification /li liAt least five years of relevant work experience in information security /li liFamiliarity with common security frameworks and standards (ISO 27k, NIST, CIS, SOC 2) /li liHands-on experience with certification processes, either as the person in charge or as part of a team that has gone through a certification /li liSolid knowledge of network and application security, including common security technologies (firewalls, intrusion detection, SIEM, endpoint protection, MDM, vulnerability scanners) /li liExperience in conducting penetration tests and security audits /li liA strong sense of responsibility and a meticulous approach to work /li liA positive mindset with a genuine enthusiasm for information security and privacy /li liStrong written and spoken German and English /li /ul h3What We Offer /h3 ul liPragmatic application process incl. compact assessment with practical tasks /li liA young and motivated team with straightforward communication /li liOpportunity to work on many different projects and improve and define processes /li liFlexible working hours, option to work from home up to two days per week /li liUp to two Workation weeks per year /li liOption to take unpaid leave /li liA dedicated budget for computer/workstation (macOS or Linux) /li liPublic transportation discount or parking space (electric car charging available) /li liFree use of fitness room, including a fitness trainer once a month /li liProfessional massage once a month /li liInternal German or English courses /li liRegular events and get-togethers /li liThe good feeling of contributing to the effective protection of the privacy of millions of people /li /ul h3Place of work /h3 pPfäffikon SZ (Greater Zurich Area) /p h3Start date /h3 pJune 1st or by agreement /p /p #J-18808-Ljbffr
