Information Security Specialist

Swiss Aviation Software is a 100% subsidiary of Lufthansa Technik, and along with our partners in the Digital Tech Ops Ecosystem, leads the digital transformation of the aviation industry in technical asset operation. Swiss Aviation Software develops, distributes and runs the critical software package AMOS which manages the maintenance, engineering and logistics requirements of international modern airlines. In order to strengthen our leading market position we are looking for dedicated employees who would like to work in a fascinating international environment with more than 230 customers from all over the world.

Are you passionate about information security and have the drive to support and guide your colleagues to help protect the company's information and information technology assets? We are looking for an independent, dynamic and pragmatic colleague with solid practical technical experience in information / cyber security who is now looking to enrich their daily work with responsibilities in governance, risk and compliance.

Your challenge will be to ensure that the certifications ISO/IEC 27001, SOC1 and SOC2 are being kept in close collaboration with our ISO. We expect the candidate to act as advocate for information security and above all support all colleagues to understand how their area is affected in the context of information security.

• Partnership with critical teams in terms of infrastructure for audits and assurance subject matters
• Conduct internal audits and assessments to identify gaps and ensure compliance with internal requirements
• Monitor technical security controls within GCP our Cloud environment and our internal infrastructure
• Organize, manage, scope and oversee execution of pentest
• Manage and provide guidance on vulnerabilities, prioritizing them based on technical severity and business impact and further support, including providing technical and operational guidance for remediating identified findings
• Act as security risk advisor on activities that could affect information security
• Responsible to manage and provide guidance on security issues and findings as part of the customer support inquiries
• Support with Incident Management

• Master degree in computer science
• Industry recognized security qualifications such as CISSP (or equivalent) etc. (CISSP or equivalent of advantage)
• Sound knowledge and experience with ISO/IEC 27001, SOC 1 and or SOC2 compliance requirements certifications
• Proven track record of contributing to or implementing previous ISMSimplementations, ideally aligned with ISO/IEC 27001.
• At least 5 years of experience in a position similar to the described one
• Excellent understanding and practical experience in all aspects of information security and IT security
• Very strong communication skills and expert in building connections.
• Ability and comfort in interacting with colleagues at all levels
• High level of integrity

• Working in an open and cooperative environment with a motivated and friendly team

• Flexible working hours (flex time model)

• Hybrid work model

• Flight and travel discount

• Excellent working conditions in pleasant surroundings

• Good professional and personal development opportunities

• Highly appealing pension fund scheme/retirement savings plan

• An international work environment with people from around the globe