Cloud & Network Security Service Owner (Engineer) — Avaloq
- Location
- Zurich
- Contract
- other
- Posted
- 22 days ago
Role overview
We are looking for a hands-on security engineer to take end-to-end ownership of our Cloud Security & Cryptographic Services and Network Security domains.
You will shape how these services are delivered across cloud and hybrid-cloud environments - setting direction, driving adoption, and ensuring operational quality - while also contributing directly to implementation, automation, troubleshooting, and continuous improvement (this is not a purely coordinating role).
Your key tasks • Own and continuously improve the Cloud & Network Security service scope, including: • Cloud security posture and guardrails (secure-by-default baselines, policies, zones/guardrails) • Cloud detection and response controls (configuration, tuning, integrations, signal quality) • Cryptographic services (keys, certificates, secrets, API keys: lifecycle, rotation, revocation, access governance, compliance evidence) • Network security posture and governance (firewalls, proxies, IDS/IPS, Cloudflare-based services, NSGs/security lists) • Run a sustainable network rule governance model (inventory, periodic re-accreditation/recertification, exception handling, audit readiness) • Drive automation-first operations : monitoring, metrics, alerting, playbooks, inventory automation, configuration validation, and drift prevention • Translate stakeholder needs into clear standards, backlogs, and delivery priorities - and ensure adoption with minimal friction for engineering teams • Actively contribute hands-on: configuration changes, scripting/automation, troubleshooting, and incident/on-call support when needed This role can be based in Zurich or Bioggio.
Description
We are looking for a hands-on security engineer to take end-to-end ownership of our Cloud Security & Cryptographic Services and Network Security domains.
You will shape how these services are delivered across cloud and hybrid-cloud environments - setting direction, driving adoption, and ensuring operational quality - while also contributing directly to implementation, automation, troubleshooting, and continuous improvement (this is not a purely coordinating role).
Your key tasks • Own and continuously improve the Cloud & Network Security service scope, including: • Cloud security posture and guardrails (secure-by-default baselines, policies, zones/guardrails) • Cloud detection and response controls (configuration, tuning, integrations, signal quality) • Cryptographic services (keys, certificates, secrets, API keys: lifecycle, rotation, revocation, access governance, compliance evidence) • Network security posture and governance (firewalls, proxies, IDS/IPS, Cloudflare-based services, NSGs/security lists) • Run a sustainable network rule governance model (inventory, periodic re-accreditation/recertification, exception handling, audit readiness) • Drive automation-first operations : monitoring, metrics, alerting, playbooks, inventory automation, configuration validation, and drift prevention • Translate stakeholder needs into clear standards, backlogs, and delivery priorities - and ensure adoption with minimal friction for engineering teams • Actively contribute hands-on: configuration changes, scripting/automation, troubleshooting, and incident/on-call support when needed This role can be based in Zurich or Bioggio.
