Information Security Consultant — Zurich Insurance (sede Ticino)
NewCHF 51'500 - 88'000
Zurich Insurance (sede Ticino) · Lugano (TI)
- Location
- Lugano
- Contract
- full-time
- Posted
- Yesterday
SalaryCHF 51'500 - 88'000
Role overview
Job Accountabilities
Support the Greater China Business Information Security Officer (BISO) in strengthening information security governance, risk management and regulatory compliance across China & Hong Kong business units (BUs)
Identify control gaps and proactively drive remediation activities in collaboration with business and IT stakeholders
- Job Accountabilities
- Support the Greater China Business Information Security Officer (BISO) in strengthening information security governance, risk management and regulatory compliance across China & Hong Kong business units (BUs)
- Bachelor's degree holder with minimum 6 years of relevant experience in information security
- Qualification in CISSP / CISA / CISM is preferable
Key requirements
- Bachelor's degree holder with minimum 6 years of relevant experience in information security
- Qualification in CISSP / CISA / CISM is preferable
- Good knowledge of security concepts and architectures, IT security and compliance controls, operating system platforms and security models, etc.
Application process
- Validate and analyze security metrics provided by Group / APAC team (e.g. vulnerabilities, cloud and application security posture, security capability adoption, awareness levels), and lead remediation efforts at the BU level
- Consolidate, interpret and report regional and BU-level IT security metrics to enable BU management to clearly understand information security risk exposure
- Engage with business and IT teams to coordinate, perform and manage a broad range of security and risk assessment, track assessment findings and drive timely remediation to closure, for the following assessments: Cloud security assessments
- Third-party and vendor security assessments
- Business and IT application security assessments (pre- and pro-implementation, major changes, etc.)
- Regulatory compliance assessments (e.g. local regulations, PCI, GL20, PIPL, CBDT)
- IT compliance and control assessments, IT risk assessments Thematic or targeted security reviews
- Drive BU-level security awareness and education programs to enhance employee cyber resilience
Additional details
- Engage with business and IT teams to coordinate, perform and manage a broad range of security and risk assessment, track assessment findings and drive timely remediation to closure, for the following assessments: Cloud security assessments
- IT compliance and control assessments, IT risk assessments Thematic or targeted security reviews
- Ability to apply AI solutions with innovation in daily work Language requirements:
- Join us as we constantly explore new ways to protect our customers and the planet . Remote working: Hybrid
Notes and original content
- Engage with business and IT teams to coordinate, perform and manage a broad range of security and risk assessment, track assessment findings and drive timely remediation to closure, for the following assessments:
- Cloud security assessments
- IT compliance and control assessments, IT risk assessments
- Thematic or targeted security reviews
- Qualifications
- Ability to apply AI solutions with innovation in daily work
- Language requirements:
- Join us as we constantly explore new ways to protect our customers and the planet .
- Location(s): HK
- Remote working: Hybrid