Sulzer is a global leader in fluid engineering. We specialize in pumping, agitation, mixing, separation and application technologies for fluids of all types. Our customers benefit from our commitment to innovation, performance and quality and from our responsive network of 180 world-class manufacturing facilities and service centers across the globe. Sulzer has been headquartered in Winterthur, Switzerland, since 1834. In 2019, our 16'500 employees delivered revenues of CHF 3.7 billion. Our shares are traded on the SIX Swiss Exchange (SIX: SUN). www.sulzer.com
For our Group Information Security Team at our headquarters in Winterthur we are looking for an
Information Security Analyst (100%)
Reporting to the Chief Information Security Officer, the IT security analyst analyses the security measures of the company and determines their effectiveness, based on a risk assessment. The analyst is responsible for consulting and instructing staff to implement or be aware of company security measures. The analyst works with business administrators as well as IT professionals to improve security. In addition, the security professional works on security breaches or information security incidents in order to document the "lessons learned" and start additional security initiatives to fill security gaps.
As an Information Security Analyst you will be responsible for the following tasks:
- Supports the design, implementation, operation and maintenance of the Information Security Management System (ISMS).
- Supports development and management of security policies, standards, guidelines and procedures.
- Support the CISO in approval and managing policy exceptions, security tickets and changes.
- Checking compliance against the security directives based ISO 27001/27002 by monitoring of the Sulzer IT landscape
- Supporting developing and managing the information security risk assessment and control framework in accordance with the existing standards
- Provides security consulting for projects, network security architecture, network access and monitoring
- Employee education and awareness training.
- Work with other executives to prioritize regional or global security initiatives based on appropriate risk management and/or financial methodology.
- Oversees IT incident response planning as well as the investigation of IT security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.
- Bachelor's degree in Computer Science or related field
- In minimum 2 years work experience, including experience in responding to security problems, looking at security alerts, front-line analysis and escalation
- Deep knowledge about Windows based operating systems. Includes analysis of security issues e.g. interpreting log files, etc.
- Deep knowledge about networks with ability to perform investigations (log file analysis, etc.)
- Good knowledge about Information Security in general
- Demonstrated ability to analyze, triage and escalate security incidents
- CISSP, CEH or equivalent certification
- Deep understanding of the current threat landscape including common attack types and malware capabilities
- Good knowledge in (Security) Data Analytics, Threat & Security Intelligence, Security Event and Incident Handling
- Good communication skills in English
In this new exciting and challenging role, you will have the possibility to apply your existing knowledge and learn new skills in a dynamic global environment. You will become part of the IT organization that successfully operates in 40 countries in the world. Together with your team you will have the opportunity to contribute to the success of the Group IT Organization at Sulzer.