Senior IT Security Governance (m/f/d)

Senior IT Security Governance (m/f/d) Generali | online seit: 14.04.2025  In this role you will be responsible for developing, implementing, and maintaining the organization's IT security governance framework. This role ensures compliance with local and Group regulations, industry standards and best practices. Additionally, the role includes conducting IT security awareness training, including phishing simulations, KPI and KRI reporting, interfacing with risk management, and running Cyber Resilience and Information Technology Risk Assessment (ITRA) processes. Leading business continuity adoption and implementation, crisis management and involvement in the preparation of Disaster Recovery (DR) plans.

• You develop and maintain comprehensive information security policies, standards, and procedures. Providing guidance and training to stakeholders at all levels.
• You collaborate with cross-functional teams especially risk management teams and ensure consistent application of security measures.
• Conduct IT security awareness training, including phishing simulations, to educate employees on recognizing and responding to security threats
• Develop and implement KPI and KRI reporting.
• Run Cyber Resilience and Information Technology Risk Assessments (ITRA)
• Lead the adoption and implementation of business continuity plans to ensure operational stability during disruptions
• Oversee crisis management efforts, including training and preparedness exercises, to ensure effective response during emergencies
• Participate in the preparation and maintenance of Disaster Recovery (DR) plans

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Extensive experience in information security governance, risk management, and compliance.
• Strong knowledge of ISO, NIST, and other security standards.
• Familiarity with group regulations and the ability to ensure compliance across multiple subsidiaries.
• Excellent communication and leadership skills.
• Experience in conducting IT security awareness training, including phishing simulations.
• Proficiency in KPI and KRI reporting and interfacing with risk management teams.
• Knowledge of CRA and ITRA processes.
• Experience in business continuity planning, implementation.
• Proven ability to lead crisis management and conduct training.
• Experience in the preparation and maintenance of Disaster Recovery (DR) plans.
• Professional certifications such as CISSP, CISM, or CISA is a plus.

Soodmattenstrasse 2, 8134 Adliswil Jessica Keine Details erfasst

Aktionen

Umantis