As a Senior Information Security & Risk Analyst in the Information Security Team, you will play a pivotal role in establishing and maintaining a robust security framework to protect our assets and meet regulatory requirements. You will be responsible for analyzing and evaluating the company's security posture, assessing potential vulnerabilities, and ensuring the implementation of best practices and security controls. Working closely with cross-functional teams, you will lead risk assessments, establish security policies, answer to due diligence requests and contribute to the continuous improvement of the organization's information security program. Your expertise in information security, GRC methodologies, regulatory frameworks and industry standards will be critical in driving our cybersecurity initiatives and managing risk across the enterprise. Additionally, you will contribute to the improvement of our employees' security awareness program, fostering a culture of security consciousness among employees and stakeholders.

We are seeking an experienced Information Security professional who can leverage their expertise and thrive in a dynamic, fast-paced environment. If you are eager to embrace this challenge, we look forward to receiving your application.

Your main tasks :

• Conduct risk assessments and due diligence and recommend appropriate risk mitigation strategies.
• Develop security policies, procedures and standards with industry best practices and regulatory requirements.
• Answer to audit requests and manage relationship with internal and external auditors.
• Manage security issues and support requests from users and business teams.
• Contribute to our security awareness and training program.
• Participate to Incident Response and Forensics activities.
• Develop and maintain the organization's business continuity and disaster recovery plans.
• Operate periodic security controls.

Mandatory

• Minimum 5 years’ experience in similar roles
• Experience in banking / financial industry
• Excellent French and English communication skills, oral and written
• Strong organization skills

Desired

• Solid knowledge of FINMA regulation and Cybersecurity frameworks (NIST CSF, ISO/IEC 27001)
• Bachelor or Master in Computer Science or similar
• CISSP, CISA or similar qualifications