You will have the following responsibilities
IT and Network Security
1. Ownership of IT security operations to further security systems (e.g. security monitoring, email and network security)
2. Assist the Infrastructure team and the CISO organisation in all topics related to IT security
3. Contribute to the development of penetration testing and incident response program
4. Handle audit and compliance related activities and associated risk assessment with GRC team
5. Define procedures and standards for security management both within IT and in the wider business to ensure a high proactive standard.
6. Evaluate bug bounty reports and recommend mitigation actions working closely with developers and IT Infrastructure team
Incident Response
7. Provide incident response / support to IT teams during security incidents. Investigate suspected security events, recommend and coordinate corrective actions
8. Analyse malware or malicious documents to identify their behaviour, assess the impact and mitigate accordingly
9. Triaging of Firewall, Exchange Online Protection and EDR alerts and incidents
10. Develop detection and mitigation capabilities to prevent future security incidents
11. Document security incidents and processes
Threat Hunting
12. Perform security assessments, penetration tests, vulnerability assessments and threat hunting
13. Test the security posture of the Bitcoin Suisse‘s platforms and perform assessments of company service and infrastructure
14. Identify gaps in the hardening of applications and infrastructure and propose mitigation actions collaborating with IT Infrastructure team
What you bring along?
15. A Bachelor's or Master's degree in Information Systems, Business, or a related field
16. Hands-on experience with Azure, Entra ID, and M365
17. Familiarity with Fortinet tools and devices (FortiGate, FortiAnalyser, FortiEMS, etc.).
18. Any experience in blockchain security is a plus
19. A flexible working attitude, with the ability to perform under time pressure in a fast-paced environment.
20. A proven ability to quickly learn and adapt to new situations and requirements
21. Strong collaboration skills, working proactively with the development team to ensure robust security in application design
22. Relevant IT security certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP)
23. Fluent in English
What we offer
24. Expertise: Work with crypto native experts
25. Culture: Positive and supportive team culture that relies on common goals, ambitions and values
26. Activities: Regular team events and activities
27. Ownership: High level of autonomy and responsibility
28. Crypto Salary: Option to get a part of your salary in Bitcoin and/or Ether
29. Fitness: Sport over lunch activities
30. Location: Office location in crypto valley right next to the train station of Zug
31. Workation: Enjoy the flexibility of working across designated EU countries, with up to 10 days a year to combine work and travel
Please note that for this position, only direct applications with a valid working permit for Switzerland will be considered.