Job Summary
The Global Corporate Information Security Team is expanding, and we are seeking a Head of Application Security to join us in Switzerland. This role reports to the Head of Digital Security and involves overseeing the security of applications and software development processes.
Responsibilities:
* We oversee the global application security strategy for IT, OT and Product Security, as well as lead the Application Security Team, Products and Services.
* We develop and implement application (& systems) security policies and standards.
* We drive DevSecOps, Secure coding Practices, Security Testing and Compliance.
* We collaborate with IT, IS and development teams to secure the software development lifecycle (SDLC).
* We oversee integration of security controls in the design, development, and deployment of applications.
* We lead regular code reviews, penetration tests, and vulnerability assessments to identify potential risks.
* We collaborate with development, QA, and DevOps teams to embed security into agile development practices.
* We manage the selection and deployment of security testing tools and frameworks for application validation.
* We ensure compliance with industry standards and regulations related to application security.
* We provide training and guidance on secure development practices and emerging application threats.
Requirements:
* Bachelor's/Master's degree in Cybersecurity, Computer Science or related field.
* 5+ years in cybersecurity and 3+ years in a leadership role.
* Certifications such as CISSP or CISM, as well as Cloud certifications (AWS, Azure, or GCP), are preferred.
* Fluency in English is mandatory, with German and French being an asset.
* Good understanding of cybersecurity frameworks and standards (ISO 27001, NIST).
* Deep knowledge of application security concepts and principles.
* Knowledge of application security tools and techniques.
* Expertise in secure coding practices and methodologies.
* Familiarity with OWASP framework, defensible architectures, and defense in depth.
* Able to communicate technical concepts to non-technical audiences.
* Able to manage and collaborate with stakeholders.
* Project management skills.
* Ready for global travel.
Our Offer:
We offer a secure job with progressive and family-friendly employment conditions, including flexible working hours, hybrid working, and opportunities for further training.