You will have the following key responsibilities:
IT and Network Security
* Take ownership of IT security operations, including security monitoring, email and network security.
* Collaborate with the Infrastructure team and CISO organisation on all IT security-related topics.
* Contribute to the development of penetration testing and incident response programs.
* Manage audit and compliance activities, including risk assessment, in conjunction with the GRC team.
* Determine procedures and standards for security management within IT and the wider business to ensure high proactive standards.
* Evaluate bug bounty reports and recommend mitigation actions in collaboration with developers and the IT Infrastructure team.
Incident Response
* Provide incident response support to IT teams during security incidents. Investigate suspected security events, recommend corrective actions, and coordinate their implementation.
* Analyse malware or malicious documents to identify their behavior, assess impact, and implement mitigation strategies.
* Triage Firewall, Exchange Online Protection, and EDR alerts and incidents.
* Develop detection and mitigation capabilities to prevent future security incidents.
* Document security incidents and processes.
Threat Hunting
* Perform security assessments, penetration tests, vulnerability assessments, and threat hunting.
* Test the security posture of Bitcoin Suisse's platforms and assess company services and infrastructure.
* Identify gaps in application and infrastructure hardening and propose mitigation actions in collaboration with the IT Infrastructure team.
Requirements
* Bachelor's or Master's degree in Information Systems, Business, or a related field.
* Hands-on experience with Azure, Entra ID, and M365.
* Familiarity with Fortinet tools and devices (FortiGate, FortiAnalyser, FortiEMS, etc.).
* Experience in blockchain security is an asset.
* Flexible working attitude with the ability to perform under time pressure in a fast-paced environment.
* Able to quickly learn and adapt to new situations and requirements.
* Strong collaboration skills, working proactively with the development team to ensure robust security in application design.
* Relevant IT security certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).
* Fluent in English.
What we offer
* Expertise: Work with crypto-native experts.
* Culture: Positive and supportive team culture that relies on common goals, ambitions, and values.
* Activities: Regular team events and activities.
* Ownership: High level of autonomy and responsibility.
* Crypto Salary: Option to receive a part of your salary in Bitcoin and/or Ether.
* Fitness: Sport over lunch activities.
* Location: Office location in Crypto Valley, Zug, Switzerland, next to the train station.
* Workation: Enjoy the flexibility of working across designated EU countries, with up to 10 days a year to combine work and travel.
Please note that only direct applications with a valid working permit for Switzerland will be considered.