CrawlJobs Logo
SIG Group Logo SIG Group · IT - Administration

Specialist Information Security

Switzerland, Neuhausen · Job Posted March 22, 2026
Apply Position
Job Link Share

Job Description

SIG is a leading provider of packaging systems and solutions for better. We work in partnership with our customers to bring food products to consumers around the world in a safe, sustainable, and affordable way. We are the only packaging system supplier covering carton, pouch, and bag-in-box. Our versatile technology and product innovation capacity enable us to deliver better for customers, for consumers, and for the world. Sustainability guides us, technology empowers us, but it’s the passion and drive of our people that truly enable us to deliver better.

Job Responsibility

  • Support the Information Security & Risk Manager in developing, maintaining, and operating both the AIMS and ISMS , including AI governance implementation by ISO/IEC 42001, and ISO/IEC 27001 continuous improvement activities
  • Coordinate internal and external audits by preparing, maintaining, and reviewing ISMS- and AIMS‑related controls, evidence, and remediation actions
  • Perform initial security and AI risk /impact assessments and contribute to enhancing SIG’s IT Risk Management processes within the Risk Management Portal
  • Conduct supplier security assessments and support the procurement process for supplier qualification, including AI‑related vendor and tool risk evaluations
  • Perform initial security assessments for critical IT and AI‑related projects, providing security requirements, risk mitigation guidance, and alignment with SIG’s ISMS and AIMS controls
  • Evaluate AI use cases, integrations, and tools under AIMS and ensure regulatory compliance, including alignment with the EU AI Act, NIS2, data protection requirements, and other applicable security and AI‑related regulations. This includes conducting AI impact assessments, verifying data classification, and ensuring responsible and secure AI usage
  • Support SIG’s Security Governance Framework by maintaining policies, procedures, and technical standards across ISMS and AIMS, ensuring documentation is up-to-date, aligned with global governance requirements, and consistently implemented across regions

Requirements

  • Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field
  • 3+ years of hands-on experience in the Information Security or IT governance domain
  • Foundational understanding of ISO 27001, ISO 42001, AI governance frameworks, and emerging regulatory requirements (e.g., EU AI Act, NIS2, GDPR)
  • Knowledge of ISMS (ISO 27001) requirements, control frameworks, and audit processes
  • Knowledge of AIMS (Artificial Intelligence Management System) concepts such as AI lifecycle governance, data classification, AI risk assessment, and responsible AI principles
  • Familiarity with legal and regulatory requirements, including GDPR, EU AI Act, NIS2, and other security or AI‑related compliance standards
  • Knowledge of risk management methods, including risk identification, assessment, and mitigation techniques
  • Awareness of the operational impacts and business risks caused by cybersecurity or AI‑related incidents
  • Understanding of how ISMS and AIMS controls integrate with IT and business processes, including policy management, governance workflows, and audit readiness
  • Experience supporting compliance initiatives or regulatory readiness activities (e.g., audit preparation, evidence collection, control documentation)
  • Results-driven, self‑motivated, and able to work independently with minimal supervision

Nice to have

Professional certifications such as ISO/IEC 42001 Lead Implementer, ISO 27001 Lead Implementer, ISO/IEC 42001 Lead Auditor, CISA, CISM, CompTIA Security+, Certified AI Governance Professional (CAIGP), or equivalent are preffered but not mandatory

What we offer

  • Competitive compensation
  • Opportunity to partially work from home
  • Part of a globally successful international company
  • Personal development opportunities
  • Trainings and coaching opportunities from senior team members
SIG Group - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Specialist Information Security

8 matching positions

Information Assurance Specialist I (Information Security Analyst)

Barbaricum is seeking an Information Assurance Specialist I (Information Securit...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 2yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets (e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process
  • Demonstrated experience with continuous monitoring/ongoing authorization
Job Responsibility
Job Responsibility
  • Support cybersecurity compliance, risk management, and information assurance activities for Department of Defense (DoD) systems and networks
  • Assist in assessing and validating security controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD requirements
  • Support the Security Assessment and Authorization (SA&A) process by reviewing control implementations, identifying risks, and documenting findings
  • Participate in continuous monitoring and ongoing authorization activities to help maintain system security posture and compliance
  • Assist with vulnerability assessments, security reviews, and remediation tracking efforts across enterprise environments
  • Collaborate with system administrators, engineers, and cybersecurity personnel to implement and maintain required security controls
  • Develop and maintain cybersecurity documentation, including assessment reports, compliance artifacts, and authorization support materials
  • Monitor security-related activities and provide recommendations for risk mitigation and control improvements
  • Support compliance with the Risk Management Framework (RMF), organizational policies, and applicable federal and DoD cybersecurity standards
  • Stay informed on cybersecurity threats, vulnerabilities, and best practices to support effective information assurance operations
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist – III (Information Security Analyst)

Barbaricum is seeking an experienced Information Assurance Specialist III (Infor...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Must meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 10yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets.(e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&SA process
  • Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on researching, writing, and submitting complete A&A documentation packages for new system authorizations
Job Responsibility
Job Responsibility
  • Assess, implement, and validate cybersecurity controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD cybersecurity requirements
  • Support the Security Assessment and Authorization (SA&A) process by evaluating security controls, identifying risks, and recommending mitigation strategies
  • Develop, review, and maintain Assessment and Authorization (A&A) documentation packages to support system accreditation and authorization efforts
  • Conduct security assessments, vulnerability analyses, and compliance reviews to ensure systems meet federal and DoD cybersecurity standards
  • Collaborate with system owners, engineers, and cybersecurity teams to implement security controls and maintain a strong security posture across enterprise environments
  • Support continuous monitoring activities, including risk assessments, control validation, remediation tracking, and reporting
  • Provide cybersecurity guidance and recommendations related to information assurance, risk management, and regulatory compliance
  • Prepare technical reports, security documentation, and executive briefings to support authorization decisions and stakeholder requirements
  • Ensure compliance with Risk Management Framework (RMF), DoD policies, and applicable government cybersecurity regulations
  • Serve as a subject matter expert on information assurance, cybersecurity controls, accreditation processes, and security compliance initiatives
  • Fulltime
Read More
Arrow Right

Senior Business Information Security Specialist

The InfoSec team at JET is scaling its security partnership and vendor assurance...
Location
Location
United Kingdom
Salary
Salary:
Not provided
justeattakeaway.com Logo
Just Eat Takeaway.com
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated ability to execute security risk assessments and vendor reviews end-to-end, including evidence collection, gap analysis, and documented findings
  • Working knowledge of security frameworks such as NIST CSF, ISO 27001, or CIS Controls applied in a product or engineering context
  • Ability to communicate security risk clearly to both technical and non-technical audiences, without defaulting to jargon or compliance-speak
  • Familiarity with GRC concepts including risk management, controls design, and third-party assurance, gained through hands-on practice rather than solely policy work
  • Comfort working across multiple teams and geographies in a fast-moving environment, managing competing priorities without losing accuracy or rigour
Job Responsibility
Job Responsibility
  • Execute vendor security assessments by collecting, analysing, and documenting supplier control evidence, audit reports, and risk findings against defined frameworks including ISO 27001 and NIST CSF
  • Identify and document third-party security risks, recommending proportionate risk treatment options aligned to JET's risk appetite
  • Support threat modelling, secure design reviews, risk remediation recommendations and early-stage risk assessments alongside engineering teams as part of the secure development lifecycle
  • Translate security findings into clear, business-aligned risk language for product and stakeholders, reducing reliance on technical jargon
  • Maintain accurate risk registers, vendor assessment records, and reporting inputs that feed into executive-level risk dashboards
  • Build working relationships with business and technology teams across multiple markets, acting as a visible and trusted point of contact for security guidance
  • Fulltime
Read More
Arrow Right

Senior Information Security Specialist

SmartRecruiters is looking for a Senior Information Security Specialist to join ...
Location
Location
Poland
Salary
Salary:
Not provided
smartrecruiters.com Logo
SmartRecruiters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Hands-on experience with incident response - including participation in security incident investigations, containment, and post-mortem processes
  • Solid understanding of controls auditing principles and evidence management
  • Technical understanding of cloud infrastructure (AWS preferred), networking fundamentals, identity management, and SaaS security architectures
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
Job Responsibility
Job Responsibility
  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
  • Fulltime
Read More
Arrow Right

Information Security Specialist

The Information Security Specialist role involves gathering and analyzing securi...
Location
Location
Colombia , Distrito Capital de Bogotá
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep knowledge of GPO and AD
  • Fortigate firewall configuration
  • Fortigate firewall knowledge
  • Hands on
  • Implement remediation needed
  • Knowledge of Crowdstrike
  • Knowledge of Qualys
  • Knowledge of RSA MFA application
  • Knowledge of traffic analysis technicals
  • Knowledge of traffic routes and protocols
Job Responsibility
Job Responsibility
  • Gather & Analyze Requirements of – System, Capabilities, Users, Roles, Processes & Data and Document them in Customer accepted formats/ Templates
  • Collaborate with team members and participate in designing optimum solution for the signed off requirements
  • Receive demands related to information security and apply them in the computing environment
  • Strong verbal and written and communications skills with the ability to communicate at all levels of business
  • High energy, self-motivated, should be able to accomplish project goals with minimal or no supervision
Read More
Arrow Right

Information Security Specialist

As an Information Security Specialist, you assist in the overall security strate...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
60000.00 - 75000.00 EUR / Year
recruitee.com Logo
Recruitee
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • IT Security related work experience
  • Familiarity with security standards and regulations
  • Knowledge in risk assessment, treatment plans, incident response, and security audits
  • Basic understanding of technical security implementations
  • Experience with ISO 27001 and SOC 2 Type II
  • Ability to explain security topics to both technical and non-technical audiences
  • Flexibility, creativity, and focus on delivering solutions that work for every stakeholder involved
Job Responsibility
Job Responsibility
  • Assist in the overall security strategy of the company
  • Design, implement, and maintain policies and procedures that reduce security risks and increase compliance and awareness
  • Help in assessing the risks and vulnerabilities in the IT landscape and infrastructure, determining the impact and likelihood of these risks, and mitigating them
  • Be part of the incident management team and handle security incidents, crisis management, and post-mortem analysis to safeguard business continuity
  • Ensure company-wide adherence to legal, regulatory, and industry standards by implementing and managing policies, procedures, programs, projects, and documentation
  • Enforce security baselines, manage compliance checks, and ensure policies and procedures remain aligned with security requirements
  • Be the link between leadership, sales & marketing, support, development, customers, and third-parties for all cybersecurity matters
  • Assist with internal and external security questions
  • Focus on policies and compliance
  • Broader discussions on how security can be implemented without being a hindrance for employees and users, while still maintaining a good level of security and adherence to legal, regulatory, and industry standards
What we offer
What we offer
  • Flexibility to work from home in the Netherlands and from our beautiful canal-side office in Amsterdam
  • A chance to be part of and shape one of the most ambitious scale-ups in Europe
  • Work in a diverse and multicultural team
  • €1,500 annual training budget plus internal training
  • Pension plan, travel reimbursement, and wellness perks
  • 28 paid holiday days + 2 additional days to relax in 2026
  • Work from anywhere for 4 weeks/year
  • An inclusive and international work environment with a whole lot of fun thrown in
  • Apple MacBook and tools
  • €200 Home Office budget
  • Fulltime
Read More
Arrow Right

Information Security Specialist

Information Security Specialist role focused on formatting and enhancing the Inf...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
https://www.metlengroup.com Logo
Metlen Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent qualification in Information Technology or related field
  • Professional certifications such as CISM, CISA, CISSP, CRISC, ISO 27001 LA would be considered an asset
  • +3 years of experience in similar roles/positions
  • Project management skills (PMP certification) would be considered an asset
  • Problem-solving and analytical abilities
  • Proactive approach to identifying potential issues and opportunities for improvement
Job Responsibility
Job Responsibility
  • Participate in the supervision and implementation of the Information Security Management System (ISMS) throughout the Company
  • Update and/or renewal of the Information Security Framework
  • Design and develop new information systems and propose security requirements
  • Participate in the response to security incidents involving the Company's information systems
  • Assist in periodic risk assessments in relation to information security
  • Monitor risk indicators and effectiveness of security measures
  • Assist the team in certification projects, certification renewal, compliance with regulatory and statutory requirements
What we offer
What we offer
  • Competitive remuneration package
  • Ticket Restaurant Card
  • Group Health Insurance Plan
  • Preferential household electricity plan
  • Pension Plan
  • Fulltime
Read More
Arrow Right

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right