Information Security Assurance Expert

You will be part of a well-established international information Security team (part of CISO operations) focused on preventing vulnerabilities before they occur (Prevent Team).

As an Information Security Assurance Expert you will play a pivotal role in ensuring that Avaloqs services platforms and internal operations meet the highest standards of security compliance and operational resilience.

In this role you will:

• Perform in-depth assurance activities across technical and operational domains.
• Evaluate and maintain Avaloqs information security risk posture.
• Drive consistency in control design testing and audit readiness.
• Collaborate closely with stakeholders across Architecture IT Operations Cloud Engineering Audit Legal Risk Management and Product Teams.
• Support the continuous evolution of Avaloqs security control framework and risk assessment processes.
• You will contribute significantly to strengthening Avaloqs security posture and ensuring robust alignment with regulatory and contractual expectations. The position reports to the Head of Prevention
• Determine and document Technical IT security controls ensuring they are effectively mapped to Avaloqs internal control framework
• Determine the information security risk profile for each relevant service and asset.
• Perform and maintain asset-based information security risk assessments in line with ISO 27005 including recurring reviews.
• Identify and assess residual risks and consolidate aggregate risk across services and environments.
• Ensure that Avaloq maintains Operational Resilience in line with regulatory business continuity and reliability requirements.
• Track all requirements from Legal Regulatory and Contractual sources and translate them into actionable obligations.
• Map legal and regulatory requirements to the control framework and ensure recurring validation of control adequacy.
• Execute repeatable and automated testing of security control effectiveness.
• Lead or support audit preparation coordination evidence collection automation of audit workflows and audit response activities.
• Collaborate with Engineering Architecture Operations and Compliance teams to drive remediation and continuous improvement in the Information Security Management System (ISMS) ensuring alignment with emerging threats and industry best practices
• Contribute to maintaining a strong and transparent Security Assurance documentation base.

Qualifications :

• Bachelors or Masters degree in Information Security Computer Science Engineering or similar field.
• Several years of hands-on experience in information security assurance risk management audits or control frameworks.
• Strong understanding of security control frameworks (ISO 27001 NIST CSF SOC2 CCM OSPAR etc.).
• Proven experience conducting risk assessments (ISO 27005) and determining technical and organizational controls.
• Solid knowledge of infrastructure cloud technologies applications and common security technologies.
• Experience with audit processes internal control systems and evidence lifecycle management.
• Strong analytical skills structured problem solving and excellent documentation capabilities.
• Ability to collaborate effectively across diverse teams and influence key stakeholders.
• Experience with automation scripting or use of platforms to streamline assurance activities is an advantage.
• Relevant certifications such as ISO 27001 LA/LI CRISC CISA CISM CISSP are a plus.
• Fluent in English

Additional Information :

We realize that managing work life balance is a challenge we all face in our daily lives and in order to support with this we are pleased to offer hybrid and flexible working for most of our Avaloqers to maintain work life balance and still continue our fantastic Avaloq culture in our global offices. 

In Avaloq we are proud to embrace diversity and understand the success of our business is built on the power of different opinions we are whole heartedly committed to fostering an equal opportunity environment and inclusive culture where you can be your true authentic self. 

We hire compensate and promote regardless of origin age gender identity sexual orientation or any other fantastic traits that make us all unique we have done our best to write this advert in an inclusive and neutral way. 

Please be aware that we will not accept speculative CV submissions for any of our roles from recruitment agencies and any unsolicited candidate submissions will be exempt from any payment expectations.  

#LI-Hybrid

Remote Work :

No

Employment Type :

Full-time