Senior IT Security Architect

Paudex, Vaud, Switzerland

Do you want to dive in the fast-growing industry of drones and get a rewarding experience in a dynamic start-up environment?

At Flyability, we believe that robots should be sent into hazardous places and dangerous situations instead of humans. To support our belief, we created Elios, the world’s first collision-tolerant flying robot that for the first time allows remote entry to complex and indoor spaces. With more than 100 employees, Flyability is the pioneer in the UAV indoor inspection industry. Joining Flyability is not just taking on a new job, it is seizing the opportunity to improve the life of millions of people and build the future of robotics.

To complete our creative and dynamic team in Lausanne, we are seeking a

Senior IT Security Architect 100%

Starting date: by Summer 2023

Your role:

We are looking for a senior IT Security Architect to join us. We are seeking a motivated and proactive individual with a deep experience in IT Security management. This role will be setting and leading the Cybersecurity culture in the company, reporting to our VP Software, but with a remit company-wide.

What you will own:

  • Define, develop, lead and implement a corporate cybersecurity program.
  • Oversee global cybersecurity compliance and certification programs, including annual re-certifications.
  • Define and maintain reporting and accountability of cybersecurity KPIs for enterprise IT.
  • Establish governance of maturity assessment model and remediation activities in a roadmap.
  • Define, develop, and implement secure software development lifecycle governance.
  • Participate actively in the design of the solutions architecture.
  • Lead the definition of security requirements of all applications.
  • Carry out organizational and software security tests together with development and QA teams.
  • Carry out risk analyses for solution architectures.
  • Define and drive implementation of corporate information security policies.
  • Implement best practices standards in the area of IT security infrastructure and secure software development.
  • Promote cybersecurity culture to all stakeholders, and provide education where necessary.
  • Develop and implement Zero-Trust security concept for application integration.
  • Working with the Legal department to refine our Data Protection procedures
  • Define security requirements for all IT solutions, in house or procured.
  • Leading RFP for security solutions.

Requirements

Your profile:

You have in the region of 7-15 years’ experience. You bring the following knowledge and attributes.

  • Proven experience in delivery of Cybersecurity program within a software development company
  • Definition of Security standards and development methodology, in particular in the following areas: Compliance & Risk management, Conformity management, Risk assessment, Gap Analysis, Threat Protection
  • Deep knowledge of cybersecurity and risk management frameworks and practices such as ISO 27001 and NIST SP 800-30
  • Experience leading audits, risk assessments and communicating with stakeholders.
  • Knowledge in the organizational and technical areas of IT security (for example, at least some of the following: ISMS, SIEM, IAM, network, server, client and web security, SOC, incident response/management, IT risk management)
  • Project/program management skills
  • Strong understanding of software testing methodologies, tools, and processes

The more you bring in the following areas the better.

  • Certification/further education such as CISM, CISSP, Information Security
  • Proven experience in a DevSecOps methodology implementation
  • At ease in standardization, documentation and reviews
  • Knowledge in secure software development, secure coding (OWASP)
  • Knowledge of security frameworks, standards and regulations (NIST, ISO 2700*)
  • Analytical, methodical approach / conceptual skills
  • Experience with cloud technologies and modern software development methods (CI/CD, DevOps, DevSecOps)

TECHNICAL SKILLS:

We will benefit from your technical skills across some or all of cybersecurity architecture, software engineering, cloud security architecture, data privacy and loss prevention, CIS Controls and vulnerability management, OWASP, and security of applications, networks and infrastructure.

CERTIFICATES:

The more you bring in the following areas the better.

  • Cybersecurity certifications such as CISSP and or CISM
  • Certified Security Project Manager (CSPM) Certification or PMI
  • Experience in aligning corporate strategies with cybersecurity compliance goals and requirements.
  • OWASP foundation
  • AWS Cloud Architect
  • CIS Community Defense Model (CDM)

COMMUNICATION SKILLS:

  • Excellent communication skills both to technical staff as well as to the management
  • Ability to convince the stakeholders and influence them positively to adopt a security culture.
  • Ability to communicate complex technical challenges in a non-technical and simplified manner to key stakeholders.

EDUCATION:

  • Degree in Information or IT Security or a related subject
  • Fluent English
  • French would be a plus

Flyability is a young Swiss company that values independent thinking combined with a collaborative spirit. Every day, you will have the opportunity to share your ideas and contribute to solving problems. We all work together, and each voice is important to move forward.

Ready to join?

We know the confidence gap and impostor syndrome can get in the way of meeting spectacular candidates, so please don't hesitate to apply —regardless of your past experience or resume, we'd love to hear from you.