ICT Security Architect

• Developing security concepts and guidelines as a basis for project implementations as well as security-relevant specifications regarding software and hardware architectures
• Assessing architectures and solutions regarding their impact on security and compliance
• Leading internal projects on the topic of security architecture
• Supporting risk analyses in collaboration with ICT Information Security Management and ensuring the interface to the CISO organization of RUAG MRO Holding AG
• Providing technical and regulatory advice for operational teams
• Regularly reviewing and updating security policies and procedures
• Adapting security policies to the specific risks and requirements of the products
• Ensuring the technical implementation of security policies in the systems
• Participating in risk assessments in the field of information security
• Identifying and mitigating potential threats to product security

• University degree (FH/Uni) in security, computer science or a comparable qualification
• Solid knowledge and experience in all operational and technical topics of information security, including good knowledge of relevant InfoSec standards (ISO 2700x, NIST, CIS, basic protection, etc.)
• Professional experience in the development of security solutions and/or further training in the field of information security (CISM, CISSP, etc.)
• Knowledge of the architecture and design of security systems, security protocols, and cryptography
• Knowledge in the area of firewall, vulnerability management, IDS, security monitoring
• Knowledge in network architecture and software development is an advantage
• Practical experience in the technical implementation of security tools and processes
• Quick comprehension, independent working style, and strong team spirit
• Team player who takes on challenges, coordinates them, and accompanies them to completion
• Oral and written communication skills in German and English, French is a plus

"Nerd" is not an insult but a status symbol? You understand more about computers and networks than Bill Gates? Then we want you on our team. In the IT department of RUAG, you have the opportunity to cover the entire ICT landscape from development to maintenance and contribute your expertise to the security of Switzerland.

• University degree (FH/Uni) in security, computer science or a comparable qualification
• Solid knowledge and experience in all operational and technical topics of information security, including good knowledge of relevant InfoSec standards (ISO 2700x, NIST, CIS, basic protection, etc.)
• Professional experience in the development of security solutions and/or further training in the field of information security (CISM, CISSP, etc.)
• Knowledge of the architecture and design of security systems, security protocols, and cryptography
• Knowledge in the area of firewall, vulnerability management, IDS, security monitoring
• Knowledge in network architecture and software development is an advantage
• Practical experience in the technical implementation of security tools and processes
• Quick comprehension, independent working style, and strong team spirit
• Team player who takes on challenges, coordinates them, and accompanies them to completion
• Oral and written communication skills in German and English, French is a plus

• Developing security concepts and guidelines as a basis for project implementations as well as security-relevant specifications regarding software and hardware architectures
• Assessing architectures and solutions regarding their impact on security and compliance
• Leading internal projects on the topic of security architecture
• Supporting risk analyses in collaboration with ICT Information Security Management and ensuring the interface to the CISO organization of RUAG MRO Holding AG
• Providing technical and regulatory advice for operational teams
• Regularly reviewing and updating security policies and procedures
• Adapting security policies to the specific risks and requirements of the products
• Ensuring the technical implementation of security policies in the systems
• Participating in risk assessments in the field of information security
• Identifying and mitigating potential threats to product security