Head of IT Security Operations & Controls (80-100%)

Wer sich für eine Karriere bei Lombard Odier entscheidet, ist für einen renommierten, globalen Vermögensverwalter und Asset Manager tätig, der sich auf nachhaltige Investitionen fokussiert. Wir sind eine unabhängige und innovative Bank erster Wahl für private und institutionelle Kunden. Unsere Gruppe ist eine der bestkapitalisierten weltweit. Wir verwalten rund CHF 300 Milliarden und sind auf vier Kontinenten von über 25 Niederlassungen aus tätig.

Mit unserer über 225-jährigen Geschichte sind wir ein Investmenthaus mit umfassendem Angebot an diskretionärer und beratender Portfolioverwaltung sowie Finanzdienstleistungen. Unsere hochmoderne Technologie-Plattform vermarkten wir auch erfolgreich an andere Finanzinstitute. Über Lombard Odier Investment Managers bieten wir Vermögensverwaltungsdienstleistungen und Anlagestrategien an.

"Rethink Everything" ist unsere Philosophie – sie steht im Zentrum unseres Handelns. Wir sind durch mehr als 40 Finanzkrisen stärker geworden, indem wir die Welt um uns herum ständig neu gedacht haben. So bieten wir unseren Kundinnen und Kunden stets neue Anlageperspektiven.

Head of IT Security Operations & Controls (80-100%)

The CISO organization protects Lombard Odier and our Clients against the risk of data theft and business disruption due to cyber-attacks or malicious insiders. The team is composed of approx. 15 talented team members that cover all aspects of security for the Group.

Reporting to our Chief Information Security Officer, you will lead the bank’s Operational Security function - owning our SoC (analysts and engineering), incident response, and the effectiveness of our frontline security controls. Your mission is to maximize the safe use of our digital assets, protect customers information, and keep the business fast, compliant, and resilient.

YOUR ROLE

• Manage a team of approx. 4 individuals: hiring, coaching, and creating an environment where people do the best work of their careers.

• SoC leadership & incident response: Run day‑to‑day SoC operations, elevate detection & response maturity, and lead major incident command calmly under pressure. Ensure investigations are rigorous, evidence‑based, and drive tactical fixes as well as strategic improvements.

• Strategy & modernization: Define and execute the SoC strategy for the next 2–3 years, including pragmatic adoption of cloud and AI‑assisted threat detection, triage, and automation (SOAR).

• Security control operations: Own the operating effectiveness of key controls (e.g., vulnerability management, baseline security, DLP). Ensure continuous control monitoring, coverage metrics, and clear KRIs/KPIs that matter to the business.

• Establish, own, and execute the bank’s penetration testing, red team, and purple team roadmap -coordinating internal capabilities and external partners to simulate realistic adversary behaviors and ensure continuous improvement of detection, response, and control effectiveness.

• Oversee the operational workflow of the security team, including triaging incoming support tickets, security requests, and operational tasks. Ensure efficient dispatching and prioritization of work across the CISO organization and maintain clear service‑level expectations with internal stakeholders.

• Enterprise & engineering integration: Partner closely with Architecture, Engineering, Infrastructure, IT Ops, and Developers to land controls and patterns that scale.

• Resilience & recovery: Strengthen incident readiness, tabletop exercises, and post‑incident “close‑call” learning to boost resilience and reduce repeat issues.

• Stakeholder trust: Engage customers, auditors, and internal leaders; translate risk into clear business context; advocate for secure‑by‑default choices.

YOUR PROFILE

• 10+ years in cybersecurity with direct leadership of SoC and Incident Response functions, including people leadership (hiring, coaching, performance).

• Demonstrated success running security operations in complex environments (on‑premise and cloud)

• Strong systems thinking; you connect detections, controls, processes, and behaviors into a coherent operating model with measurable outcomes (KRIs/KPIs and OKRs).

• Evidence of automation mindset (e.g., SOAR playbooks, detection‑as‑code, continuous control monitoring).

• Excellent communicator and partner to architecture, engineering, and infrastructure team.

• Calm and accountable during incidents.

• Resident in Switzerland or willingness to relocate

Nice‑to‑haves:

• Experience in a regulated industry (e.g., banking/financial services) and familiarity with audit/alignment frameworks (e.g., ISO 27001, NIST CSF, ISAE, data protection requirements).

• Track record introducing AI/ML or analytics to SoC workflows (e.g., assisted triage, enrichment, detection engineering).

• Customer‑facing or regulator engagement experience and security advocacy.

What makes you successful here:

• Mission‑centric, humble leadership that attracts talent and grows careers.

• Pragmatic risk management

• Comfortable operating in degrees of risk, not absolutes.

• Intellectual curiosity and bias for action; you improve processes, not just operate them.

TECHNICAL ENVIRONMENT

You don’t need all of these on day one—but you should be fluent in the landscape and know how to choose and operate the right tools at the right depth.

• SoC stack: SIEM, SOAR (automation/playbooks), EDR/XDR/NDR, threat intel platforms, sandboxing, case management

• Controls operations: Vulnerability scanning/management configuration baseline & hardening, DLP email security, web proxy, endpoint protection, PAM/IAM, secrets management.

• Cloud & data: logging, monitoring, and security services, CSPM, SSPM, container security, data security posture management.

• Engineering integration: CI/CD hooks for security tests, detection‑as‑code, infrastructure‑as‑code baselines, policy‑as‑code, ticketing & workflow.

• Risk & assurance: KRIs/KPIs dashboards, control coverage and effectiveness reporting, continuous control monitoring; support for audits/assessments.

Fünf Werte definieren die DNA unseres Hauses. Exzellenz motiviert uns, die Besten unseres Gebiets zu sein, und Innovation ermöglicht unseren Fortschritt. Respekt ist das Fundament unserer Interaktionen, und Integrität leitet unser Handeln. Gemeinsam sind wir One Team, das sich mit leidenschaftlichem Engagement in den Dienst unserer Kundinnen und Kunden stellt.

Wir fördern eine inklusive und integrative Arbeitsumgebung für unsere Mitarbeitenden. Vielfalt, Gleichberechtigung und Inklusion sind fest in unserem Unternehmensleitbild ‘La Maison’ verankert und wir sind bestrebt, dass unsere Mitarbeitenden sowohl ihre beruflichen als auch ihre persönlichen Ziele verwirklichen können. Wir fördern interne Karrierewege durch individualisierte und kompetenzbasierte Trainingsangebote. Wir sind fest davon überzeugt, dass der Aufbau vielfältiger Teams zu unserem nachhaltigen Erfolg beiträgt und daher Fundament unserer Unternehmensstrategie ist.

Es ist eine tolle Gelegenheit, um Teil des Teams zu werden. Alle Bewerbungen werden streng vertraulich behandelt.