SIB Swiss Institute of Bioinformatics is a non-profit organization federating 80 Swiss research and service groups of experts in bioinformatics. SIB's 800 scientists join forces to empower advances in life sciences and health by providing life scientists and clinicians with state-of-the-art bioinformatics resources, services, expertise, and training.

In the Romandie area, SIB operates a secure data processing platform for the biomedical research community. This platform also acts as one of the three nodes making up the national BioMedIT network, an environment in which scientists can safely conduct research involving human data from various trusted sources in Switzerland and beyond. The BioMedIT network is managed by SIB and supports the Swiss Personalized Health Network (SPHN) initiative. In this context, data protection, cyber security and trust are of utmost importance.

 Curious? Please click here to learn more about working at SIB.

In order to consolidate its IT security framework, SIB is looking for a Security Engineer.
Security Engineer

Employer

SIB Swiss Institute of Bioinformatics


Work Location

Lausanne, Switzerland


Employment fraction

100%


Type of contract

permanent

Role purpose

The Security Engineer establishes, develops, implements and monitors a comprehensive information security management system and performs IT risk management.

The Security Engineer is involved in all aspects of information and cyber security at SIB and closely collaborates with relevant teams active in information technology as well as data protection. The role includes a strong focus on hands-on security activities to monitor SIB’s critical IT infrastructure for sensitive data processing and covers as well as the policies and documentation of SIB’s data protection framework. Additionally, the Security Engineer has an important role in the BioMedIT network, a national project managed by SIB as part of the Swiss Personalized Health Network (SPHN). The position requires a strong collaborative work with the BioMedIT Nodes in Basel and Zurich.


Responsibilities

  • Perform security risk assessment, threat modeling, and handle practical aspects of information security topics, including but not limited to:
    • perform security scans and reviews of the different SIB-managed networks and systems;
    • implement regular penetration tests on BioMedIT infrastructures and SIB systems;
    • Manage and monitor network security aspects, firewall configurations and user activities;
    • assist software developers to apply secure programming methods.
  • Maintain and improve SIB’s global security strategy. Contribute to strategic SIB security policies, procedures, guidelines, and standards, disseminate them and oversee their implementations.
  • Actively collaborate with IT security specialists in the SPHN/BioMedIT network:
    • contribute to coordinated practical tests (e.g. penetration testing) and reporting;
    • participate in technical working groups defining and implementing common security guidelines.
  • Enhance processes to manage security issues and incidents.
  • Organize and teach security awareness trainings for the SIB employees and members.
  • Assist and advise relevant stakeholders (including partners institutions) on aspects of operational and strategic security issues.
Profile requirements
  • Degree in information technology, computer science, engineering or equivalent;
  • Industry recognized security qualifications such as CISM, CISSP, SABSA, SANS, COBIT, TOGAF or OSCP;
  • Sound knowledge and experience of security standards (such as ISO 27001/2 or NIST and OWASP TOP 10) in various contexts (e.g. application operation, software development);
  • Demonstrated track record as security professional with 3-5 years of experience in a similar position, preferably in biomedical research, healthcare or other regulated environment;
  • In-depth understanding of Linux security-related services (SSH, authentication (2FA), key management, VPNs, SELinux, logging, monitoring, auditing,..);
  • Good knowledge of Docker, Operating System hardening, firewalls, IDS/IPS, vulnerability assessment tools;
  • Experience in writing security related documentation; 
  • Experience in code review with respect to security aspects;
  • Excellent knowledge of computer networking;
  • Experience in data protection regulations (e.g. GDPR, Federal Act of Data Protection) an asset;
  • Very good command of English (written and spoken), French or German an asset.

The role is based in Lausanne and requires regular visits at SIB sites in Geneva, Basel and Zurich.
How to apply

Please send your complete application file to : Fanny Wenger - fwenger@brodardsearch.com

Brodard Executive Search, Rue du Mont-Blanc 16, 1201 Geneva

www.brodardsearch.com; Tel. 022 900 00 97