Information Security Analyst

• Maintain the ISMS, risk register, controls, and policies.
• Lead risk assessments, control testing, corrective actions, and reviews.

Security Operations

• Coordinate with outsourced SOC/CISO for effective monitoring and incident response.
• Run tabletop exercises, post-incident reviews, and maintain the IR plan.

Platform Security (Microsoft)

• Operate and improve security across Defender, Entra ID, Intune, Purview, Sentinel, and M365.
• Manage conditional access, MFA, PIM, endpoint baselines, and secure configurations.
• Run a risk-based vulnerability and patch program and track remediation with providers.

Third-Party Risk & Data Protection

• Lead vendor due diligence, DPAs, and ongoing monitoring aligned to outsourcing procedures.
• Implement data classification, retention, and DLP; support privacy-by-design and coordinate with external DPO

Audit, Compliance, Training & Reporting

• Support audits and regulatory reviews; deliver security awareness training and simulation campaigns.
• Maintain evidence, procedures, runbooks, and monthly security dashboards.

Do you have experience in PowerShell?, * 5+ years in information security.

• Experience running an ISMS (aligned with ISO/IEC 27001), including risk & controls management.
• Incident response coordination and BCP/DR familiarity.
• Exposure to regulated environments (financial services preferred) and vendor assurance.
• Strong written/spoken English; German is a plus.
• Hands on with Microsoft 365 (E5)/Azure security stack: Entra ID (CA, PIM), Intune, Defender, Purview, Sentinel.
• ISO 27001 Lead Implementer/Lead Auditor, CISM, CISSP, CCSK/CCSP, Microsoft Security certs (SC-200/300/400, AZ-500).
• Experience with DORA, FINMA requirements, and CSSF guidelines for AIFMs.
• Exposure to SOC 2, NIST CSF, or CIS Controls.
• Practical knowledge of privacy (GDPR), working with a DPO.
• Scripting/automation (PowerShell, KQL, Graph API) for policy enforcement and evidence collection.
• Familiarity with Snowflake and data platform controls (row-level security, key management).

We offer an exciting position at Energy Infrastructure Partners (EIP), an investment boutique specialized in private equity investments in the energy infrastructure sector, from wind farms to electricity grids. EIP is growing rapidly and looking for new talent to support with expanding its focus to global investment activities. With EIP you will enjoy working in an empowering environment based on the latest available technology.