Information Security Officer

At Trifork Switzerland, we are looking for an ambitious, proactive and persuasive Information Security Officer who wants to take full ownership of our ISMS and systematically expand and elevate it to the next level.

You will operate as the formal Information Security Officer within our Swiss business unit, driving governance, compliance, and security awareness across the organization. While our ISMS is already ISO 27001 certified, there is significant opportunity to further professionalize processes, mature controls, and continuously strengthen our overall security posture.

In addition to owning our ISO 27001-certified ISMS, you will act as Security & Data Protection Agent for the business unit and ensure that incident and change management processes are structured, compliant, and continuously improved.

You will work closely with management, engineering teams, and colleagues in Switzerland, Denmark, and Spain. In addition to owning and advancing our ISMS, you may contribute to selected customer projects.

This is not a back-office compliance role - it is a position for someone who wants to actively shape how security works in an agile, engineering-driven organization.

Do you have experience in Financial auditing?, Do you have a Master's degree?, You are a proactive and persuasive Information Security professional who wants to take real ownership of an ISO 27001-certified ISMS and systematically evolve it further. You think in structures, processes, and risks - but you also understand the dynamics of an agile, engineering-driven organization. You are confident enough to enforce policies where necessary and pragmatic enough to implement them in a way that works in practice.

You bring a Bachelor's or Master's degree in Information Security, Computer Science, or a related field, along with hands-on experience in governance, risk, and compliance. You have a solid understanding of ISO 27001 and practical exposure to risk assessments, policy development, audit preparation, and compliance monitoring. Experience in regulated industries and familiarity with modern cloud environments are strong assets. Certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, or ITIL are a plus - or you are motivated to achieve them with our support.

You enjoy building and refining structures, strengthening controls, and driving continuous improvement rather than merely maintaining the status quo. You take pride in clear documentation, transparent processes, and measurable progress in security maturity. Promoting awareness and helping colleagues understand their role in information security is something you value.

You take responsibility for driving topics forward independently and ensuring that security standards are consistently applied. You are comfortable addressing gaps, challenging stakeholders constructively, and aligning different interests toward a compliant and sustainable solution.

You like working in a collaborative, cross-functional environment with flat hierarchies and high ownership. You appreciate direct communication, knowledge sharing, and a culture where initiative is welcomed.

You speak fluent English; German is a strong advantage in the Swiss context.

What we look for

We're looking for someone who takes ownership of our ISO 27001-certified ISMS and drives its continuous evolution in a pragmatic, engineering-focused environment.

You bring:

• 2-5 years of experience in information security, governance, risk, and compliance
• Practical experience working with ISO 27001 and operating or supporting an ISMS
• Hands-on involvement in risk assessments, policy development, and audit preparation
• A solid understanding of security controls in cloud-based and software-driven environments
• Experience or strong understanding of incident and change management processes
• A Bachelor's or Master's degree in Information Security, Computer Science, or a related field
• Professional fluency in English

Additionally, you bring either, some or all of the following:

• Experience in regulated industries (e.g., healthcare, finance, aviation, public sector)
• Certifications such as ISO 27001 Lead Implementer/Auditor, CISSP, CISM, or ITIL
• ITIL knowledge or certification
• Exposure to Azure, Kubernetes, or DevOps environments
• German language skills

You stand out with:

• A proactive and improvement-driven mindset
• The confidence to enforce policies and address compliance gaps constructively
• A structured, detail-oriented working style combined with clear and persuasive communication

At Trifork we love people who love what they do. If you are passionate about technology, you will feel right at home. We are a team of more than 1200 dedicated people located primarily across Europe. Though it may sound big, we usually say that we are big in a small way. We organise in smaller business units (teal structure), meaning that you will be part of a small and personal team located in Switzerland. Our ambition is to change the world with software and create solutions that make life easier for the users. Trifork is a preferred and trusted partner in industries such as digital health care, aviation, communication services, with an ever-burning passion for innovating, building, and running digital solutions that create value for our customers. We thrive in an open and honest atmosphere, where collaboration, knowledge sharing, and professional growth are key. Our agile, cross-functional teams work closely with customers. Beyond work, we value our community-whether it's sharing ideas over after-work drinks, celebrating milestones at team events, or enjoying time together at barbecues. We create an environment where everyone feels valued and included. At Trifork, we create, learn, and grow-together., At Trifork, you'll work closely with the Group CISO, management, and the lead developers of our software engineering teams - shaping how security is embedded into our daily operations and projects, and making a visible, lasting impact on how we protect sensitive systems in highly regulated industries.