Related skills
iso 27001 siem dsr soc 2 ropaπ Description
- Own and run the information security and compliance program end-to-end.
- Maintain ROPA and ensure GDPR, FADP, CCPA compliance.
- Manage DSR workflows and data lifecycle retention.
- Govern vendor risk; maintain DPAs and SCCs.
- Lead TOMs, security controls, and testing programs.
- Prepare for audits and regulatory readiness (ISO 27001/SOC 2).
π― Requirements
Must-Have
- 3β5+ years in information security, data protection, or compliance in B2B SaaS.
- Hands-on GDPR and Swiss FADP, including ROPA, DPAs, DSR, SCCs.
- Familiarity with ISO 27001 and SOC 2 controls.
- Build and maintain a risk register and drive mitigations.
- Strong written and verbal English; German a plus.
- Independent, pragmatic, able to work in a small team.
Nice-to-Have
- OSS license compliance experience (SBOM, license scanning).
- Exposure to AI Act, DORA, or NIS2 requirements.
- Background in software development or CI/CD.
π Benefits
- 30 vacation days per year.
- Flexible working hours.
- Sabbatical after 2 years.
- 16 weeks parental leave at 100% salary.
- Zurich office is pet-friendly.
- Well-being budget up to 2,000 CHF/year.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to All Other Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!