Chief Information Security Officer

MISSION

The Chief Information Security Officer (CISO) will establish, lead, and continuously enhance the Group’s information security strategy. Based in Geneva, the CISO will be responsible for protecting digital assets, ensuring compliance with international regulations, and fostering a strong culture of cybersecurity throughout the organization. The role requires proven leadership, deep technical expertise, and the ability to influence and engage stakeholders at all levels.

MAIN ACTIVITIES AND RESPONSIBILITIES

Information Security Strategy & Governance

• Develop, implement, and maintain the global information security strategy and roadmap.
• Define, enforce, and update security policies, standards, and procedures.
• Provide regular reporting to the CEO, CIO, Executive Committee, and Board on cyber risks, threats, and resilience.

Risk Management & Compliance

• Oversee security risk assessments across trading, manufacturing, and corporate systems.
• Ensure compliance with FINMA, GDPR, EU cybersecurity directives, and other relevant regulations.
• Lead incident response, crisis management, and post-incident reviews.

Architecture, Technology & Operations

• Establish and maintain a security architecture aligned with business and IT strategies.
• Implement and manage security frameworks (e.g., ISO 27001, NIST).
• Oversee monitoring, threat detection, and prevention for cloud, network, and endpoint environments.
• Coordinate penetration testing, vulnerability management, and security audits.

Stakeholder Engagement & Leadership

• Collaborate with IT, Compliance, Risk, and Operations to embed security in business processes.
• Build and lead a cybersecurity function headquartered in Geneva, with global oversight of regional teams.
• Drive security awareness and training across the organization.

REQUIRED EDUCATION AND EXPERIENCE

• Master’s degree in Information Security, Computer Science, Engineering, or a related discipline.

• Professional certifications such as CISSP, CISM, or CISA.

• 15+ years of relevant experience in cybersecurity, including 5+ in a senior leadership role.

• Prior experience as CISO, Deputy CISO, or equivalent role in financial services, commodities, or manufacturing.

• Proven experience implementing enterprise security frameworks (ISO 27001, NIST CSF).

• Strong knowledge of cloud security, trading platforms, ERP systems, and OT/industrial IT environments.

• Experience in regulatory engagement and audits.

• Hands-on experience with incident response, security operations, and cyber defense technologies

QUALIFICATIONS AND SKILLS

• Excellent stakeholder management and communication skills, with the ability to brief C-level and Board.

• Strong leadership, people management, and team-building capabilities in a global environment.

• Strong track record of managing security operations across multiple geographies

• Resistance to stress and time-pressure;

• Excellent interpersonal skills and customer orientation;

• Agile and flexible mindset, reactive to requests;

• Excellent organizational skills and attention to detail;

• Ability to interact with colleagues of diverse cultures; respect for diversity;

• Full professional proficiency in the Windows environment is expected;

• Full professional proficiency in spoken and written English and French is required; knowledge of other languages is an asset.

• Swiss national, EU national, or holder of a valid Swiss work permit.