Information Security Lead (all) 80-100%

Your main responsibilities

• Develop, operationalise, and maintain Alpiq’s information security governance framework, aligned with ISO 27001, NIS2, GDPR, and NIST CSF
• Complete and maintain the Information Security Management System (ISMS), ensuring certification readiness and continuous improvement
• Conduct NIS2 governance and compliance assessments at Alpiq sites (~20% travel)
• Act as the InfoSec SPOC for business and IT projects, embedding security, and assessing new applications and technology for security posture, compliance, and governance alignment
• Define, update, and enforce security policies, directives, and standards; ensure traceability and consistent implementation across the organisation
• Coordinate cross-functional security alignment with IT, Risk, Compliance, and Business stakeholders and support regulatory audits and certification processes
• Plan and lead security tabletop exercises and strategic risk scenario planning with stakeholders and monitor remediation activities

Your profile

• Bachelor’s or Master’s degree in Information Security, Informatics, Computer Science, or related technical field
• 7+ years of experience in cybersecurity governance, compliance, or enterprise risk management
• Hands-on experience in security assessments of applications/projects, and acting as InfoSec/Security SPOC in delivery teams
• In-depth knowledge of ISO 27001, NIS2, GDPR, and NIST CSF frameworks, with proven track record in building governance models and implementing ISMS
• Strong leadership and coordination skills across functions and hierarchies
• Fluency in English required
• Nice to have: Familiarity with IT/OT security, audits, and certification readiness; certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or CGEIT