
Olten - 80-100% | Permanent
The Information Security Lead – Governance & CISO Office plays a central role in Alpiq’s cybersecurity strategy by leading governance, ensuring regulatory readiness, and driving ISMS maturity. Reporting directly to the CISO, this role combines strategic alignment with hands-on delivery. Key responsibilities include completing and maintaining the ISMS, conducting NIS2 readiness assessments across Alpiq locations, and acting as the information security SPOC for projects and new applications. The role ensures that security policies, standards, and frameworks are effectively implemented across all business units, enabling Alpiq to balance compliance, operational resilience, and innovation.
Your main responsibilities
- Develop, operationalise, and maintain Alpiq’s information security governance framework, aligned with ISO 27001, NIS2, GDPR, and NIST CSF
- Complete and maintain the Information Security Management System (ISMS), ensuring certification readiness and continuous improvement
- Conduct NIS2 governance and compliance assessments at Alpiq sites (~20% travel)
- Act as the InfoSec SPOC for business and IT projects, embedding security, and assessing new applications and technology for security posture, compliance, and governance alignment
- Define, update, and enforce security policies, directives, and standards; ensure traceability and consistent implementation across the organisation
- Coordinate cross-functional security alignment with IT, Risk, Compliance, and Business stakeholders and support regulatory audits and certification processes
- Plan and lead security tabletop exercises and strategic risk scenario planning with stakeholders and monitor remediation activities
Your profile
- Bachelor’s or Master’s degree in Information Security, Informatics, Computer Science, or related technical field
- 7+ years of experience in cybersecurity governance, compliance, or enterprise risk management
- Hands-on experience in security assessments of applications/projects, and acting as InfoSec/Security SPOC in delivery teams
- In-depth knowledge of ISO 27001, NIS2, GDPR, and NIST CSF frameworks, with proven track record in building governance models and implementing ISMS
- Strong leadership and coordination skills across functions and hierarchies
- Fluency in English required
- Nice to have: Familiarity with IT/OT security, audits, and certification readiness; certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or CGEIT
Your benefits
Competitive salary package
Market-oriented salary
Training and development
Diverse opportunities for career growth
Flexible work models
Various flexible work models
Inclusion is at the heart of Alpiq
At Alpiq, we are committed to creating an inclusive work environment, where everyone can bring their ‘whole selves’ to work and feel valued, respected, and heard. This principle is central to our company’s purpose, values, and leadership approach. We strongly believe that organizations thrive through the inclusion of diversity. Everyone’s energy matters regardless of characteristics, such as age, gender, nationality, language, sexual orientation and identity, religion, social or ethnic background or any other personal traits.
Data protection
At Alpiq, data privacy is an important topic. Please therefore take note of the corresponding Privacy Notice that appears in the online application form and explains in detail the purpose for which we process your personal data. It is of great concern to us to inform you as transparently as possible and process your data only in a fair manner.