Summary
Location
Zurich
Type
full-time
Are you the employer? Manage your company page directly.
About this role
Your area of responsibility
Information Security
- Maintain the ISMS, risk register, controls, and policies.
- Lead risk assessments, control testing, corrective actions, and reviews.
- Coordinate with outsourced SOC/CISO for effective monitoring and incident response.
- Run tabletop exercises, post‑incident reviews, and maintain the IR plan.
- Operate and improve security across Defender, Entra ID, Intune, Purview, Sentinel, and M365.
- Manage conditional access, MFA, PIM, endpoint baselines, and secure configurations.
- Run a risk‑based vulnerability and patch program and track remediation with providers.
- Lead vendor due diligence, DPAs, and ongoing monitoring aligned to outsourcing procedures.
- Implement data classification, retention, and DLP; support privacy‑by‑design and coordinate with external DPO
- Support audits and regulatory reviews; deliver security awareness training and simulation campaigns.
- Maintain evidence, procedures, runbooks, and monthly security dashboards.
Your skills and experience
- 5+ years in information security.
- Experience running an ISMS (aligned with ISO/IEC 27001), including risk & controls management.
- Incident response coordination and BCP/DR familiarity.
- Exposure to regulated environments (financial services preferred) and vendor assurance.
- Strong written/spoken English; German is a plus.
- Hands on with Microsoft 365 (E5)/Azure security stack: Entra ID (CA, PIM), Intune, Defender, Purview, Sentinel.
- ISO 27001 Lead Implementer/Lead Auditor, CISM, CISSP, CCSK/CCSP, Microsoft Security certs (SC‑200/300/400, AZ‑500).
- Experience with DORA, FINMA requirements, and CSSF guidelines for AIFMs.
- Exposure to SOC 2, NIST CSF, or CIS Controls.
- Practical knowledge of privacy (GDPR), working with a DPO.
- Scripting/automation (PowerShell, KQL, Graph API) for policy enforcement and evidence collection.
- Familiarity with Snowflake and data platform controls (row-level security, key management).
What we offer
You will shape the future of our information security, work on innovative projects in a small team in a dynamic environment. We provide professional development opportunities, including training and certification of technical skills, and a hybrid work environment.
Contact
How to apply
If you are ready to make a significant impact in the energy infrastructure sector and grow your career with EIP, we encourage you to apply. Join us in shaping the future of energy investments.
Click “apply for this position” below to start the application process.
Please note that we do not accept any application documents via (e-)mail (including direct applications via LinkedIn or similar platforms) due to our data protection guidelines. Only applications submitted via our job platform will be considered.
Other facts
About Energy Infrastructure Partners AG
A leading investor in the global energy transition, Energy Infrastructure Partners manages assets for institutional investors. With more than a decade of experience and three fund generations, we offer investors long-term returns and the chance to make tangible contributions to the energy transition through private equity investments.
What you'll do
- The Information Security Analyst will maintain the ISMS, lead risk assessments, and coordinate with outsourced SOC/CISO for incident response. They will also manage security across Microsoft platforms and lead vendor due diligence and data protection efforts.
Join Clera's Talent Pool
Get matched with similar opportunities at top startups
This role is hosted on Energy Infrastructure Partners AG's careers site.
Join our talent pool first to get notified about similar roles that match your profile.