Skip to sign up

Job matched to your search

Information Security Responsible / IT Security Manager (ID2116)

AO Foundation · Davos Platz, GR, CH

Davos Platz, GR, CH · On-siteFull-TimePosted Jun 25, 2026

Free · Join 5,000+ job seekers using Qarera

How well do you match this role?

Tap the skills you already have — then see your real match score, what’s missing, and your resume fixed for this job.

↑ tap the skills you have
Loading sign-in…
Free · no credit card · 30 seconds

Job description

The AO is a medically guided, not-for-profit organization, a global network of surgeons, and the world's leading education, innovation, and research organization specializing in the surgical treatment of trauma and musculoskeletal disorders. We are home to people from all over the world, from different backgrounds, with diverse talents and specialist areas. What binds us together is our passion for excellence, our dedication to our mission of improving patient care, and our understanding that we are stronger together: we are one AO.

As part of the AO’s support units, our IT department offers information technology services to maintain and oversee computer infrastructure across the AO Foundation.

Employment type / Anstellungsverhältnis: Permanent Workload percentage / Pensum: 100% **Location / Standort:**Davos Platz, CH Experience level / gewünschtes Erfahrungsniveau: Management position Application language / Bewerbungssprache: English or German Short Description

Purpose of the Role:

This combined role covers both strategic information security leadership and operational IT security management. As Information Security Responsible (ISR), the position holder defines the security strategy, owns governance and risk oversight, and ensures compliance with agreed information security requirements at an executive level comparable to a CISO function. As IT Security Manager, the position holder translates this strategy into effective structures, processes, controls, and operational security practices in close collaboration with the Head of Infrastructure, Head of IT, the IT Management Team, and relevant stakeholders.

Reporting line: Direct report to Head of IT, line to CEO in case of conflicts of interest in relation to the role of Information Security Responsible

Place of work: Davos, 3 days per week in officeMain Responsibilities

  • Strategic security leadership and governance: Define, align, and maintain the information security strategy, policies, standards, ISMS, and governance model in line with organizational objectives, regulatory requirements, and stakeholder expectations.
  • Risk, compliance, and control oversight: Identify, assess, and manage information security risks; ensure agreed security controls are implemented, monitored, audited, and continuously improved.
  • Security operations and incident management: Lead and coordinate cyber security operations, incident response, threat analysis, threat hunting, remediation activities, lessons learned, and operational security reporting.
  • Security architecture and technical control management: Oversee secure configuration, hardening, patch management, monitoring, and security architecture in collaboration with IT leadership, infrastructure, enterprise architecture, and operational IT teams.
  • Business continuity, crisis, and stakeholder communication: Contribute to business continuity and crisis management for IT security matters, including preparation, testing, communication, post-incident reviews, and management reporting.
  • Awareness, training, and collaboration: Promote security awareness and training in coordination with HR and management, and ensure effective collaboration across IT, business stakeholders, governance bodies, and external partners.
  • Vendor management and budget responsibility: Support IT partner and third-party security management, contribute to vendor security assessments, and develop, monitor, and report on the central IT security budget. Main Requirements

Core Skills / Competencies:

  • Executive-level information security leadership with the ability to act as knowledge owner, advisor, and thought leader for security governance, risk, and compliance.
  • Strong technical cyber security expertise across security frameworks, security architecture, network security, identity and access management, monitoring, encryption, vulnerability management, and threat detection.
  • Proven capability in risk asses

Don’t just read the job — see if you’ll get it.

Get your match score, a resume tailored to this exact role, and jobs like it — free.

Check my fit for this job
Loading sign-in…
Apply →