PWe are expanding our Global Corporate Information Security Team and looking forward new colleagues and leaders joining us in Bulle (FR) Switzerland, we are looking for a Head of Application Security reporting to Head of Digital Security. The scope of duties includes the following: /p ppbResponsibilities: /b /p /p pOversees the security of applications and software development processes to protect applications from vulnerabilities and attacks, leads global application security strategy for IT, OT and Product Security, as well as Global Leadership of Application Security Team, Products and Services. /p liDevelop and implement application ( systems) security policies and standards. /li liDrive DevSecOps, Secure coding Practices, Security Testing and Compliance. /li liCollaborate with IT, IS and development teams to secure the software development lifecycle (SDLC). /li liOversee integration of security controls in the design, development, and deployment of applications. /li liLead regular code reviews, penetration tests, and vulnerability assessments to identify potential risks. /li liCollaborate with development, QA, and DevOps teams to embed security into agile development practices. /li liManage the selection and deployment of security testing tools and frameworks for application validation. /li liEnsure compliance with industry standards and regulations related to application security. /li liProvide training and guidance on secure development practices and emerging application threats. /li ppbCompetencies: /b /p /p liBachelor’s/Master’s in Cybersecurity, Computer Science, or related field. /li li5+ years in cybersecurity and 3+ years in a leadership role. /li liFollowing certificates are preferred; CISSP or CISM as well as Cloud certifications (AWS, Azure, or GCP). /li liEnglish is a Must, German and French are a plus. /li liGood understanding of cybersecurity frameworks and standards (ISO 27001, NIST) /li liDeep understanding of application security concepts and principles /li liKnowledge of application security tools and techniques (e.g., vulnerability scanners, code analysis tools) /li liExpertise in secure coding practices and methodologies /li liOWASP framework, defensible architectures, defense in depth. /li liAbility to communicate technical concepts to non-technical audiences /li liAbility to manage and collaborate with stakeholders /li liProject management /li liReadiness for global travel /li ppbOur offer: /b /p /p pWe offer you a secure job, progressive and family-friendly employment conditions such as flexible working hours, hybrid working and opportunities for further training /p