About Us

Threema is the world’s best-selling secure messenger for both private users and businesses. Since 2012, we have been relentlessly committed to ensuring that our users can communicate without worrying about their privacy. Our growing user base includes millions of private customers and thousands of companies and organisations from all over the world.

Your Tasks

Threema is a company that not only promises security and data protection in its advertising, but also lives up to these promises. This is also reflected in our successful product. However, with our strong growth from a small to a medium-sized company, it has become necessary to formalize many internal processes. We are therefore looking for a dedicated person who can take care of these tasks and who has the necessary experience to do so.

As the future CISO at Threema, you will be responsible for internal IT security. The role reports directly to the CTO. Your responsibilities will include:

• Developing a company-wide security strategy

• Establishing an information security management system (ISMS)

• Developing and enforcing security policies

• Conducting risk assessments and business impact analyses

• Developing incident response and disaster recovery plans

• Supporting certification processes

• Ensuring compliance with data protection regulations in cooperation with our legal counsel

• Raising employee awareness of information security issues

• Continuously analyzing and optimizing information security within the company

• Working closely with the CTO and the operations team

We are looking for someone who takes a practical approach to these issues and has a hands-on mentality. We want to continue to live security, not just regulate it, and prefer technical measures over organizational measures wherever possible.

Your Skills

Our IT environment is not typical of a classic Swiss SME with Microsoft technologies and many cloud services. Instead, we rely on macOS and Linux, use open-source services where appropriate and possible, and operate most of the services we use on-premises. We are looking for someone who likes to get involved and can also help with the management and implementation of projects.

Ideally, you will have the following:

• A degree in computer science or comparable training

• At least five years of relevant work experience as a CISO or in similar positions

• In-depth knowledge of network security, application security, and data loss prevention

• Experience with common security technologies (firewalls, intrusion detection/prevention, SIEM so-lutions, endpoint protection, MDM systems, vulnerability scanners, etc.)

• Knowledge of conducting penetration tests and security audits

• Familiarity with common security frameworks and standards (ISO27k, NIST, CIS, SOC 2)

• Experience with open source technologies

• Strong sense of responsibility, precise working style

• Positive mindset with enthusiasm for information security and privacy issues

• Good written and spoken German and English

What We Offer

Working Environment

• A young, motivated team (±60 employees) with uncomplicated communication

• Work-life balance: flexible working hours, option to work from home on up to two days per week, up to two workation weeks per year

Benefits

• Free budget for computer/workstation (macOS or Linux)

• Public transport discount or parking space

• Electric car charging facility

• Free use of the company’s own fitness room incl. fitness trainer once a month

• Ping pong table

• Professional massage once a month

• Portafilter machine with free coffee from a local roastery

• Regular company events and after-work drinks