Generali Personenversicherungen AG
Cyber Resilience & Third-Party Security
📍 8134 Adliswil
Role and responsibilities
Lead and continuously improve the Business Continuity and Disaster Recovery framework, including BIA, BCP/DRP, and alignment with IT recovery capabilities (RTO, RPO). Plan and execute crisis simulations, resilience testing, and recovery exercises, ensuring continuous improvement and remediation tracking. Support integration of incident response, cyber crisis management, and business continuity processes. Perform third-party security risk assessments, monitor vendor risk posture, and support secure onboarding and contract reviews. Collaborate with stakeholders (business, IT, procurement, legal) and support governance, reporting, and audit activities related to resilience and risk.
Team / description
We are looking for a driven Cyber Resilience & Third-Party Security professional to strengthen our ability to anticipate, withstand, and recover from disruptions while managing cyber risk across our ecosystem. In this hands-on role, you will enhance Business Continuity and Disaster Recovery capabilities and ensure robust oversight of third-party risks-helping the organization operate securely and confidently in a rapidly evolving threat landscape.
Qualifications and Skills
7+ years of experience in cyber security with strong focus on Business Continuity and Disaster Recovery (exposure to cyber incident response integration is a nice to have).
Proven hands-on experience building and managing BCM and DR frameworks in enterprise environments (on-premises and cloud) (financial sector experience is a nice to have).
Solid understanding of BIA, crisis management, IT disaster recovery strategies, and resilience metrics (RTO, RPO, MTPD) (familiarity with cloud resilience considerations is a nice to have).
Experience with third-party/vendor security assessments and risk management (knowledge of outsourcing and third-party regulatory expectations is a nice to have).
Familiarity with frameworks such as ISO 22301, ISO 27001, NIST, combined with strong coordination and communication skills (experience supporting audits or regulatory reviews is a nice to have).