Share this Job




We drive the transformation of the financial markets. That’s why we invest in bright minds, in their ideas, knowledge and development. We do that by combining our best sides.


If you would like to find out why stability makes us so agile, why experience makes us so curious and why empathy makes us so impactful, apply now for the position of



 Senior Cyber Defense Officer (80-100%)

Zurich, Madrid | working from home up to 60% | Reference 3967



Are you passionate about building a self-organizing team who is pushing security forward? Do you want to actively contribute to shaping an agile environment where collaboration, trust, innovation and continuous improvement are paramount? We are a team of highly qualified experts who take on responsible challenges in the financial sector in order to enrich life with valuable services. And we all love what we do. If you would like to contribute your talents in a meaningful way, come and join us. 


The SIX Security Monitoring & Incident Response (SMIR) is the central incident response team for the SIX Group. The team is part of the Cyber Security organization within IT and as such is tasked with the core mission to provide information, guidance and assistance to reduce the risks of information security incidents as well as leading the response to such incidents in a professional, effective and timely manner when they occur. 



What You Will Do 

  • actively participate in security monitoring and incident response activities including the IR rotation & 24x7 on-call (approx. 6 weeks / year)
  • perform technical analyses & forensic investigations (live forensics) 
  • guide & help mature the incident response process based on your experience
  • help in design, develop & write playbooks as well as integrations with other tools in collaboration with other team members
  • effectively translate technical security concepts into a language understandable for non-technical colleagues & collaborate closely with colleagues on the IT & risk side to help accurately describe & propose solutions to security-related risks as well as to gain transparency into the state of security within SIX

What You Bring 

  • 3+ years of active incident response experience in a dedicated position
  • in-depth knowledge of on-prem / cloud-based environments and associated practical forensic artifacts & familiarity of key network protocols and understanding of network detection concepts
  • talent for understanding & communicating highly technical concepts into a language understandable by a non-technical audience
  • fluency in English (written and verbal), German and/or Spanish is a plus

If you have any questions, please call Alisha Thoma at +41 58 399 53 34.


For this vacancy we only accept direct applications.


Diversity is important to us. Therefore, we are looking to receiving applications regardless of any personal background. 

What We Offer

Flexible Work Models
We trust our employees and offer a work environment that is well-balanced, productive and fosters success. 

Personal Development
You will benefit from a culture of continuous learning and feedback. Your personal growth is supported through an extensive learning offering.

Agile Working Methods 
Whether through scrum or design thinking,
we solve exciting tasks together in teams.