Jobs

Short Description   Purpose of the Role: This combined role covers both strategic information security leadership and operational IT security management. As Information Security Responsible (ISR), the position holder defines the security strategy, owns governance and risk oversight, and ensures compliance with agreed information security requirements at an executive level comparable to a CISO function. As IT Security Manager, the position holder translates this strategy into effective structures, processes, controls, and operational security practices in close collaboration with the Head of Infrastructure, Head of IT, the IT Management Team, and relevant stakeholders.   Reporting line: Direct report to Head of IT, line to CEO in case of conflicts of interest in relation to the role of Information Security Responsible   Place of work: Davos, 3 days per week in office Main Responsibilities   Strategic security leadership and governance: Define, align, and maintain the information security strategy, policies, standards, ISMS, and governance model in line with organizational objectives, regulatory requirements, and stakeholder expectations. Risk, compliance, and control oversight: Identify, assess, and manage information security risks; ensure agreed security controls are implemented, monitored, audited, and continuously improved. Security operations and incident management: Lead and coordinate cyber security operations, incident response, threat analysis, threat hunting, remediation activities, lessons learned, and operational security reporting. Security architecture and technical control management: Oversee secure configuration, hardening, patch management, monitoring, and security architecture in collaboration with IT leadership, infrastructure, enterprise architecture, and operational IT teams. Business continuity, crisis, and stakeholder communication: Contribute to business continuity and crisis management for IT security matters, including preparation, testing, communication, post-incident reviews, and management reporting. Awareness, training, and collaboration: Promote security awareness and training in coordination with HR and management, and ensure effective collaboration across IT, business stakeholders, governance bodies, and external partners. Vendor management and budget responsibility: Support IT partner and third-party security management, contribute to vendor security assessments, and develop, monitor, and report on the central IT security budget.

Short Description   The ServiceNow ITSM Product Owner is responsible for the end to end ownership, implementation, and continuous improvement of the ServiceNow IT Service Management (ITSM) platform at the AO foundation. The role ensures that ServiceNow delivers measurable business value, aligns with IT strategy, and supports efficient, standardized, and user centric IT service processes. This role combines the implementation of ITSM processes and ServiceNow platform across AO with an external partner.  product ownership, process design, working closely with IT teams, business stakeholders, and external partners. Main Responsibilities Key Responsibilities Lead the implementation and rollout of ServiceNow ITSM modules (e.g. Incident, Problem, Change, Request, CMDB) at AO Foundation Drive process standardization and automation aligned with ITIL best practices Ensure high-quality configuration, integration, and data integrity Oversee platform enhancements, upgrades, and releases   Stakeholder & Vendor Management Collaborate with IT operations, service owners, and business stakeholders Manage and steer implementation partners and ServiceNow vendors Facilitate workshops, demos, and training sessions Act as the bridge between business needs and technical execution Product Ownership & Strategy Own the ServiceNow ITSM product vision, roadmap, and backlog Translate business and IT requirements into clear user stories and priorities Ensure alignment with IT strategy, governance, and Target Operating Model Act as the single point of accountability for ITSM platform decisions Governance, Quality & Adoption Define and enforce platform governance, standards, and documentation Ensure compliance with security, data protection, and audit requirements Monitor KPIs, SLAs, and user satisfaction Drive user adoption and continuous improvement