Cyber and Information Security Operational Risk Manager
Digital, Information Technology (IT), Risk
Job Reference #
Are you a shrewd evaluator of risk? Do you know how make the right call in challenging situations? We’re looking for someone like you who can provide Cyber and Information Security Operational Risk Management-related services and support as part of the Risk team for CISO:
– Support the Head Cyber & Information Security Risk, create senior management presentations and represent CISO in risk management meetings
– drive the execution of the F2B Risk Framework across UBS CISO, including:
– execution of the annual Risk and Control Self-Assessment (RCSA), including establishing and monitoring effective controls within an agreed risk appetite
– support CISO in their Key Procedural Control Assessment Process
– provide transparent risk reporting to management, regulators and other internal units
– identify risk areas in existing processes and support management and the CISO organization in the definition and execution of mitigation plans
– coordinate / perform internal risk assessments and risk reviews including ORI reviews to ensure sustainable remediation of issues
– Pro-active engage with business stakeholders for the assigned portfolio for the identification and escalation of risks
– serve as "Task Champion" for the Operational Risk Framework
– develop metrics to evaluate and mitigate risk
– support ad-hoc cyber and information security risk mitigation initiatives
You’ll be working in the Risk team of the Chief Information Security Office (CISO). CISO is part of the Chief Digital and Information Office of UBS. The CISO is the single point of contact and recognized subject matter expert for all matters related to Cyber and Information Security and Data Protection. We are accountable for
- identifying major risks related to cyber, data confidentiality and protection of UBS' assets, taking into account laws, rules and regulations
- Reporting Cyber and Information Security risks to Senior Management and the business, together with proposed remediation activities
- Reducing risk exposure by implementing – in collaboration with business – Cyber Information Security capabilities and risk remediation programs.
– a university degree
– experience with general risk management, including control frameworks
– analytical skills with an affinity to security topics
– very good verbal and written communication and the ability to interact comfortable with individuals at all levels
– desirable expertise in cyber and information security risk management
– reliable when working independently, with sound judgment for when to escalate issues
– quickly adaptable to changing situations, technology and business needs (you’re smart and flexible)
– an excellent communicator, with persuasive presentation skills
– fluent in English, spoken and written
Expert advice. Wealth management. Investment banking. Asset management. Retail banking in Switzerland. And all the support functions. That's what we do. And we do it for private and institutional clients as well as corporations around the world.
We are about 60,000 employees in all major financial centers, in more than 50 countries. Do you want to be one of us?
We're a truly global, collaborative and friendly group of people. Having a diverse, inclusive and respectful workplace is important to us. And we support your career development, internal mobility and work-life balance. If this sounds interesting, apply now.
Disclaimer / Policy Statements
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
You are kindly requested to include the following clause in your application: "Wyrażam zgodę na przetwarzanie moich danych osobowych zawartych w ofercie pracy dla potrzeb procesu rekrutacji zgodnie z ustawą z dnia 27.08.1997r. Dz. U. z 2002 r., Nr 101, poz. 923 ze zm."