Deputy Head / Cyber and Information Security Technical Risk Assessor
Digital, Information Technology (IT), Risk
Job Reference #
Do you have a strong technical background? Do you have proven knowledge in the area of Cyber and Information Security? Do you have knowledge of Technology Risk Management?
We’re looking for a Senior Technical Risk Assessor/Deputy Head of Risk Assessments to join the Risk Assessments team within the Chief Information Security Office department of UBS to:
• Perform technical risk assessments in the area of Information and Cyber Security based on current cyber threat landscape.
• Perform deep dives and thematic reviews into bank’s Information and Cyber Security capabilities and services drawing conclusions on the overall risk posture of a specific security vertical.
• Proactively and constructively challenge the status quo identifying operational risks, proposing realistic remediation or improvement solutions while understanding potential tradeoffs and minimizing risks.
• Be the trusted technical partner for Information and Cyber Security stakeholders in a highly federated environment, being the advocate of the risk culture.
• Streamline and standardize the technical risk assessment process by facilitating reusability of information and knowledge accumulated over time in the team, thus being able to produce risk assessments quickly, in a fast pace environment.
• Interface with data analytics teams to integrate objective data analytics insights into the risk assessment process to produce high quality deliverables.
• Deputize for the Head of Risk Assessments while driving the growth strategy of the risk assessment team.
Your Career Comeback
We are open to applications from career returners. Find out more about our program on ubs.com/careercomeback.
You’ll be joining the Chief Information Security Office, specifically working in the Risk Assessments team. You’ll be working in Poland and will work on a range of topics related to Information and Cyber Security and technical risk management. We are the single point of contact and recognized subject matter expert for all matters related to Cyber and Information Security.
Substantial experience in technical risk management in Information and Cyber Security, with a focus on technologies and digital aspects, particularly:
• Degree in Computer Science, Computer Engineering, Electrical Engineering, Information Security or related discipline.
• Strong knowledge in multiple areas like network security, database security, cloud security, application security, infrastructure and system hardening, technical security controls implementation and ability to judge effectives of security control implementation against threats and risk scenarios.
• Strong technical expertise in one or more areas among Data Protection, Identity and Access Management and Cyber Security.
• Strong technical knowledge and passion for enabling technologies to operate securely (e.g. Cloud).
• Strong knowledge of both Information and Cyber Security risk management and control frameworks (e.g. ISO27001, NIST CSF) and operational threat management frameworks (e.g. MITRE ATT&CK)
• Exposure to technology and Information and Cyber Security regulatory requirements balancing compliance with pragmatic risk management skills.
• Very welcome candidates with experience in offensive security or operational security role with the desire of shifting toward technical risk management role, while maintaining technical skills and knowledge of security technologies as the core of their expertise.
• Welcomed industry recognized certifications like CISSP, CCSP, CISM, CISA, OSCP, SANS etc.
• Preferred understanding of the financial industry and especially of control and business enabling functions (e.g. Technology Risk, Operations, etc.).
• Strong problem solving and analytical skills mixed with a structured but pragmatic attitude.
• Team player with the ability to work independently and take initiative in order to organize, manage and complete projects and deliverables within tight deadlines.
• Team leadership experience, with an ability to structure and drive risk assessment initiatives coordinating inputs from team members and stakeholders.
• Persuasive oral and effective written presentation skills.
Expert advice. Wealth management. Investment banking. Asset management. Retail banking in Switzerland. And all the support functions. That's what we do. And we do it for private and institutional clients as well as corporations around the world.
We are about 60,000 employees in all major financial centers, in more than 50 countries. Do you want to be one of us?
We're a truly global, collaborative and friendly group of people. Having a diverse, inclusive and respectful workplace is important to us. And we support your career development, internal mobility and work-life balance. If this sounds interesting, apply now.
Disclaimer / Policy Statements
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
You are kindly requested to include the following clause in your application: "Wyrażam zgodę na przetwarzanie moich danych osobowych zawartych w ofercie pracy dla potrzeb procesu rekrutacji zgodnie z ustawą z dnia 27.08.1997r. Dz. U. z 2002 r., Nr 101, poz. 923 ze zm."