Job Reference #
306269BR
City
Zürich
Job Type
Full Time
Your role
Are you interested in helping an innovative cybersecurity function to defend a large firm from cyber threats? Are you looking to apply your cybersecurity and threat analysis expertise?
We’re looking for a Team Lead to join our Cyber Intelligence Center in Switzerland and oversee our Threat Monitoring and Alerting function. The Lead will be responsible for:
• overseeing the Early Warning Cell (EWC), a global team of cyber intel analysts tasked with performing continuous monitoring of the cyber threat landscape and timely tactical escalations of notable threats, vulnerabilities and events that may impact the firm;
• overseeing the Mission Management Cell (MMC), which is responsible for operational coordination and for ensuring appropriate communication to a range of stakeholders across the CISO organization in the event of a notable threat or incident impacting the firm;
• overseeing the daily command call to ensure cross-team awareness about notable threats, events or incidents that may require wider coordination and collaboration;
• providing threat SME knowledge and support during applicable cyber security incidents to enable effective mitigation and remediation efforts;
• providing guidance to analysts for investigating and analyzing malicious campaigns or threats that may target the firm;
• engaging with other defense and technical teams to provide specialized knowledge and requirements to inform threat mitigation strategies;
• contribute to the development and refinement of key processes and procedures concerning the tactical stages of the intelligence lifecycle and their practical application across the team’s portfolio of activities;
• engaging external communities to collect and share threat information, actively contributing to threat intelligence exchange activities.
Your team
You’ll be working in UBS’s Cyber Intelligence Center – where you’ll play a key role in protecting the firm from cyber-attacks and advanced threat actors by informing UBS cyber defense teams and working with other key stakeholders across the CISO and TISO functions.
The EWC is at the forefront of the firm’s effort to rapidly detect and respond to cyber threats targeting the firm and the wider financial sector. EWC analysts conduct follow-the-sun tactical monitoring of the threat landscape and work closely with teams across Cyber Defense, Vulnerability Management, Third Party Cyber Risk and Network Application Protection to mitigate identified and escalated threats, vulnerabilities and incidents.
The MMC ensures situational awareness across key defense teams and stakeholders by hosting a daily command call and by supporting operational coordination in response to escalated threats. In doing so, MMC collaborates closely with other teams across Cyber Defense (including SOC, Incident Response, Threat Hunting, Cyber Detection Services, and Cyber Response Commanders) and the wider TISO function who are responsible for responding to and mitigating active threats. MMC also manages an interactive platform that provides a single pane-of-glass for tactical escalations, as well as operational and strategic intelligence, produced by CIC.
Your expertise
• ideally 8+ years of combined experience in cyber threat intelligence, incident response or cyber investigations role.
• experience leading a team of analysts or leading operational projects requiring significant supervision, coordination and stakeholder engagement;
• deep understanding of cybersecurity organization practices, operations risk management processes and principles, cyber defense models, emerging threats, and vulnerabilities.
• detailed knowledge and technical understanding of the global cyber threat landscape, and the tactics, techniques, and procedures (TTPs) used by adversaries, especially those related to the financial sector.
• knowledge of threat modeling frameworks, such as cyber kill chains or the MITRE ATT&CK framework and expertise in mapping procedural intelligence of threats to TTPs.
• experience conducting investigations and analysis of phishing and malware campaigns.
• strong familiarity with open-source and commercial tools for continuous monitoring of the threat landscape.
• ability to translate external and internal data into relevant risk indicators and metrics to be ingested into threat analysis and prioritization models.
• strong verbal/written communication skills, with the ability to present reports to both technical and non-technical audiences. Experience supervising written production of intelligence reports is highly desirable.
• solid stakeholder management experience and ability to manage conflicts and work effectively under pressure.
• Certifications such as GSEC, GCTI, GREM, CISSP or OSCP are desirable but not essential.
About us
UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors..
We have a presence in all major financial centers in more than 50 countries.
How we hire
We may request you to complete one or more assessments during the application process. Learn more
Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we’re more than ourselves. Ready to be part of #teamUBS and make an impact?
Contact Details
UBS Business Solutions SA
UBS Recruiting
Disclaimer / Policy statements
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
#J-18808-Ljbffr