Senior Cyber and Information Security Technical Risk Assessor

Senior Cyber and Information Security Technical Risk Assessor

UBS is a global firm providing financial services in over 50 countries. Visit our site to find out what we offer in Germany.

At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.

You’ll be joining the Risk and Oversight team within the Cyber and Information Security Services organization led by the Group Chief Information Security Officer. You’ll be working with team members located across the globe, while reporting into the Head of Cyber Security Risk Assessments based in Zurich, and will work on a range of topics related to Cyber and Information Security and technical risk management.

Your expertise

Substantial experience in technical risk management in Cyber and Information Security, with a focus on technologies and digital aspects, particularly:

1. Degree in Computer Science, Computer Engineering, Electrical Engineering, Information Security or related discipline
2. Strong and broad knowledge in multiple areas like network security, database security, cloud security, application security, infrastructure and system hardening, security architectures, technical security controls implementation and ability to judge effectiveness of security control implementation against threats and risk scenarios
3. Strong technical expertise in one or more areas among Data Protection, Identity and Access Management and Cyber Security
4. Strong technical knowledge and passion for enabling technologies and processes to operate securely (e.g. new technology products and business initiatives, Cloud, Secure Software Development Lifecycle, DevOps)
5. Strong knowledge of both Information and Cyber Security risk management and control frameworks (e.g. ISO27001, NIST CSF) and operational threat management frameworks (e.g. MITRE ATT&CK)
6. Exposure to technology and Information and Cyber Security regulatory requirements balancing compliance with pragmatic risk management skills
7. Experience in offensive security, secure application development and testing or operational security role with the desire of shifting toward technical risk management role, while maintaining technical skills and knowledge of security technologies as the core of their expertise
8. Welcomed industry recognized certifications like CISSP, CCSP, CISM, CISA, OSCP, SANS etc.
9. Preferred understanding of the financial industry and especially of control and business enabling functions (e.g. Technology Risk, Operations, etc.)
10. Strong problem solving and analytical skills mixed with a structured but pragmatic attitude
11. Team player with the ability to work independently and take initiative in order to organize, manage and complete projects and deliverables within tight deadlines
12. Persuasive oral and effective written presentation and reporting skills. Please note that risk assessment reports writing is an integral part of the role.

About us

UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.