- Senior
- Optionales Büro in London
Your role
Candidates will be expected to have some experience of engaging with red team testing and financial regulatory red team engagements (e.g. CBEST, iCAST, TIBER), ideally in a finance sector firm, regulatory or consultancy environment. We are looking for individuals with a deep interest in cyber security, and in particular the emulation of real-world offensive cyber-attacks. Keeping up to date with knowledge of threats, vulnerabilities, and techniques should be something you find fun and interesting rather than just a job requirement.
The role will require strong project and stakeholder management skills, an inquisitive mind, an ability to think outside of the box, and a broad understanding of technical aspects of cyber security. Technical certifications such as CISSP, CCSP, CISM, CREST, OSCP, etc will be advantageous, but they are not a deal breaker. We are primarily concerned with your ability to organize and manage projects, and communicate with technical and non-technical stakeholders at all levels of seniority across and outside of the firm.
The ability to write clear reports in business English is an absolute necessity, as are project management skills and personal organizational ability.
You will be working with some very talented and experienced professionals, and there will be lots of opportunities to grow and develop your technical skillset.
Your Duties and Responsibilities will Include:
• contributing to the management of UBS’s internal Cyber Assurance Testing (CAT) service - supporting the ongoing internal testing process and delivery of output
• managing the planning, scoping, execution, and reporting of regulatory red team tests to satisfy regulatory testing frameworks such as CBEST, iCAST and TIBER
• onboarding, contracting and managing third-party red team vendors to deliver regulatory red team testing
• managing relationships with red team testing vendors, senior internal stakeholders, and regulators
• collaborating with blue teams and other cyber defense functions
• developing reports of findings, analysis, and recommendations for internal UBS stakeholders, and contributing to regulatory submissions.
• delivering operational briefings and presentations to technical teams, non-technical stakeholders, and senior management.
• providing technical cyber security expertise to UBS Group Compliance, Regulatory and Governance (GCRG) Cyber and Technology Risk Control
City
Job Type
Country / State
Function Category
Join us
We’re committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.
Contact Details
UBS Recruiting
Disclaimer / Policy statements
Report misconduct: If you are made aware of any of our employees or individuals acting on behalf of UBS engaging in acts of misconduct under the Poland Whistleblowing Act, you may report your concerns through [email protected]
Your team
Your expertise
• familiarity with red team testing, cyber-attack chains, and the tools, techniques and procedures used by advanced cyber threat actors
• familiarity with the major cyber security concerns of large finance sector organisations, as well as the primary defensive techniques and approaches deployed to address these
• experience of implementing or working with regulatory red team frameworks such as CBEST, iCAST and TIBER
• excellent written and spoken English, and the ability to describe highly technical and complex matters in a business-focused and risk-centric manner to a range of technical and senior stakeholders
• proven experience in managing senior stakeholders and relationships
• proven project management skills and personal organizational ability
• technical certifications such as CISSP, CCSP, CISM, CREST and OSCP would be advantageous, but are not essential
About us
We have a presence in all major financial centers in more than 50 countries.