Poland

Information Technology (IT)

Group Functions

Your role

Do you have a strong technical background? Do you have proven knowledge in the area of Cyber and Information Security? Do you have knowledge of Technology Risk Management?

We’re looking for a Senior Cyber and Information Security Technical Risk Assessor to join the Cyber Security Risk Assessments team within the Group Chief Information Security Office to:
• Perform independently high-quality and high-integrity Cyber and Information Security technical risk assessments, root cause analysis and risk investigations on IT and Cloud architectures, infrastructures, platforms, applications, technology stacks and business projects, based on current cyber threats landscape and emerging risks.
• Perform deep dives and thematic reviews into bank’s Cyber and Information Security capabilities and services, drawing conclusions on the overall risk posture of a specific security vertical.
• Proactively and constructively challenge the status quo identifying Cyber and Information Security operational risks, proposing realistic remediation or improvement solutions while understanding potential tradeoffs and minimizing risks, always having an attacker perspective in mind.
• Be the trusted technical partner in Cyber and Information Security for senior stakeholders in a highly federated environment, being the advocate of the security risk culture.
• Streamline and standardize the technical risk assessment process by facilitating reusability of information and knowledge accumulated over time in the team, thus being able to produce risk assessments quickly, in a fast pace environment.
• Be open in learning data analytics techniques and manage data sets to integrate objective data analytics insights into the risk assessment process to produce high quality deliverables.

Job Reference #

326676BR

City

Kraków

Job Type

Full Time

Your team

You’ll be joining the Cyber Security Risk Assessments team within the Group Chief Information Security Office. You’ll be working with team members located across the globe and will work on a range of topics related to Cyber and Information Security and technical risk management. The Group Chief Information Security Office is the single point of contact and recognized subject matter expert for all matters related to Cyber and Information Security in the bank.

Your expertise

Substantial experience in technical risk management in Cyber and Information Security, with a focus on technologies and digital aspects, particularly:

• Degree in Computer Science, Computer Engineering, Electrical Engineering, Information Security or related discipline.
• Strong and broad knowledge in multiple areas like network security, database security, cloud security, application security, infrastructure and system hardening, security architectures, technical security controls implementation and ability to judge effectiveness of security control implementation against threats and risk scenarios.
• Strong technical expertise in one or more areas among Data Protection, Identity and Access Management and Cyber Security.
• Strong technical knowledge and passion for enabling technologies and processes to operate securely (e.g. new technology products and business initiatives, Cloud, Secure Software Development Lifecycle, DevOps).
• Strong knowledge of both Information and Cyber Security risk management and control frameworks (e.g. ISO27001, NIST CSF) and operational threat management frameworks (e.g. MITRE ATT&CK)
• Exposure to technology and Information and Cyber Security regulatory requirements balancing compliance with pragmatic risk management skills.
• Very welcome candidates with experience in offensive security, secure application development and testing or operational security role with the desire of shifting toward technical risk management role, while maintaining technical skills and knowledge of security technologies as the core of their expertise.
• Welcomed industry recognized certifications like CISSP, CCSP, CISM, CISA, OSCP, SANS etc.
• Preferred understanding of the financial industry and especially of control and business enabling functions (e.g. Technology Risk, Operations, etc.).
• Strong problem solving and analytical skills mixed with a structured but pragmatic attitude.
• Team player with the ability to work independently and take initiative in order to organize, manage and complete projects and deliverables within tight deadlines.
• Persuasive oral and effective written presentation and reporting skills. Please note that risk assessment reports writing is an integral part of the role.

About us

UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.

We have a presence in all major financial centers in more than 50 countries.

How we hire

We may request you to complete one or more assessments during the application process. Learn more

Join us

At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We’re dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. And we use artificial intelligence (AI) to work smarter and more efficiently. We also recognize that great work is never done alone. That’s why collaboration is at the heart of everything we do. Because together, we’re more than ourselves.

We’re committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.

Contact Details

UBS Business Solutions SA
UBS Recruiting

Disclaimer / Policy statements

UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.

Report misconduct: If you are made aware of any of our employees or individuals acting on behalf of UBS engaging in acts of misconduct under the Poland Whistleblowing Act, you may report your concerns through Poland-Whistleblowing@ubs.com