Senior Red Team Tester

Kraków, małopolskie Wrocław, dolnośląskie
Stała
Pełny etat

12 godzin temu

Business DivisionsGroup FunctionsYour roleWe are expanding our global Red Team (Cyber Assurance Testing) and are looking for a skilled and experienced cyber security specialist to join us. This role will assist in the management of UBS's internal Cyber Assurance Testing service and play a lead role in the delivery of a growing number of regulatory red team engagements to satisfy the requirements and expectations of financial regulators across the globe.
Candidates will be expected to have some experience of engaging with red team testing and financial regulatory red team engagements (e.g. CBEST, iCAST, TIBER), ideally in a finance sector firm, regulatory or consultancy environment. We are looking for individuals with a deep interest in cyber security, and in particular the emulation of real-world offensive cyber-attacks. Keeping up to date with knowledge of threats, vulnerabilities, and techniques should be something you find fun and interesting rather than just a job requirement.
The role will require strong project and stakeholder management skills, an inquisitive mind, an ability to think outside of the box, and a broad understanding of technical aspects of cyber security. Technical certifications such as CISSP, CCSP, CISM, CREST, OSCP, etc will be advantageous, but they are not a deal breaker. We are primarily concerned with your ability to organize and manage projects, and communicate with technical and non-technical stakeholders at all levels of seniority across and outside of the firm.
The ability to write clear reports in business English is an absolute necessity, as are project management skills and personal organizational ability.
You will be working with some very talented and experienced professionals, and there will be lots of opportunities to grow and develop your technical skillset.
Your Duties and Responsibilities will Include:

contributing to the management of UBS's internal Cyber Assurance Testing (CAT) service - supporting the ongoing internal testing process and delivery of output
managing the planning, scoping, execution, and reporting of regulatory red team tests to satisfy regulatory testing frameworks such as CBEST, iCAST and TIBER
onboarding, contracting and managing third-party red team vendors to deliver regulatory red team testing
managing relationships with red team testing vendors, senior internal stakeholders, and regulators
collaborating with blue teams and other cyber defense functions
developing reports of findings, analysis, and recommendations for internal UBS stakeholders, and contributing to regulatory submissions.
delivering operational briefings and presentations to technical teams, non-technical stakeholders, and senior management.
providing technical cyber security expertise to UBS Group Compliance, Regulatory and Governance (GCRG) Cyber and Technology Risk Control

Function CategoryCompliance, Information Technology (IT), RiskJoin usAt UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We're dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. We also recognize that great work is never done alone. That's why collaboration is at the heart of everything we do. Because together, we're more than ourselves.We're committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can alwaysContact DetailsUBS Business Solutions SA
UBS RecruitingYour teamYou will be working as a member of the global Cyber Testing & Assurance team, which is a second line assurance testing function within Compliance & Operational Risk Control.Your expertise

a strong background and experience in cyber security related to the finance sector
familiarity with red team testing, cyber-attack chains, and the tools, techniques and procedures used by advanced cyber threat actors
familiarity with the major cyber security concerns of large finance sector organisations, as well as the primary defensive techniques and approaches deployed to address these
experience of implementing or working with regulatory red team frameworks such as CBEST, iCAST and TIBER
excellent written and spoken English, and the ability to describe highly technical and complex matters in a business-focused and risk-centric manner to a range of technical and senior stakeholders
proven experience in managing senior stakeholders and relationships
proven project management skills and personal organizational ability
technical certifications such as CISSP, CCSP, CISM, CREST and OSCP would be advantageous, but are not essential

About usUBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.We have a presence in all major financial centers in more than 50 countries.

UBS

Aplikuj