Insider Threat Analyst, Detection Rule and Model Management Lead
Nashville, United States - Tennessee
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
UBS
UBS is a global firm providing financial services in over 50 countries. Visit our site to find out what we offer in Germany.City
Nashville
Job Type
Full Time
Country / State
United States - Tennessee
Function Category
Information Technology (IT)
Join us
At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We’re dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. We also recognize that great work is never done alone. That’s why collaboration is at the heart of everything we do. Because together, we’re more than ourselves.
We’re committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.
Contact Details
UBS Business Solutions SA
UBS Recruiting
Disclaimer / Policy statements
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
Your team
You will be working in the Cyber Defense, Insider Threat team within the larger Technology Information Security Office (TISO). The TISO vision is to protect, preserve, and prolong the value of UBS data and digital services, and enhance UBS’s brand and competitiveness in a digitized world. The TISO mission is to lead the management of all cyber threats and cyber risk across our Firm. To “protect the foundations and secure the future,” We are a global team with presence in Switzerland, UK, USA and Singapore, focusing on pro-active defense and strong insider threat management capabilities. Your role will be in our Nashville, TN office.
Your expertise
•ideally, 4+ years combined hands on experience with a focus on detection engineering, threat hunting, behavioral analytics or past job roles as a technical incident responder
•direct hands-on technical expertise in understanding security event log structures and event attributes/key value pairs to create complex insider activity detection rules in a SIEM or User Activity Monitoring platform
•experience utilizing multiple relational query languages; SQL, SPL, KQL and other Natural language query syntax to develop, test, verify and deploy detection rules
•utilize advanced analytical skills and threat monitoring tradecraft knowledge to assist in designing, creating, building, testing and implementing insider threat use-cases utilizing various security event data sources
•advanced understanding of insider threat best practices, operations and current threat landscape and using these skills to effectively monitor, triage and investigate insider threats across a complex and diverse global enterprise
•advanced problem solving and analytical skills with the ability to collect and analyze disparate threat indicators and develop correlations to enhance ongoing detection alerts and capabilities
•able to perform hands on analysis and triage of potential insider threats
•strong experience in utilizing a query language to write complex event search correlations supporting detection analytics involving security event data to triage, investigate and respond to potential threats
“At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services.”
*LI-UBS
*UBS-MOGUL
About us
UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.
We have a presence in all major financial centers in more than 50 countries.
How we hire
We may request you to complete one or more assessments during the application process. Learn more
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Banking Cyber defense Monitoring SIEM SQL
Perks/benefits: Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.