Cyber Threat Intelligence (Threat Monitoring and Alerting) Team Lead.
Zürich , Switzerland - Zürich
UBS
UBS is a global firm providing financial services in over 50 countries. Visit our site to find out what we offer in Germany.City
Zürich
Job Type
Full Time
Country / State
Switzerland - Zürich
Function Category
Information Technology (IT)
Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we’re more than ourselves. Ready to be part of #teamUBS and make an impact?
Contact Details
UBS Business Solutions SA
UBS Recruiting
Disclaimer / Policy statements
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
Your team
You’ll be working in UBS’s Cyber Intelligence Center – where you’ll play a key role in protecting the firm from cyber-attacks and advanced threat actors by informing UBS cyber defense teams and working with other key stakeholders across the CISO and TISO functions.
The EWC is at the forefront of the firm’s effort to rapidly detect and respond to cyber threats targeting the firm and the wider financial sector. EWC analysts conduct follow-the-sun tactical monitoring of the threat landscape and work closely with teams across Cyber Defense, Vulnerability Management, Third Party Cyber Risk and Network Application Protection to mitigate identified and escalated threats, vulnerabilities and incidents.
The MMC ensures situational awareness across key defense teams and stakeholders by hosting a daily command call and by supporting operational coordination in response to escalated threats. In doing so, MMC collaborates closely with other teams across Cyber Defense (including SOC, Incident Response, Threat Hunting, Cyber Detection Services, and Cyber Response Commanders) and the wider TISO function who are responsible for responding to and mitigating active threats. MMC also manages an interactive platform that provides a single pane-of-glass for tactical escalations, as well as operational and strategic intelligence, produced by CIC.
Your expertise
• ideally 8+ years of combined experience in cyber threat intelligence, incident response or cyber investigations role.
• experience leading a team of analysts or leading operational projects requiring significant supervision, coordination and stakeholder engagement;
• deep understanding of cybersecurity organization practices, operations risk management processes and principles, cyber defense models, emerging threats, and vulnerabilities.
• detailed knowledge and technical understanding of the global cyber threat landscape, and the tactics, techniques, and procedures (TTPs) used by adversaries, especially those related to the financial sector.
• knowledge of threat modeling frameworks, such as cyber kill chains or the MITRE ATT&CK™ framework and expertise in mapping procedural intelligence of threats to TTPs.
• experience conducting investigations and analysis of phishing and malware campaigns.
• strong familiarity with open-source and commercial tools for continuous monitoring of the threat landscape.
• ability to translate external and internal data into relevant risk indicators and metrics to be ingested into threat analysis and prioritization models.
• strong verbal/written communication skills, with the ability to present reports to both technical and non-technical audiences. Experience supervising written production of intelligence reports is highly desirable.
• solid stakeholder management experience and ability to manage conflicts and work effectively under pressure.
• Certifications such as GSEC, GCTI, GREM, CISSP or OSCP are desirable but not essential.
About us
UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors..
We have a presence in all major financial centers in more than 50 countries.
How we hire
We may request you to complete one or more assessments during the application process. Learn more
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Banking CISO CISSP Cyber defense GCTI GREM GSEC Incident response Malware MITRE ATT&CK Monitoring OSCP Risk management SOC Threat intelligence TTPs Vulnerabilities Vulnerability management
Perks/benefits: Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.