Tech Cyber Security Specialist London, England
UBS
Full Time
London, England
52988 - 61192 GBP ANNUAL Today
Job description
United Kingdom
Information Technology (IT)
Group Functions
Job Reference #
277982BR
City
London
Job Type
Full Time
Your role
This is an excellent opportunity for a strong and forward-looking red teamer (adversary attack simulation) to join a world-class red teaming capability at UBS. The successful Red Team Tester will join a team of testers and will contribute to the bank's efforts in adopting and maintaining a system-wide view of threat-driven risks, with the goal of working with senior management to control these risks.
The ideal candidate will be responsible for executing Red Team Testing activities including security knowledge development under the supervision of a senior Red Team Testing lead. The role will be located in the US and reporting into the global CIS Attack Testing Team, part of the Cyber & Information Security (CIS).
Duties & Responsibilities include:
The ideal candidate will be responsible for executing Red Team Testing activities including security knowledge development under the supervision of a senior Red Team Testing lead. The role will be located in the US and reporting into the global CIS Attack Testing Team, part of the Cyber & Information Security (CIS).
Duties & Responsibilities include:
- Work with Cyber Threat Intelligence function to develop red team scenarios consistent with real attacks as well as business lines understanding their threats
- Work with Security Operations function to ensure a smooth execution of testing activities (e.g. red/purple teaming, competitive cyber games, etc.)
- Plan and execute red-team exercises by replicating, in a safe way, the tactics, techniques and procedures of threat actors, including periodic reporting of progresses to stakeholders
- Develop and submit detailed reports of findings, analysis and recommendations
- Coordinate Red Team operational briefings and presentations to non-technical audience and executive management, as required
- Provide Information and Cyber Security technical expertise to the CIS Attack Testing Team and to the Cyber & Information Security (CIS) function overall.
Your team
You will be working closely with the global CIS Attack Testing Team, with presence in Israel, Singapore, Zurich and the US.
Your expertise
- several years experience with increasing responsibility in Information Technology, Information and Cyber Security and Compliance that includes a combination of hands on/technical and project leadership skills
- solid experience executing penetration testing / red team testing assessments of high-consequence systems (including execution of CBEST/ iCAST exercises and alike)
- in depth knowledge of enterprise architectures and operations
- detailed and up-to-date knowledge of threat and vulnerability management techniques and tools
- strong knowledge of e.g. OSI Model, MITRE ATT&CK Framework, Firewalls, IDS/IPS, Web Proxies and DLP amongst other
- well versed in a wide range of security tools like Burp, Nessus, Metasploit, Empire, Cobalt Strike, etc. and familiarity with common reconnaissance, exploitation, and post exploitation frameworks
- an inquisitive mind and passion for security researching
- knowledge of exploit crafting/handling/development, malware packing, delivery and obfuscation/evasion techniques
- ability to automate tasks using a scripting language (Python, Perl, Ruby, etc)
- strong knowledge of networking protocols and packet analysis
- able to operate at an advanced level of written and spoken communication in English; write and speak effectively with impact
- strong project management skills
Desired Background:
- B.Sc. / M.Sc. in Computer Science, Computer Engineering, Information Security or equivalent
- ISC2 Certified Information System Security Professional (CISSP)
- One or More certifications related to Red Team Qualifications / and or Cyber Security such as:
- CREST Certified Simulated Attack Manager (CCSAM) or CREST Certified Simulated Attack Specialist (CCSAS) – Highly preferred
- Offensive Security (OSCE, OSCP)
- CREST Registered Penetration Tester
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT)
- Certified Ethical Hacker (CEH)
- CompTIA PenTest+
- GIAC Penetration Tester (GPEN)
- Offensive Security Certified Professional (OSCP)
- Certified Penetration Tester (CPT)
- Systems Security Certified Practitioner (SSCP)
- CompTIA Advanced Security Practitioner (CASP+)
- GIAC Certified Incident Handler (GCIH)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
#LI-Hybrid
About us
UBS is the world’s largest and only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.
With more than 70,000 employees, we have a presence in all major financial centers in more than 50 countries. Do you want to be one of us?
With more than 70,000 employees, we have a presence in all major financial centers in more than 50 countries. Do you want to be one of us?
How we hire
This role requires an assessment on application. Learn more about how we hire: www.ubs.com/global/en/careers/experienced-professionals.html
Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we’re more than ourselves. Ready to be part of #teamUBS and make an impact?
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we’re more than ourselves. Ready to be part of #teamUBS and make an impact?
Disclaimer / Policy Statements
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
Tech Cyber Security Specialist | UBS - Experienced professionals - job boards
