Job Description

Your role

Are you an expert when it comes to Security Data Analytics and Cyber Vulnerability management? Do you have proven ability to analyze complex data, resolve conflicts & successfully meet compliance and business needs?

We’re looking for a Cyber Hygiene Data Analyst to:

•provide in-depth data analysis of UBS’ cyber risk estate working towards identifying legitimate risks, remediation options, and risk ownership
•achieve compliance targets of open cyber risk
•collaborate with IT engineering/operations teams to research/develop solutions to open cyber risks.
•work closely with IT security operations, issue owners, and business teams to plan remediation on open vulnerabilities.
•liaise with users and risk management teams to articulate options involving open cyber risk
•generate and publish weekly and monthly executive/regulatory reports on compliance levels and audit queries

Your team

You’ll be working in the Global Security Remediation & Analysis (SRA) team, a part of TISO (Cyber Hygiene), in Nashville, Tennessee. We provide executive level analysis, reporting, compliance support, and oversight on UBS Cyber Risk estate across all assets hosted both on-prem and in the cloud. This benefits our bank and business functions in maintaining a best-in-class risk posture and achieves compliance across all industry regulatory agencies. As a Cyber Security Specialist, you’ll play an important role in achieving critical organizational objectives in cyber risk tolerance and regulatory compliance.

Working Hours: In office (07:00 – 16:00) with flexibility based on needs requiring global collaboration.

Diversity helps us grow, together. That’s why we are committed to fostering and advancing diversity, equity, and inclusion. It strengthens our business and brings value to our clients.

Your expertise

•ideally, 5+ years of proficiency with modern vulnerability detection methodologies
•experience with agent based tools (Tenable/Nessus, Qualys Endpoint Security, Microsoft Defender for Endpoint) and Cloud/Container Attack Surface Scanning tools (Wiz.io or Orca)
•experience with external Assessment Tools (RiskRecon or Microsoft Defender for External Attack Surface) and data presentation layer / ETL tools (Power BI, Alteryx, and Tableau)
•experience in reading/developing shell scripting languages (Python, PowerShell, or Batch/Bash) and competency in ITIL structured processes (Release Lifecycles, Change Management)
•capability in handling risk/severity-based prioritization and decision making
•proficiency in Office 365 tools to manage effective communication
•comfortable in an adaptive environment that sometimes requires new skill sets, rapid priority adjustments, and the ability to react to unforeseeable threat vectors
•proficient in leading teams driving Risk based Service Delivery initiatives; collaborating and being a driver of change and sustainability in the course of reducing cyber risk

“At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services.”