Overview
On Site
Full Time
Skills
Research
Security Operations
FOCUS
Auditing
Mentorship
Regulatory Compliance
Legal
Business Operations
Information Security
Brand
Management
Risk Management
Security Controls
Forms
Security QA
Testing
Leadership
People Management
Cloud Computing
Microsoft Azure
Amazon Web Services
Scripting
Bash
Windows PowerShell
Python
C
C++
C#
Rust
NIM
Assembly
OSCP
SANS
GPEN
Training
Cyber Security
SIEM
System Administration
Linux
Microsoft Windows
Operating Systems
Wealth Management
Corporate Banking
Asset Management
Finance
Artificial Intelligence
Collaboration
Recruiting
Job Details
Your role
Are you passionate about the offensive side of cyber security and research? Are you curious and self-driven to continuously learn, explore, and try harder, as well as share your knowledge and experience to complement the rest of our team? Are you someone who likes to bridge the gap between the technical aspects of emulating attacker TTPs and how this will strengthen the security posture of your business? Are you self-driven, motivated and have experience working on a global security team?
UBS is looking for a Cyber Defense Operational Security Testing Security Testing Lead to:
join a growing in-house red teaming and offensive security capability and play a key role in helping to shape and lead our team
manage all phases of offensive security operations with a focus on purple and red team testing
effectively translate and communicate security testing strategy and findings , including technical staff, executive leadership, legal counsel, and audit/regulatory bodies
provide risk appropriate and pragmatic recommendations to correct identified findings, vulnerabilities, and misconfigurations
design, build, and execute security testing processes/strategies to support and evaluate the organization's security posture
coach, mentor, manage, and advocate for career development of security testing operators and understand and adhere to regulatory, compliance, and legal requirements that impact business operations
Your team
You will be working in the Cyber Defense Organization within Technology Services, Technology Information Security Office (TS TISO). The TS TISO Vision is to protect, preserve, and prolong the value of the UBS data and digital services, and enhance UBS's brand and competitiveness in a digitized world. The Cyber Defense organization within TISO leads the management of all cyber threats and cyber risk across our Firm. To "protect the foundations and secure the future," Cyber Defense serves two mission areas: cyber threat management and defense (understanding, detecting, and responding to threats), and cyber risk management and governance (setting priorities and preventing threats).
Operational Security Testing is a global team with a presence in Switzerland, Poland, and the USA. Our team works across TS TISO and other security control areas to conduct red teaming, purple teaming and other forms of offensive security testing to identify and help remediate gaps across all aspects of the Cyber Security protect, detect and response capabilities of our Firm. Your role will be in our Raleigh, NC. Office.
Your expertise
ideally 5 years or more of experience in an offensive security role, including performing red team testing
demonstrated leadership and people management skills in a corporate or equivalent complex Cyber Security organization
experience and proficiency in the day-to-day operations of a Red or Purple Team with knowledge of offensive security tools and frameworks
experience in setting up infrastructure for Red Teaming operations and techniques utilized in reconnaissance, exploitation, persistence, lateral movement, command & control, etc.
detailed knowledge and understanding of MITRE ATT&CK framework and how to simulate TTPs of cyber attackers
experience with cloud technologies (such as Azure or AWS), scripting languages (such as bash, PowerShell or Python) and programming in C, C++, C#, Rust, Nim or in Assembly are pluses
Offensive Security certifications (such as OSCP or OSEP), SANS certifications (such as GXPN, GPEN, GWAPT, GREM), or other training in red teaming operations are a plus
experience in a blue team role investigating cyber security incidents in a modern enterprise security environment (including SIEM, EDR, etc) or experience in system administration or engineering experience with Linux and Windows operating systems are pluses
*LI-UBS
*UBS-MOGUL
About us
UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.
We have a presence in all major financial centers in more than 50 countries.
Join us
At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We're dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. And we use artificial intelligence (AI) to work smarter and more efficiently. We also recognize that great work is never done alone. That's why collaboration is at the heart of everything we do. Because together, we're more than ourselves.
We're committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.
Are you passionate about the offensive side of cyber security and research? Are you curious and self-driven to continuously learn, explore, and try harder, as well as share your knowledge and experience to complement the rest of our team? Are you someone who likes to bridge the gap between the technical aspects of emulating attacker TTPs and how this will strengthen the security posture of your business? Are you self-driven, motivated and have experience working on a global security team?
UBS is looking for a Cyber Defense Operational Security Testing Security Testing Lead to:
join a growing in-house red teaming and offensive security capability and play a key role in helping to shape and lead our team
manage all phases of offensive security operations with a focus on purple and red team testing
effectively translate and communicate security testing strategy and findings , including technical staff, executive leadership, legal counsel, and audit/regulatory bodies
provide risk appropriate and pragmatic recommendations to correct identified findings, vulnerabilities, and misconfigurations
design, build, and execute security testing processes/strategies to support and evaluate the organization's security posture
coach, mentor, manage, and advocate for career development of security testing operators and understand and adhere to regulatory, compliance, and legal requirements that impact business operations
Your team
You will be working in the Cyber Defense Organization within Technology Services, Technology Information Security Office (TS TISO). The TS TISO Vision is to protect, preserve, and prolong the value of the UBS data and digital services, and enhance UBS's brand and competitiveness in a digitized world. The Cyber Defense organization within TISO leads the management of all cyber threats and cyber risk across our Firm. To "protect the foundations and secure the future," Cyber Defense serves two mission areas: cyber threat management and defense (understanding, detecting, and responding to threats), and cyber risk management and governance (setting priorities and preventing threats).
Operational Security Testing is a global team with a presence in Switzerland, Poland, and the USA. Our team works across TS TISO and other security control areas to conduct red teaming, purple teaming and other forms of offensive security testing to identify and help remediate gaps across all aspects of the Cyber Security protect, detect and response capabilities of our Firm. Your role will be in our Raleigh, NC. Office.
Your expertise
ideally 5 years or more of experience in an offensive security role, including performing red team testing
demonstrated leadership and people management skills in a corporate or equivalent complex Cyber Security organization
experience and proficiency in the day-to-day operations of a Red or Purple Team with knowledge of offensive security tools and frameworks
experience in setting up infrastructure for Red Teaming operations and techniques utilized in reconnaissance, exploitation, persistence, lateral movement, command & control, etc.
detailed knowledge and understanding of MITRE ATT&CK framework and how to simulate TTPs of cyber attackers
experience with cloud technologies (such as Azure or AWS), scripting languages (such as bash, PowerShell or Python) and programming in C, C++, C#, Rust, Nim or in Assembly are pluses
Offensive Security certifications (such as OSCP or OSEP), SANS certifications (such as GXPN, GPEN, GWAPT, GREM), or other training in red teaming operations are a plus
experience in a blue team role investigating cyber security incidents in a modern enterprise security environment (including SIEM, EDR, etc) or experience in system administration or engineering experience with Linux and Windows operating systems are pluses
*LI-UBS
*UBS-MOGUL
About us
UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.
We have a presence in all major financial centers in more than 50 countries.
Join us
At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We're dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. And we use artificial intelligence (AI) to work smarter and more efficiently. We also recognize that great work is never done alone. That's why collaboration is at the heart of everything we do. Because together, we're more than ourselves.
We're committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.