Cyber Security Risk Governance Specialist

UBS - Weehawken, NJ

posted 5 months ago

Part-time - Mid Level
Weehawken, NJ
Securities, Commodity Contracts, and Other Financial Investments and Related Activities

About the position

As a Cyber Security Risk Governance Specialist at UBS, you will play a pivotal role in overseeing and managing cyber and information security risks across the organization. Your primary responsibility will be to serve as a subject matter expert in various Cyber and Information Security (CIS) domains, providing active risk oversight and proactively challenging the status quo. This involves identifying operational risks and proposing realistic remediation or improvement solutions to enhance the firm's security posture. You will be tasked with reviewing the firm's CIS threats, controls, deficiencies, indicators, and events, which will support your conclusions on the firm's residual risk. Building and developing long-term relationships with security and risk professionals across the firm will be essential, as you will collaborate with multi-disciplinary teams from different geographies and business divisions on various change initiatives. Additionally, you will streamline and standardize processes for CIS risk governance, ensuring that the organization operates within a robust risk management framework. Your role will also involve data-driven analysis to proactively govern CIS risks and controls, enabling transparent risk-based decision-making. You will be part of the Cyber Governance, Requirements, and Regulatory Affairs team, which is integral to the Group Chief Information Security Office (Group CISO) and supports all divisions and functions of the firm. This position not only requires a strong technical background in cyber security but also excellent communication and interpersonal skills to navigate a global environment effectively.

Responsibilities

  • Serve as a subject matter expert in various Cyber and Information Security (CIS) domains.
  • Provide active risk oversight and challenge the status quo regarding operational risks.
  • Identify operational risks and propose realistic remediation or improvement solutions.
  • Review the firm's CIS threats, controls, deficiencies, indicators, and events to assess residual risk.
  • Build and develop long-term relationships with security and risk professionals across the firm.
  • Collaborate with multi-disciplinary teams from different geographies and business divisions on change initiatives.
  • Streamline and standardize processes for CIS risk governance.
  • Conduct data-driven analysis to govern CIS risks and controls.

Requirements

  • Proven experience in cyber and information security risk governance, management, and/or control.
  • Strong technical expertise in areas such as Data Protection, Identity and Access Management, Cyber Defense, Network Security, and Cyber Hygiene.
  • Technical knowledge and passion for enabling technologies to operate securely, such as Cloud.
  • Ability to judge the effectiveness of security control implementation against threats and risk scenarios.
  • Good understanding of cyber and information security risk or threat management frameworks, such as NIST CSF, CRI Profile, COBIT, and MITRE ATT&CK.
  • Excellent communication and interpersonal skills in a global environment.
  • Industry-recognized certifications such as CISSP, CCSP, CGRC, CISM, CISA, OSCP, SANS, etc. are a bonus.
  • Team player with the ability to work independently and take initiative to manage and complete projects within tight deadlines.

Nice-to-haves

  • Experience with NIST standards.
  • Familiarity with regulatory requirements in the financial services sector.

Benefits

  • Flexible working arrangements including part-time, job-sharing, and hybrid working options.
  • Opportunities for professional development and acquiring new skills.
  • Support for diversity, equity, and inclusion initiatives.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service