Insider Threat Analyst

Your role

Are you a cybersecurity professional with hands on experience identifying Insider threats? Do you routinely work closely with business, legal, compliance, and technology to investigate incidents, improve processes through technology, policy, and employee education? Do you have knowledge of insider threat frameworks and best practices? Do you have hands on experience with User/Entity behavior analysis tool implementation or operationalization?

We are looking for an Insider Threat Analyst to:• utilize investigation techniques to deter, detect, and mitigate Insider Threat activity in collaboration with business, HR, and line managers• monitor, analyze, and interpret system logs for events and incidents reflective of unauthorized access or operational irregularities and escalates for action as appropriate• develop response strategies and technical support documents, summaries, reports, presentations, and other designated work products that help support the Insider Threat program• assist in the Identification, implementation, and management of associated technologies, services and solutions needed for the insider threat program to operate• operate effectively on a global team with limited oversight supporting "follow the sun" operational model

Join us

At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.

From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we're more than ourselves. Ready to be part of #teamUBS and make an impact?

Disclaimer / Policy Statements

UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.

Your team

You will be working as a team member of a critical Insider Threat Risk Management and monitoring team that operates globally. We are global team with the presence in Switzerland, USA, UK, and Singapore. Operating under the Cyber Defense organization of the office of the Technology Information Security Office (TISO). The Insider Threat function is the premier team responsible for collaborating across multiple enterprise teams, business partners/ functions and lines of business to monitor for and protect our bank against insider threats. The Insider Threat team function is an integral part of a broader Security Operations Center (SOC) Fusion team responsible for the detection, monitoring, investigation, and response to cyber threats across the enterprise to protect, preserve, and prolong the value of the UBS data and digital services, and enhance UBS's brand and competitiveness in a digitized world. This role is in Nashville, as a member the Insider Threat - Americas Team.

Diversity helps us grow, together. That's why we are committed to fostering and advancing diversity, equity, and inclusion. It strengthens our business and brings value to our clients.

Your expertise

• bachelor's degree graduate in computer science or cyber related field and certified CISSP, CISSP-ISSMP, CISM, CISA, GCIA, GCFA or earned a master's degree, or have additional and equivalent 5+ years' work experience in, or leading cyber threat monitoring operations teams (in lieu of degrees)• ideally, 10 years of professional experience and 5 years combined hands on experience within the fields of Insider Threat & Information Security, with past job roles in operationally monitoring and responding to cyber threat events• advanced, SME level understanding of insider threat best practices, operations and current threat landscape and using these skills to effectively monitor, triage, and investigate insider threats across a complex and diverse global enterprise• advanced knowledge and/or operational experience of the implementation and/or integration of insider threat related technologies and security event sources, including DLP, UEBA, SIEM, Email Security, EDR, NDR, Web Proxy, Data Protection, IAM, and PAM• experience creating or implementing information security requirements, policies, and regulations in support of security control audit compliance• advanced expertise in problem solving and analytical skills with the ability to collect and analyze disparate threat indicators and develop correlations to enhance ongoing detection alerts and capabilities• utilize advanced and leading analytical skills and insider tradecraft knowledge to assist in designing, creating, building, testing, and implementing Insider Threat use-cases utilizing various security event data sources • extensive prior experience performing hands on analysis and triage of potential insider threats and maintain strong relationships with stakeholders across the firm• exposure to and understanding of query languages in directing detection and alerting analytics and correlations involving security event data to triage, investigate and respond to insider threat events

"At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services."

*LI-UBS

*UBS-MOGUL

About us

UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors

We have a presence in all major financial centers in more than 50 countries.