Cyber Security and Tech Risk Specialist

Hong Kong

Hong Kong

Job Type
Full Time

Your role
Are you risk averse? Do you know how to maintain independence and objectivity? We are looking for someone like that who can:

– support the implementation of the Cyber Security Risk and Technology Risk taxonomies in the context of the Bank's operational risk framework
- drive the implementation of risk remediation programs, and the undertaking of thematic risk reviews and cross-taxonomy risk management initiatives within Operational Resilience
- establish and maintain strong links within the industry and engagements with the regulators to ensure that Information Security, Cyber Security and Technology Risks related industry news and regulatory developments are embedded within the Framework, and provide a view on future developments
- support the definition of Information Security and Technology Risk training requirements and mechanisms to promote and instill a culture of proactive risk management and awareness within Group Technology (GT)
– participate in the management of operational risk events related to information & cyber security, and technology risks, including escalation to crisis management committees
– act as an advisor and SME for cyber & information security and information technology related risk assessments, incident analysis and strategic initiatives as well as in the development and introduction of relevant business initiatives
– build relationships within C&ORC (Compliance & Operational Risk Control), and with Business and GT stakeholders to ensure steady information flow and effective communications with partners and stakeholders
– oversee the collection and processing of cyber threat intelligence ensuring that (1) the bank has access to relevant cyber intelligence information and that (2) the information is timely provided to the relevant functions and (3) required mitigation activities are executed
– assess the firm's exposure to potential cyber threats by (1) identifying and assessing key cyber security risk scenarios, (2) analysing the bank's defence capabilities against these threats and (3) ensuring that cross-functional mitigation activities are initiated and executed
– manage intelligence-led penetration testing and red teaming activities, including participation to regulatory initiatives such as CBEST in the UK and Quantum Dawn in the US
– support Senior Risk Controllers with the management and coordination of effective delivery of high quality, cost effective, pragmatic and business driven Tech Risk services across the CIO area

About us
Expert advice. Wealth management. Investment banking. Asset management. Retail banking in Switzerland. And all the support functions. That's what we do. And we do it for private and institutional clients as well as corporations around the world.

We are about 60,000 employees in all major financial centers, in almost 900 offices and more than 50 countries. Do you want to be one of us?

Your team
You'll be working in the APAC Operational Resilience (OR) Team in Hong Kong. We are part of the Compliance & Operational Risk Control (C&ORC) function and provide oversight of technology, information / cyber security, outsourcing, BCM and program management risks across the UBS Group.

Your experience and skills
You have:
– A degree in Computer Science, Computer Engineering, or relevant discipline;
– 7+ years of substantial experience within Information Technology, ideally in the Financial Industry, with a particular focus and practical experience on Cyber Security e.g. risk management, project management, security operations;
– Solid understanding of Cyber defence, Information Technology, Information Security Frameworks, Risk Management and IT Security;
– Substantial experience in the analysis of Information & Cyber Security Risk issues and their business impact;
– Working experience with operational models for security technologies including organization, operational processes and key performance indicators;

You are:
– analytic, with the ability to provide practical solutions for minimizing risk
– result-oriented and assertive (you don't shy away from challenging situations)
– a team player with the ability to work independently to organize, manage and complete projects within tight deadlines
– able to drive complex cross-functional programmes
– able to communicate with different levels of seniority as well as able to communicate technical issues in business language within a global organization
– fluent in English

What we offer
Together. That's how we do things. We offer talented people around the world a supportive, stimulating and diverse working environment. We'll value your passion and commitment. And reward your performance.

Take the next step
Are you truly collaborative? Succeeding at UBS means respecting, understanding and trusting colleagues and clients. Challenging others and being challenged in return. Being passionate about what you do. Driving yourself forward, always wanting to do things the right way. Does that sound like you? Then you have the right stuff to join us. Apply now.