Tactical Threat Monitoring Lead (CTI)

At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing, and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs. From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it’s our people, with their unique backgrounds, skills, experience levels, and interests, who drive our ongoing success. Together we’re more than ourselves. Ready to be part of #teamUBS and make an impact? Your team You’ll be working in UBS’s Cyber Intelligence Center – where you’ll play a key role in protecting the firm from cyber-attacks and advanced threat actors by informing UBS cyber defense teams and working with other key stakeholders across the CISO and TISO functions. The EWC is at the forefront of the firm’s effort to rapidly detect and respond to cyber threats targeting the firm and the wider financial sector. EWC analysts conduct follow-the-sun tactical monitoring of the threat landscape and work closely with teams across Cyber Defense, Vulnerability Management, Third Party Cyber Risk, and Network Application Protection to mitigate identified and escalated threats, vulnerabilities, and incidents. The MMC ensures situational awareness across key defense teams and stakeholders by hosting a daily command call and by supporting operational coordination in response to escalated threats. In doing so, MMC collaborates closely with other teams across Cyber Defense (including SOC, Incident Response, Threat Hunting, Cyber Detection Services, and Cyber Response Commanders) and the wider TISO function who are responsible for responding to and mitigating active threats. MMC also manages an interactive platform that provides a single pane-of-glass for tactical escalations, as well as operational and strategic intelligence, produced by CIC. Your expertise Combined experience in cyber threat intelligence, incident response, or cyber investigations role. Experience leading a team of analysts or leading operational projects requiring significant supervision, coordination, and stakeholder engagement. Deep understanding of cybersecurity organization practices, operations risk management processes and principles, cyber defense models, emerging threats, and vulnerabilities. Detailed knowledge and technical understanding of the global cyber threat landscape, and the tactics, techniques, and procedures (TTPs) used by adversaries, especially those related to the financial sector. Knowledge of threat modeling frameworks, such as cyber kill chains or the MITRE ATT&CK framework and expertise in mapping procedural intelligence of threats to TTPs. Experience conducting investigations and analysis of phishing and malware campaigns. Strong familiarity with open-source and commercial tools for continuous monitoring of the threat landscape. Ability to translate external and internal data into relevant risk indicators and metrics to be ingested into threat analysis and prioritization models. Strong verbal/written communication skills, with the ability to present reports to both technical and non-technical audiences. Experience supervising written production of intelligence reports is highly desirable. Solid stakeholder management experience and ability to manage conflicts and work effectively under pressure. Certifications such as GSEC, GCTI, GREM, CISSP, or OSCP are desirable but not essential. About us UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management, and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors. We have a presence in all major financial centers in more than 50 countries. #J-18808-Ljbffr