U
OCRA Assessor
Salary undisclosed
Apply on
Original
Simplified
OCRA Assessor
United States - New York
Business management, administration and support
Job Reference # 295457BR
City New York
Job Type Full Time
Your role
Are you keen on working in world class Cyber Security Operations Center for one of the best Swiss private banks? Do you have related experience and are willing to take it further by learning how to defend an enterprise against cyber-attacks? Do you have the right attitude and are eager to join a multinational team of Cyber Security professionals?
We are looking for candidates who have experience in the following areas:
conduct Cloud assessments and audits
analyze and evaluate vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices
develop and implement risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats
communicate assessment findings and recommendations to internal stakeholders, including management, legal, and compliance teams and monitor and track vendor compliance with security policies and procedures through ongoing assessment activities
evaluate the security posture of third-party vendors that have access to sensitive information or systems of UBS and conduct risk assessments to identify and evaluate potential security threats posed by third-party vendors and recommend risk mitigation strategies to minimize the organization's exposure to cyber threats
work closely with internal stakeholders to ensure that third-party vendors comply with our cybersecurity policies and procedures
Your team
You'll be working in the CISO/OCRA (Operational Consolidated Risk assessment) team in New York. You'll take a part in supporting colleagues from different areas of the firm, including Risk Taxonomy Owners, Compliance & Operational Risk Controllers and Outsourcing & Supplier Management, in improving the overall risk assessment process and implementing the most effective remediation measures.
Diversity helps us grow, together. That's why we are committed to fostering and advancing diversity, equity, and inclusion. It strengthens our business and brings value to our clients.
Your expertise
Your expertise :
bachelor's degree with professional certification in Cybersecurity, Cloud Security or a related field of study
audit experience/mindset, with risk identification and risk articulation skills with strong analytical and problem-solving skills
ideally 5+ years of experience in third-party risk assessment or cybersecurity assessment
certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Information Systems Security Professional (CISSP) are a plus
experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc...
one of the following professional qualifications obtained: CEH, CISSP, CISA, CISM, CRISC or ITIL.
comfortable taking the lead, but not hesitant to bring in the expertise of colleagues to help our team
available to work in hybrid model at least 3 days from the office
"At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services."
About us
UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors..
We have a presence in all major financial centers in more than 50 countries.
Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we're more than ourselves. Ready to be part of and make an impact?
United States - New York
Business management, administration and support
Job Reference # 295457BR
City New York
Job Type Full Time
Your role
Are you keen on working in world class Cyber Security Operations Center for one of the best Swiss private banks? Do you have related experience and are willing to take it further by learning how to defend an enterprise against cyber-attacks? Do you have the right attitude and are eager to join a multinational team of Cyber Security professionals?
We are looking for candidates who have experience in the following areas:
conduct Cloud assessments and audits
analyze and evaluate vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices
develop and implement risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats
communicate assessment findings and recommendations to internal stakeholders, including management, legal, and compliance teams and monitor and track vendor compliance with security policies and procedures through ongoing assessment activities
evaluate the security posture of third-party vendors that have access to sensitive information or systems of UBS and conduct risk assessments to identify and evaluate potential security threats posed by third-party vendors and recommend risk mitigation strategies to minimize the organization's exposure to cyber threats
work closely with internal stakeholders to ensure that third-party vendors comply with our cybersecurity policies and procedures
Your team
You'll be working in the CISO/OCRA (Operational Consolidated Risk assessment) team in New York. You'll take a part in supporting colleagues from different areas of the firm, including Risk Taxonomy Owners, Compliance & Operational Risk Controllers and Outsourcing & Supplier Management, in improving the overall risk assessment process and implementing the most effective remediation measures.
Diversity helps us grow, together. That's why we are committed to fostering and advancing diversity, equity, and inclusion. It strengthens our business and brings value to our clients.
Your expertise
Your expertise :
bachelor's degree with professional certification in Cybersecurity, Cloud Security or a related field of study
audit experience/mindset, with risk identification and risk articulation skills with strong analytical and problem-solving skills
ideally 5+ years of experience in third-party risk assessment or cybersecurity assessment
certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Information Systems Security Professional (CISSP) are a plus
experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc...
one of the following professional qualifications obtained: CEH, CISSP, CISA, CISM, CRISC or ITIL.
comfortable taking the lead, but not hesitant to bring in the expertise of colleagues to help our team
available to work in hybrid model at least 3 days from the office
"At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services."
About us
UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors..
We have a presence in all major financial centers in more than 50 countries.
Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we're more than ourselves. Ready to be part of and make an impact?
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
