Insider Threat Analyst

Singapore
- Information Technology (IT)
- Group Functions

**Job Reference #**
- 267238BR

**City**
- Singapore

**Job Type**
- Full Time

**Your role**
- Are you a cybersecurity professional with hands on experience identifying Insider threats? Do you routinely work closely with business, legal, compliance, and technology stakeholders to investigate incidents, improve processes through technology, policy, and employee education? Do you have knowledge of insider threat frameworks and best practices? Do you have hands on experience with User/Entity behavior analysis tool implementation or operationalization? Are you self-driven, motivated and have experience working on a global security team?
- We are looking for an Insider Threat Analyst to:
- utilize investigation techniques to deter, detect, and mitigate Insider Threat activity in collaboration with business, HR, line manager, and other key stakeholders
- monitor, analyze, and interpret system logs for events and incidents reflective of unauthorized access or operational irregularities and escalates for action as appropriate
- develop response strategies and technical support documents, summaries, reports, presentations and other designated work products that help support the Insider Threat program
- assist in the Identification, implementation, and management of associated technologies, services and solutions needed for the insider threat program to operate
- operate effectively on a global team with limited oversight supporting “follow the sun” operational model

**Your team**
- You will be working as a team member of a critical Insider Threat Risk Management and monitoring team that operates globally. We are global team with the presence in Switzerland, USA, UK and Singapore. Operating under the Cyber Defense and Strategy (CD&S) organization of the office of the CISO, the Insider Threat function is the premier team responsible for collaborating across multiple enterprise teams, business partners/functions and lines of business to monitor for, and protect the bank against insider threats. The Insider Threat team function is an integral part of a broader Security Operations Center (SOC) Fusion team responsible for the detection, monitoring, investigation and response to cyber threats across the enterprise to protect, preserve, and prolong the value of the UBS data and digital services, and enhance UBS’s brand and competitiveness in a digitized world.

**Your expertise**
- bachelor’s degree graduate and certified CISSP, CISSP-ISSMP, CISM, CISA, GCIA, GCFA or equivalent 5+ years’ work experience in, or leading cyber threat monitoring operations teams (in lieu of degree)
- 5 years+ hands on experience with Insider Threat & Information Security, with past job roles in operationally monitoring and responding to cyber threat events
- 3+ years leading a team of cyber threat monitoring analysts or recognized as an independent, senior level InT technical and operational SME, advising on independent projects, serving as an InT operations senior trainer and serve as both a technical and investigative escalation point supporting InT operational monitoring and response
- advanced, SME level understanding of insider threat best practices, operations and current threat landscape and using these skills to effectively monitoring, triage and investigate insider threats across a complex and diverse global enterprise
- experience creating or implementing information security requirements, policies, and regulations in support of security control audit compliance while performing hands on analysis and triage of potential Insider Threats and maintain strong relationships with stakeholders across the firm
- utilize advanced and leading analytical skills and insider tradecraft knowledge to assist in designing, creating, building, testing and implementing Insider Threat use-cases utilizing various security event data sources
- exposure to and understanding of query languages in directing detection and alerting analytics and correlations involving security event data to triage, investigate and respond to insider threat events

**About us**
- UBS is the world’s largest and only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.
- With more than 70,000 employees, we have a presence in all major financial centers in more than 50 countries. Do you want to be one of us?

**How we hire**

**Join us**
- At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
- From gaining new experiences in different roles to acquirin