Cyber Security Specialist – Red Team Engagement Manager

UBS

View: 127

Update day: 10-04-2024

Location: Zürich Zürich ZH

Category: Arts / Design

Industry:

Job type: 100%, CDI, Temps de travail : 90-100%

Loading ...

Job content

Critères de l’offre

Description du poste

Have you successfully managed and coordinated a cyber security red team testing service?
Do you understand how red team exercises work?
Are you familiar enough with the tech details to be fluent when meeting with Stakeholders?

As a red team engagement manager, you will serve as a project manager for UBS’s red team engagements. Your responsibilities includes scoping prospective engagements, managing team metrics, establishing quarterly goals for team growth, conducting performance reviews and 1:1 meetings, scheduling resources for projects, managing multiple projects from kick-off to completion, and delivering executive out-briefs. Engagement Managers are vital to the project lifecycle and must be able to deliver successful projects with little to no oversight.

The role will be in Switzerland, reporting into the global Cyber and Information Security (CIS) Offensive Security Team, part of the firm’s 1,000+ CIS Organization.

Duties & Responsibilities include:
  • To enable strong client and partner engagement, you will be responsible for:
  • Coordination and liaison with Business Divisions and CIS teams
  • designing, developing and implementing new strategies and techniques aimed at detecting potential malicious activities and attacks, before they cause a negative impact
  • creating a centralized interface for requestors
  • Maintaining a client centric portal to facilitate seamless testing experience
  • Managing the demand and testing calendar management
  • Ensure regular communication with Stakeholders to ensure buy-in on future testing
  • Coordination of Executive Out Brief post testing
  • To enable strong Service Control & Governance, you will be responsible for:
  • Enabling standardized reporting and quality assurance to ensure an effective testing service
  • Standardized reporting, information dissemination and representation in governance committees
  • KPC design and assessment
  • Budgeting and staffing
Description du profil

  • at least 2 to 5 or more years of experience in information security, SOC, threat detection or in a comparable environment, with a focus in the security field
  • should be heavily constructed around engagement/stakeholder management with a variety of stakeholders
  • experience with deployment of custom cyber security solutions including hands-on work (scripting and coding in Python)
  • being at ease with security toolset (especially EDR, SIEM, SOAR would be a plus)
  • good understanding of threat actors, threat frameworks, tactics, techniques and procedures used by cyber adversaries
  • strong analytical, problem-solving and synthesizing skills when dealing with complex issues and the ability to take personal ownership and drive remediation
  • security certification seen as a plus (SANS GIAC, CompTIA, OSCP)
  • additionally a very technical background would be beneficial
Qualifications
  • Minimum five (5) years of experience leading or managing technical teams
  • 5-8 years experience in at least three (3) of the following:
o Network penetration testing and manipulation of network infrastructure
o Mobile and/or web application assessments
o Email, phone, or physical social-engineering assessments
o Shell scripting or automation of simple tasks using Perl, Python, or Ruby
o Developing, extending, or modifying exploits, shellcode or exploit tools
o Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
o Reverse engineering malware, data obfuscators, or ciphers
o Source code review for control flow and security flaws
  • Strong knowledge of tools used for wireless, web application, and network security testing
  • Thorough understanding of network protocols, data on the wire, and covert channels
  • Mastery of Unix/Linux/Mac/Windows operating systems, including bash and Powershell
  • Polished presentation skills, to include capabilities at technical, executive, and board levels
Additional Qualifications:
  • Ability to manage multiple projects and manage tight deadlines
  • Ability to successfully interface with clients (internal and external)
  • Ability to document and explain technical details in a concise, understandable manner
  • Ability to manage and balance own time among multiple tasks, and lead junior staff when required
Loading ...
Loading ...

Deadline: 25-05-2024

Click to apply for free candidate

Apply

Report job
Loading ...
Loading ...

SIMILAR JOBS

Loading ...
Loading ...