OCRA assessor

2 months ago

india UBS Full time
Your role
Do you have knack in assessing the risk and threats? We are looking for candidates who have experience in the following areas:
• conduct risk assessments of third-party vendors to identify potential security threats and vulnerabilities
• conduct Cloud assessments audits
• analyse and evaluate vendor security controls, policies, and procedures to ensurepliance with regulatory requirements and industry best practices
• develop and implement risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats
•municate assessment findings and rmendations to internal stakeholders, including senior management, legal, andpliance teams
• monitor and track vendorpliance with security policies and procedures through ongoing assessment activities
Your team
Team is responsible for evaluating the security posture of third-party vendors that have access to sensitive information or systems of UBS. You will conduct risk assessments to identify and evaluate potential security threats posed by third-party vendors and rmend risk mitigation strategies to minimize the organization's exposure to cyber threats. You will also work closely with internal stakeholders to ensure that third-party vendorsply with our cybersecurity policies and procedures.
You'll be working in the CISO/OCRA (Operational Consolidate Risk assessment) team in India. You'll take a part in supporting colleagues from different areas of the firm, including Risk Taxonomy Owners,pliance & Operational Risk Controllers and Outsourcing & Supplier Management, in improving the overall risk assessment process and implementing the most effective remediation measures.
Your expertise
• bachelor's degree with professional certification in Cybersecurity, Cloud Security or a related field of study;
• audit experience/mindset
• 5+ years of experience in third-party risk assessment or cybersecurity assessment
• ability tomunicate effectively with both technical and non-technical stakeholders
• strong analytical and problem-solving skills
• certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Information Systems Security Professional (CISSP) are a plus
• experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc
• one of the following professional qualifications obtained: CEH, CISSP, CISA, CISM, CRISC or ITIL
• good team player with analytical ability to provide practical solutions for minimizing risk
About us
UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from ourpetitors..
We have a presence in all major financial centers in more than 50 countries.
Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.
From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we're more than ourselves. Ready to be part of #teamUBS and make an impact? Job ID 289724BR