Risk Management Co-ordinator recruitment
UBS is a leading global financial services firm. Our Investment Bank is one of the world’s top global investment banking and securities firms, providing a full spectrum of products to institutional and corporate clients, intermediaries, government and hedge funds worldwide.
The Group Information Security function coordinates the firm's ongoing and comprehensive efforts regarding information and data protection, and ensures that any gaps are systematically addressed. This touches all of the firm's operations and infrastructure, as well as practices and policies, and requires close work with business management, operations and functional specialists across the firm.
Divisional Information Security Officers (DISO) are appointed by the Group Information Security Officer (GISO) to act on behalf of their respective Business Division, covering the following Information Security Domains:
• Information Security management - The process by which the value of information assets is assessed and appropriately protected.
• Information Assurance - Managing threats related to the use, processing, storage and transmission of information.
• Approvals - Decisions related to information use.
• Compliance - Make sure we adhere to legal and regulatory requirements (being in accordance with rules).
• Audit points - Provide support to work around audit points related to Information Security.
• Access control supervision - Ensure that controls defined by the Business Security Contacts (BSC) are consistent and leveraged with state of the art implementation.
• Privacy - Collaborate with Privacy Officer.
• Security Awareness - Promote a security culture and support UBS Group initiatives.
• Request handling - Handle specific business request from an Information Security perspective.
The Risk Management Co-ordinator will report to and support the initiatives of the DISO for the Investment Bank (IB). The Risk Management Coordinator will be aligned to business stream(s) and act as first point of contact for the aligned business stream(s), Business Operational Risk Manager (ORM), IT Operational Risk Manager, Information Owner Custodians (IOC) and Business Security Contacts (BSC).
The individual will have responsibility for building a relationship with specific business stream(s); assisting the business stream(s) ORM with stream specific security issues; promoting the use of Security Technology services and tools (Access Rights Certification (ARP), Access Request Portal (ARP), Segregation of Duties (SOD), Rule Review Approval Tool (RRAT), Access IT, WebSSO); improving their knowledge of business stream processes, building network of contacts and ensuring that the business stream applications are security compliant.
In some cases the Risk Management Coordinator will work directly under the management of the business stream ORM or act as an ORM from an access controls point of view.
Activities in this role include Communication and Business Analysis, Audit, Support
Required skills include the following:
• Strong verbal and written communication interpersonal skills in order to act as a first point of contact to and explain solutions to users with different levels of knowledge.
• Strong understanding of information security principles, including ISO 27001 and how these should be applied as part of an IT risk management lifecycle process.
• Strong risk management skills in order to be able to act and deputise for business stream ORM from access controls point of view.
• Strong business analysis skills to enable capture analysis of business requirements.
• Strong analytical and problem solving skills with attention to detail.
• Good understanding of access control, single sign-on, authentication, authorization, provisioning, approvals workflow and role-based access control.
• Good overall understanding of IT activities such as software development, production support, deployment and release processes, testing, and how they are managed in a large organisation.
• Understanding of web-based applications, client-server architectures, multi-tier applications, operating systems, networking, web services and databases.
• Advanced Excel Access
Desired skills include:
• Familiar with financial industry and audit requirements with respect to access controls and identity management.
We can offer you an exciting, fast-paced working environment, a culture of mutual respect and teamwork and the opportunity to play a vital role in our growth.
If you would like to work for a global organization where individual contribution counts and where your ambitions and abilities can make a difference, please apply for this position. It starts with you.
UBS is an equal opportunity employer. We respect and seek to empower each individual and the diverse cultures, perspectives, skills and experiences within our workforce.