Poland

Information Technology (IT)

Group Functions

Your role

You will be responsible for evaluating the security posture of third-party vendors that have access to sensitive information or systems of UBS. You will conduct risk assessments to identify and evaluate potential security threats posed by third-party vendors and recommend risk mitigation strategies to minimize the organization's exposure to cyber threats. You will also work closely with internal stakeholders to ensure that third-party vendors comply with our cybersecurity policies and procedures.

We are looking for candidates who have experience in the following areas:
• conduct risk assessments of third-party vendors to identify potential security threats and vulnerabilities;
• conduct Cloud assessments;
• conduct audits;
• analyse and evaluate vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices;
• develop and implement risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats;
• communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams;
• monitor and track vendor compliance with security policies and procedures through ongoing assessment activities.

Job Reference #

328120BR

City

Kraków, Wroclaw

Job Type

Full Time

Your team

You’ll be working in the CISO/OCRA (Operational Consolidate Risk assessment) team. You'll take a part in supporting colleagues from different areas of the firm, including Risk Taxonomy Owners, Compliance & Operational Risk Controllers and Outsourcing & Supplier Management, in improving the overall risk assessment process and implementing the most effective remediation measures.

Additional assets:
• experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc.;
• one of the following professional qualifications obtained: CEH, CISSP, CISA, CISM, CRISC or ITIL.

Your expertise

You have:
• Bachelor's degree with professional certification in Cybersecurity, Cloud Security or a related field of study;
• audit experience/mindset;
• 5+ years of experience in third-party risk assessment or cybersecurity assessment;
• ability to communicate effectively with both technical and non-technical stakeholders;
• strong analytical and problem-solving skills;
• certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Information Systems Security Professional (CISSP) are a plus.

You are:
• a strong communicator, with good spoken and written English;
• good team player with analytical ability to provide practical solutions for minimizing risk;
• well organized, detail oriented, with the ability to collect data, coordinate tasks and lead projects;
• comfortable taking the lead, but not hesitant to bring in the expertise of colleagues to help the team;
• having risk identification and risk articulation skills;
• able to build and maintain strong relations with stakeholders;
• able to show initiative, make logical decisions and stay goal oriented at unclear times;
• available to work in hybrid model at least 3 days from the office.

About us

UBS is a leading and truly global wealth manager and the leading universal bank in Switzerland. We also provide diversified asset management solutions and focused investment banking capabilities. Headquartered in Zurich, Switzerland, UBS is present in more than 50 markets around the globe.
We know that great work is never done alone. That’s why we place collaboration at the heart of everything we do. Because together, we’re more than ourselves. Want to find out more? Visit ubs.com/careers.

How we hire

We may request you to complete one or more assessments during the application process. Learn more

Join us

At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We’re dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. And we use artificial intelligence (AI) to work smarter and more efficiently. We also recognize that great work is never done alone. That’s why collaboration is at the heart of everything we do. Because together, we’re more than ourselves.
We’re committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.

Contact Details

UBS Business Solutions SA
UBS Recruiting

Disclaimer / Policy statements

UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.

Report misconduct: If you are made aware of any of our employees or individuals acting on behalf of UBS engaging in acts of misconduct under the Poland Whistleblowing Act, you may report your concerns through Poland-Whistleblowing@ubs.com