Red Team Lead Operator

Your role

Are you passionate about the offensive side of cyber security and research? Are you curious and self-driven to continuously learn, explore, and try harder, as well as share your knowledge and experience to complement the rest of our team? Are you someone who likes to bridge the gap between the technical aspects of emulating attacker TTPs and how this will strengthen the security posture of your business?
Then we are looking for someone like you to:
• join a growing in-house red teaming and offensive security capability and play a key role in helping to shape our team
• execute all phases of offensive security operations
• effectively translate and communicate Red Team strategy and findings to stakeholders including technical staff, executive leadership, legal counsel, and audit/regulatory bodies
• provide risk appropriate and pragmatic recommendations to correct identified findings, vulnerabilities, and misconfigurations
• develop scripts, tooling, and methodologies to enhance offensive security capabilities, design, build, and execute Red Team processes/strategies to support and evaluate our organization's security posture
• coach, mentor, manage, and advocate for career development of Red Team operators and understand and adhere to regulatory, compliance, and legal requirements that impact business operations

Your team

You will be working in the Cyber Defense Organization within Technology Services, Technology Information Security Office (TS TISO). The TS TISO Vision is to protect, preserve, and prolong the value of UBS data and digital services, and enhance UBS's brand and competitiveness in a digitized world. The Cyber Defense organization within TISO leads the management of all cyber threats and cyber risk across our Firm. To "protect the foundations and secure the future," Cyber Defense serves two mission areas: cyber threat management and defense (understanding, detecting, and responding to threats), and cyber risk management and governance (setting priorities and preventing threats).

Operational Security Testing is a global team with a presence in Switzerland, Poland, and the USA. Our team works across TS TISO and other security control areas to conduct red teaming, purple teaming, and other forms of offensive security testing to identify and help remediate gaps across all aspects of the Cyber Security protect, detect and response capabilities of our Firm.

Diversity helps us grow, together. That's why we are committed to fostering and advancing diversity, equity, and inclusion. It strengthens our business and brings value to our clients.

Your expertise

• ideally 3 years or more of management experience building and leading a team responsible for the organizations threat emulation and/or Red Team capabilities
• ideally five years or more of experience in a Cyber Security role combining experience in technical hands-on security assessments, risk assessments and project leadership in a large organization
• experience and proficiency in the day-to-day operations of a Red Team with knowledge of offensive security tools, such as Metasploit, Cobalt Strike, PowerShell Empire, Nessus, Burp, Kali Linux, etc.
• experience in setting up infrastructure for red teaming operations and techniques utilized in reconnaissance, exploitation, persistence, lateral movement, command & control, etc.
• knowledge and understanding of techniques evading detection across the defensive technology stack such as: networking, firewalls, IDS/IPS, EDR, Web Proxies, DLP, etc.
• experience in exploit writing, evaluation of proof-of-concept exploit code, malware packing, payload encoding, obfuscation and delivery techniques, is a plus
• experience in automation, ability to experiment and tweak newly developed open-source tools written in scripting languages (Bash, Perl, Python, Ruby, etc.), or other (C#, Java, C/C++), is a plus
• offensive Security certifications (such as OSCP, OSCE, OSEE), SANS certifications (such as GXPN, GPEN, GWAPT, GREM), or other training in red teaming operations are a plus.
• offensive security experience in one of the following: wireless networks, hardware, mobile security, physical security, social engineering, intelligence gathering and analysis, is a plus

"At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services."

*LI-UBS
*UBS-MOGUL

About us

UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors..

We have a presence in all major financial centers in more than 50 countries.

Join us

At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.

From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we're more than ourselves. Ready to be part of #teamUBS and make an impact?