Are you a self-driven, highly skilled and experienced Cybersecurity professional with deep expertise in user and Entity Behavior Analytics (UEBA), insider threat detection, and advanced log analytics? Can you successfully become the lead content SME for a global UEBA platform, playing a key role in developing sophisticated detection rules and behavioral models that protect against insider threats and anomalous activity? Are you team oriented to serve as the critical operational bridge between the monitoring analyst team and the platform engineering/support teams, ensuring the delivery of scalable and high-fidelity detection capabilities across the enterprise? Will your experience enable you to quickly become the detection model technical SME of a leading User Activity Monitoring (UAM) platform? If yes, come join our team!

We are seeking a highly skilled and self-driven technical Cybersecurity professional with deep expertise in user and Entity Behavior Analytics (UEBA), insider threat detection, and advanced log analytics to:

•lead content SME for a global UEBA platform
•develop sophisticated detection rules and behavioral models that protect against insider threats and anomalous activity
•serve as the critical operational bridge between the monitoring analyst team and the platform engineering/support teams
•ensure the delivery of scalable and high-fidelity detection capabilities across the enterprise, reporting directly to the head of Insider Threat

Job Reference #

321718BR

City

Nashville

Job Type

Full Time

Your team

You will be working in the Cyber Defense, Insider Threat team within the larger Technology Information Security Office (TISO). The TISO vision is to protect, preserve, and prolong the value of UBS data and digital services, and enhance UBS’s brand and competitiveness in a digitized world. The TISO mission is to lead the management of all cyber threats and cyber risk across our Firm. To “protect the foundations and secure the future,” We are a global team with presence in Switzerland, UK, USA and Singapore, focusing on pro-active defense and strong insider threat management capabilities. Your role will be in our Nashville, TN office.

Your expertise

•ideally, 4+ years combined hands on experience with a focus on detection engineering, threat hunting, behavioral analytics or past job roles as a technical incident responder
•direct hands-on technical expertise in understanding security event log structures and event attributes/key value pairs to create complex insider activity detection rules in a SIEM or User Activity Monitoring platform
•experience utilizing multiple relational query languages; SQL, SPL, KQL and other Natural language query syntax to develop, test, verify and deploy detection rules
•utilize advanced analytical skills and threat monitoring tradecraft knowledge to assist in designing, creating, building, testing and implementing insider threat use-cases utilizing various security event data sources
•advanced understanding of insider threat best practices, operations and current threat landscape and using these skills to effectively monitor, triage and investigate insider threats across a complex and diverse global enterprise
•advanced problem solving and analytical skills with the ability to collect and analyze disparate threat indicators and develop correlations to enhance ongoing detection alerts and capabilities
•able to perform hands on analysis and triage of potential insider threats
•strong experience in utilizing a query language to write complex event search correlations supporting detection analytics involving security event data to triage, investigate and respond to potential threats

“At UBS, we appreciate our Veterans and are committed to providing opportunities in Financial Services.”

*LI-UBS
*UBS-MOGUL

About us

UBS is the world’s largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.

We have a presence in all major financial centers in more than 50 countries.

How we hire

We may request you to complete one or more assessments during the application process. Learn more

Join us

At UBS, we know that it's our people, with their diverse skills, experiences and backgrounds, who drive our ongoing success. We’re dedicated to our craft and passionate about putting our people first, with new challenges, a supportive team, opportunities to grow and flexible working options when possible. Our inclusive culture brings out the best in our employees, wherever they are on their career journey. We also recognize that great work is never done alone. That’s why collaboration is at the heart of everything we do. Because together, we’re more than ourselves.

We’re committed to disability inclusion and if you need reasonable accommodation/adjustments throughout our recruitment process, you can always contact us.

Contact Details

UBS Business Solutions SA
UBS Recruiting

Disclaimer / Policy statements

UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.