Use Case Manager

  • Competitive
  • Singapore
  • Permanent, Full time
  • UBS AG
  • 19 Mar 18


Job Type
Full Time

Your role
Do you know how to make sure things run smoothly? Are you highly motivated and like to work in an ever changing environment? Are you interested in looking after and driving forward the systems that help protect UBS's precious data from increasing Cyber Security Threats? We're looking for someone like that who can work within the Security Monitoring and Analytics Service help us:

Work as part of the Security Monitoring and Analytics Service within Cyber Security Services (CSS) function to. Work with a team of Cybersecurity experts to:

– translate complex security requirements into technical use case specifications and user stories for security engineering to deliver against
– develop content, use cases, data models, dashboards, custom apps, within Splunk ES Platform to to monitor and detect Cybersecurity threats in support of Security Operations and Threat Intelligence teams
– function as a Splunk Search Language (SPL) expert to define and develop alert logic, correlation, anomaly detection, and advanced visualization and triage dashboards
– assess and recommend improvements to cybersecurity technologies across services to include network security, malware protection, and log management
– assess security monitoring feeds, use cases, and analytics capabilities to identify areas for improvement
– work closely with other service lines in Cyber Security Services (e.g., Malware Protection, Network Security) to integrate capabilities into security monitoring
– support reporting of metrics/KPIs across the service and ensure security monitoring coverage monitoring is in line with expectations

About us
Expert advice. Wealth management. Investment banking. Asset management. Retail banking in Switzerland. And all the support functions. That's what we do. And we do it for private and institutional clients as well as corporations around the world.

We are about 60,000 employees in all major financial centers, in more than 50 countries. Do you want to be one of us?

Your team
You'll be working in the Security IT team as part of the Security Monitoring and Analytics Service. Security IT is a global organization delivering changes to the Security IT services Identity and Access Management, Data Protection and Application Security and Cyber Security Services. We help to protect UBS. You will develop content in Splunk ES to support alerting and monitoring requirements by key stakeholders (e.g., Security Operations, Threat Intelligence).

Your experience and skills
You have:
– At least 5 years' experience working in an IT Security monitoring area with a strong logging & monitoring background
– 5+ years of experience with Splunk or other security event management (SIEM) tools
– 3+ years of experience with rule development, correlation, and advanced logic creation in Splunk
– Experience with python (or other) scripting languages to automate tasks and manipulate data
– Understanding of referential or context data to enrich alerting capabilities
– Experience incorporating Data Models, KV Stores, Summary Indexes within Splunk
– Experience working in a large enterprise environment with an understanding of logging, events of interest, and applicability to threat use cases
– Expert Knowledge of regular expressions
– SPL proficiency to perform query optimization for performance gains across Splunk ES platform
– Experience developing custom apps and dashboards in Splunk
– the ability to interpret a set of technical requirements and develop robust solutions (you know what they really want)
– experience defining cyber threat use cases requirements and how they integrate into security operations
– experience working in a security role (e.g., security operations, threat intelligence , vulnerability management)
– excellent analytical skills with ability to analyze complex system requirements and present findings to both internal and external stakeholders
– Experience interfacing with APIs (e.g., Splunk, DomainTools, VirusTotal) and optimizing usage via caching
– Splunk Power User or Architect Certification
– Experience with scripting, preferably Python with experience automating and orchestrating routine tasks

You are:
– passionate about cyber security and its role in enabling secure operation of IT systems and applications
– technically savvy with an appreciation for IT capability and relation to security
– adaptable, able to work across teams and functions
– actively staying abreast of the latest security threats, trends, and methods to detect/protect
– fluency in English

What we offer
Together. That's how we do things. We offer people around the world a supportive, challenging and diverse working environment. We value your passion and commitment, and reward your performance.

Keen to achieve the work-life agility that you desire? We're open to discussing how this could work for you (and us).

Take the next step
Are you truly collaborative? Succeeding at UBS means respecting, understanding and trusting colleagues and clients. Challenging others and being challenged in return. Being passionate about what you do. Driving yourself forward, always wanting to do things the right way. Does that sound like you? Then you have the right stuff to join us. Apply now.
Singapore Singapore Singapore SG