SIEM Detection Analyst

Your role :

Are you deeply motivated by the ever-evolving world of Cyber Security

Eager to take an active role in shaping the global UBS Cyber Defense environment

Do you thrive in a fast-paced environment where your skills make a tangible impact

If yes, then come and join us, as a SIEM Detection Analyst expert to

. design, develop, and refine cyber detections to uncover potential malicious activities and attacks before they impact our organization

. conduct through analysis of detection requirements to develop and implement robust detection aimed at safeguarding our critical infrastructure and assets within the organization

. proactively contribute to the improvement of new content based on observed security activity, ensuring our defenses remain ahead of emerging threats

. collaborate closely with our colleagues from Cyber Monitoring, Threat Response, Red and purple teams, CTI and Security Engineering to fortify the bank's security landscape

. stay on top of emerging threats and industry based best practices to continuously enhance the security posture of the organization

Your team :

As we continue to evolve in the cloud, we are seeking a highly skilled and motivated individual to join our Cyber Detection unit. Be a driving force in shaping and enhancing our cyber defense capabilities alongside a motivated and empowered team committed to perpetual improvement.

Your expertise :

. ideally, you have at least 2 to 5 years of experience in security, threat detection, or consultancy, with a specific focus on cyber detection

. excel in designing, implementing, and optimizing SIEM detection rules, particularly with Microsoft Sentinel and Splunk, tailored to the unique risks and requirements of the financial industry

. can develop and maintain comprehensive documentation, including our Use Case library and standard operation procedures, to facilitate knowledge sharing and enhance team efficiency

. conduct in-depth analysis of security events and alerts generated by our SIEM platform to identify potential gaps or improvements in monitoring capabilities

. work closely with cross-functional teams, including Incident Response, Insider Threat, Threat Intelligence, IT Security, and component owners to improve existing monitoring capabilities

. possess strong analytical, problem-solving, and synthesizing skills, with the ability to analyze large datasets and identify patterns that are not representative of our environment

. stay abreast of the latest cybersecurity trends, emerging threats, and industry best practices to continuously improve our detection capabilities and resilience against cyber-attacks