Your role:
Have you performed proactive threat hunting? Do you have a knack for preventing cyber-attacks before they start?
We’re looking for a DFIR (Digital Forensics/Incident Response Specialist) to:
• analyze malware samples to understands its behavior, assess threat actor motivations, and extract indicators of compromise (IOCs)
• act upon threat intelligence provided by Cyber Threat Intelligence function
• respond to Information Security related queries
• perform cyber threat hunting for the detection of advanced threats
• mentor and train junior analysts to enhance the overall technical skillset of the SOC, establish analytic discipline and critical thinking, and promote greater curiosity – thinking \"outside the box\"
• expand, tune, and enhance rulesets – SIEM, IDS, etc. – to identify security incidents and reduce false positives
• investigate IOCs provided by Cyber Threat Intelligence or the Cyber Hunter function
• handling incidents – encompassing multiple functions: detection and identification, incident triage, network and host-based forensic analysis, root-cause analysis, containment, system hardening, etc.
Security Incident Responder - SOC L3 Specialist
City:
Zürich
Job Type:
Full Time
Country / State:
Switzerland - Zürich
Function Category:
Information Technology (IT)
Join us:
Are you truly collaborative? Succeeding at UBS means respecting, understanding and trusting colleagues and clients. Challenging others and being challenged in return. Being passionate about what you do. Driving yourself forward, always wanting to do things the right way. Does that sound like you? Then you have the right stuff to join us. Apply now.
Contact Details:
UBS HR Recruiting Switzerland
Disclaimer / Policy Statements:
UBS is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
Your team:
You’ll be working in the security operations center team in Zurich. The security operations center is a global team with people in Singapore, Hyderabad, Weehawken and New Jersey. We are involved in different type of information security incidents (phishing, malware, denial of service, inappropriate usage and unauthorized access). We are a young and empowered team who always drives for continuous improvement.
Your expertise:
• performed proactive hunting; have detected anomalous and potentially malicious activity in log data
• proficiency in log parsing and data analysis (REGEX is a must)
• exposure to x86 assembly language, disassemblers, and debuggers plus static and dynamic malware analysis
• demonstrable proficiency in code de-obfuscation and anti-forensic techniques
• hands-on experience with Volatility or similar malware analysis/forensic tools
• hands-on experience with content development and use-case management
• fluency in at least one compiled language (C, C++, etc.) and one scripting language (Python, Perl, etc.)
About us:
Expert advice. Wealth management. Investment banking. Asset management. Retail banking in Switzerland. And all the support functions. That's what we do. And we do it for private and institutional clients as well as corporations around the world.
We are about 60,000 employees in all major financial centers, in more than 50 countries. Do you want to be one of us?
Your colleagues:
Job Reference #: 176981BR
Business Divisions: Corporate Center
Title: