Beschreibung
• conducting risk assessments of third-party vendors to identify potential security threats and vulnerabilities;
• conducting Cloud assessments
• conducting audits;
• analysing and evaluating vendor security controls, policies, and procedures to ensure compliance with regulatory requirements and industry best practices;
• developing and implementing risk mitigation strategies to address identified vulnerabilities and reduce the organization's exposure to cyber threats;
• communicating assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams;
• monitoring and tracking vendor compliance with security policies and procedures through ongoing assessment activities;
Minimum requirements for Supplier staff to support UBS on this project:
• Bachelor's degree with professional certification in Cybersecurity, Cloud Security or a related field of study;
• audit experience/mindset;
• 5+ years of experience in Third Party risk assessment or cybersecurity assessment;
• ability to communicate effectively with both technical and non-technical stakeholders;
• strong analytical and problem-solving skills;
• certifications such as Certified Third-Party Risk Professional (CTPRP) or Certified Information Systems Security Professional (CISSP) are a plus.
Additional assets:
• experience with industry recognized standards for IT security controls and best practices like NIST, ISO27001, PCI DSS, COBIT, SOC 2 etc.
• one of the following professional qualifications obtained: CEH, CISSP, CISA, CISM, CRISC or ITIL.