Job Description

Business Divisions

Group Functions

Your role

Are you passionate about security technologies? You find no rest until you understand the security implications of software and hardware? Do you like to be challenged and encouraged to learn and grow professionally?

We are looking for a senior SIEM Engineer to join our team and help us to:

- analyse, design, engineer, deploy and maintain global Attack Monitoring Analytics & Tools systems within UBS using SIEM solutions such as Splunk ES and Azure Sentinel
- understand logging formats and develop data normalizations to feed into SIEM
- develop new SIEM content using expert knowledge of SPL and Kusto queries
- maintain, enhance and optimize existing queries so that detection logic is still relevant and efficient
- work closely with Project Managers, Technical Architects, 2nd level support, and IT Business Analysts
- provide consultancy to the project team with regards to technical questions
- maintain documentation relevant to operations (operational manual, installation guide, etc.)
- maintain & improve existing deployment and build mechanisms and automate

Function Category

Information Technology (IT)

Join us

At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs.

From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it\'s our people, with their unique backgrounds, skills, experience levels and interests, who drive our ongoing success. Together we\'re more than ourselves. Ready to be part of #teamUBS and make an impact?

Your team

Security is a global organization within Group Technology Infrastructure and Security Engineering. Our services focus on access management for applications and infrastructure, identity management for users, directories, detecting/preventing measures for cyber threats, and exchanging/storing data securely. We provide consolidated and reliable security services that implement secure design principles, and create best-fit solutions.

You will be working the Attack Monitoring, Analytics & Tooling team based in Israel. Our role is to develop and support security systems to monitor and analyze machine data.

Our team is global, diverse, and collaborative as we work across organizations to keep our technology, applications and the businesses they support secure.

Your expertise

- Experience with a SIEM system preferably Splunk Enterprise Security and/or Azure Sentinel
- BASH scripting and Python programming skills (or equivalent programming experience)
- Knowledge and experience of CI/CD deployment pipelines or configuration management (e.g. Ansible, Chef, Gitlab, Nexus, Jenkins, etc)
- Technical IT security experience in networking, logging, threat hunting, etc.
- Technical communication and documentation skills
- Experience working in a large complex organization.
- Skills to design, plan and deliver solutions in a large-scale enterprise environment
- Curious, collaborative and constantly interested in learning new things
- Fluent in English and eager to work in an English Speaking Global Team

About us

UBS is the world\'s largest and only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors.

With more than 70,000 employees, we have a presence in all major financial centers in more than 50 countries. Do you want to be one of us?

How we hire

This role requires an assessment on application. Learn more about how we hire: www.ubs.com/global/en/careers/experienced-professionals.html

UBS