You will be overseeing technology activities in Group Technology and the wider UBS organization with the following goals / activities :
Oversee and challenge implementation of the bank’s Operational Risk Framework processes in the divisions and CC functions
Closely liaise with relevant peers in C&ORC in order to ensure that technology related activities are understood, owned, managed and properly reflected in Risk Appetite Statements and business-
owned Risk and Control Self Assessments.
Analyze and review IT control deficiencies, risks and issues and provide independent assurance by conducting thematic reviews or providing ad-hoc risk assessments
Interface and partner with 1LoD (especially Technology Risk Management and Divisional Information Security Officers) to ensure risks are managed to the firm's risk appetite articulated by Taxonomies 7 and 10 and the Risk Appetite Statements.
Oversee and challenge operational risks introduced by change initiatives, especially by actively providing subject matter expertise to the New Business Control process
Continuously improve awareness about global risk and security management frameworks, policies and processes with C&ORC, Group Technology and the wider UBS organization
Support IT and the business in providing challenge on ORI writing quality and reviewing evidence packs of significant ORIs or Audit Issues prior to closure.
Follow up and promptly report on material issues and escalations, as required
The mandate of CCRC Technology Risk is to ensure that all compliance, conduct and operational risks related to the introduction and management of information technology used across the firm are understood, owned and managed to the firm’s risk appetite.
The information technology may be owned by the central UBS Technology organization, the Business Divisions or Corporate Center functions.
You will be part of CCRC Tech Risk control which is part of the second line of defense (2LoD) and has two main areas of coverage :
1. Functional oversight of UBS Technology and C&ORC CISO with named controllers responsible for face-off and challenge
2. Taxonomy 10 and 7 controller ownership, including independent review of firmwide risks in the taxonomy and challenge of risk appetite statements
Your experience and skills
You are :
Strong communication and relationship management skills
Strong analytical and problem solving skills
Team player and ability to work independently and proactively
Respected, influential, with very high integrity, able to work under pressure and tight deadlines, able to defend positions
You have :
Experience in Information security and / or risk management or audit, preferably in finance sector
Take ownership of tasks and assignments end-to-end
Fast understanding and ability to analyze and prioritize according to management and business requirements
Certification in the Information security, risk management and / or project management is a plus
Fluent in English both written and spoken. Additional languages, esp German preferred
Flexibility, self-motivation to learn and ability to effectively contribute and meet goals within agreed deadlines
Data analytics skills and statistical knowledge of advantage
Verbal communication, writing and presentation skills
Strong technical background, with an ability to put technologies and data related risks into a business perspective
Expert advice. Wealth management. Investment banking. Asset management. Retail banking in Switzerland. And all the support functions.
That's what we do. And we do it for private and institutional clients as well as corporations around the world.
We are about 60,000 employees in all major financial centers, in more than 50 countries. Do you want to be one of us?
What we offer
Together. That’s how we do things. We offer people around the world a supportive, challenging and diverse working environment.
We value your passion and commitment, and reward your performance.
Keen to achieve the work-life agility that you desire? We're open to discussing how this could work for you (and us).