Business Information Security Officer

About The Position

Requirements

• Broad domain expertise across network security (cloud, IAM, data protection, 3rd party and vendor risk, application security, incident response, etc.)
• Working knowledge of NIST Cyber Security and/or PCI DSS frameworks
• Experienced in governance and oversight, including committees, KRIs/KCIs (Key indicators), risk acceptances and control issues - translating Group Cyber GRC requirements into BU implementation and adoption
• Risk and controls background within the consumer banking domain

Nice To Haves

• Working knowledge of Cards and Payments industry
• Prior experience performing cyber due diligence to support Mergers and Acquisitions and Business partnerships
• Proven stakeholder management experience across Technology, business, and control partners – building business partnerships and creating strategic influence

Responsibilities

• Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
• Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
• Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
• Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
• Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
• Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
• Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.
• Contribute or set strategy, drive requirements and make recommendations for change.
• Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and escalate breaches of policies/procedures.
• Define jobs and responsibilities, planning for the department’s future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes.
• Lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements.
• Demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard.
• Be a subject matter expert within own discipline and will guide technical direction.
• Lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments.
• Train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions.
• Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment.
• Manage and mitigate risks through assessment, in support of the control and governance agenda.
• Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does.
• Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business.
• Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies.
• Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives.
• Adopt and include the outcomes of extensive research in problem solving processes.
• Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes.
• Demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right.
• Demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.