Business Information Security Officer

Join Barclays as a Business Information Security Officer, where you’ll support the evolution of our digital landscape, driving innovation and operational excellence. In this role, you will provide cyber information security support to the Current Accounts, Payments and Unsecured Lending (CAPL) Technology Teams, taking responsibility for managing and overseeing CAPLs cyber risk posture.

You will be driving and coordinating major cyber security uplift programs for the business unit, leading first line cyber incident management engagement, including identifying and escalating regulatory reporting requirements and engaging with key stakeholders across the CAPL Technology Teams.

To be successful as a Business Information Security Officer, you should have:

• Knowledge or experience of Security Tooling (e.g. penetration testing, applications security, network security) and industry standards (e.g. NIST and ISO27001) frameworks and methodologies.
• The ability to identify, understand and translate Cyber & Information Security Risk to stakeholders.
• Excellent communication skills, with the ability to engage effectively with stakeholders at all levels of the organisation, up to and including Senior Executives.

Some other highly valued skills include:

• Industry related certification such as CISSP or CISM.
• Degree or Masters related to Cyber or Information security.
• Membership or knowledge of sector industry standard groups.

You may be assessed on key critical skills relevant for success in role, such as risk and controls, communication skills and interaction with a diverse range of stakeholders, as well as job-specific technical skills.

This role is based out of our Knutsford office.

Purpose of the role

To provide a primary liaison service between the business, technology, and security functions. In order to ensure the confidentiality, integrity and availability of information, and support the mitigation of security risk. 

Accountabilities

• Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
• Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
• Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
• Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
• Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
• Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
• Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.

Analyst Expectations

• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Takes responsibility for end results of a team’s operational processing and activities.
• Escalate breaches of policies / procedure appropriately.
• Take responsibility for embedding new policies/ procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex / sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.