VM Cloud Security Posture Management Lead

Purpose of the role

To keep our customers, clients, and colleagues safe by identifying cyber-vulnerabilities across the Bank, using a risk-based approach to prioritise them, and to drive effective remediation activity. 

Accountabilities

• Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host.
• Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment.
• Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affect business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices.
• Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales.
• Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications.
• Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators.

Vice President Expectations

• Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment.
• Manage and mitigate risks through assessment, in support of the control and governance agenda.
• Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does.
• Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business.
• Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies.
• Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions.
• Adopt and include the outcomes of extensive research in problem solving processes.
• Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Join Barclays as a VM Cloud Security Posture Management Lead, where you'll spearhead the evolution of our digital landscape, driving innovation and excellence. As a key member of our Vulnerability Management Team, you will play a crucial role in addressing cyber vulnerabilities across the bank and ensuring effective remediation to strengthen our security posture and protect our assets.

To be successful as a VM Cloud Security Posture Management Lead, you will need the following:

• Experience of cloud computing.
• Experience of risk-rating cyber-vulnerabilities and security misconfigurations.
• An ability to devise and implement technical solutions to enhance VM in the cloud environment.

Some other highly valued skills may include:

• Track record of vulnerability management within a financial institution.
• Ability to advise on holistic implications of security risks in the cloud environment.
• Ability to troubleshoot technical problems with toolsets/datasets.

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job-specific technical skills.

The successful candidate will be based in Knutsford.