Security Incident Response Handler

Purpose of the role

To develop, implement, and maintain an effective resilience strategy and Operational Recovery Planning and Incident Management framework aligned to industry leading standards and controls and regulatory expectations, to enable the bank to respond and recover important business services to severe but plausible scenarios, and minimise the impact to customers, clients, colleagues and the wider market.

Accountabilities

• Socialisation and implementation of the resilience strategy and underpinning framework across the firm (e.g. SMRs and delegates, business / function resilience role owners and all colleagues), ensuring complaince to the standard and controls.
• Development and enhancement of the resilience, crisis and incident management framework to uplift recovery and response capabilities to ensure Important Business Services can continue to operate during disruption events to minimise the impact on customers, clients and the market.
• Operational Recovery Planning and Security Incident Management planning standards and controls enhancement according to industry practice, emerging threats and regulatory requirements.
• Provide oversight to the business and technology recovery capability improvements, and uplifts to third-party (suppliers and Financial Market Infrastructure) recovery capabilities to enable Important Business Services to remain within or mitigate impact tolerance thresholds.
• Communication of the firm’s / business’ resilience position (risks and remediation) through clear and transparent scorecards / dashboards to enable effective investment decisions to the Board and Executive Committees, Control Forums and business stakeholders.
• Enhancement of resilience, crisis management and incident response and recovery capability through sophisticated, regular and adequate testing coverage to demonstrate Important Business Services’ ability to recover within impact tolerance for a severe but plausible scenario.
• Assurance that services and products are built resiliently by the business through the change management process (NAPAs, DRAs, material change process).
• Continually remain abreast of resilience and crisis and incident management developments, regulatory policy requirements and the emerging landscape.
• Mitigation of the impact of unexpected incidents by identifying , responding to and enabling the resolution of events that threaten the services, operations, infrastructure, colleagues and clients of the bank.
• Execution of responses to reported incidents and potential threats from various channels including intelligence, email, phone and monitoring systems prioritised by the assessed or actual impact to the bank.
• Documentation and analysis of past prioritised incident details, the steps to resolution and the lessons learnt to support the identification and implementation of preventative measures and process improvements.

Assistant Vice President Expectations

• Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues.
• Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda.
• Take ownership for managing risk and strengthening controls in relation to the work done.
• Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy.
• Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc).to solve problems creatively and effectively.
• Communicate complex information. 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience.
• Influence or convince stakeholders to achieve outcomes.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Join us as a " Security Incident Response Handler " at Barclays, where you'll spearhead the evolution of our digital landscape, driving innovation and excellence. You'll harness cutting-edge technology to revolutionise our digital offerings, ensuring unapparelled customer experiences.

You may be assessed on the key critical skills relevant for success in role, such as risk and control, change and transformations, business acumen, strategic thinking, and digital technology and as well as job-specific skillsets.

To be successful as a " Security Incident Response Handler ", you should have experience with:

Basic/ Essential Qualifications:

• Strong SOC analyst skills and working experience in managing critical incident triaging and escalation.  

• Situational Awareness & Stakeholder Management skills  (Required to engage senior leadership during incidents and briefing executive management on Major incidents in business language articulating high level risk and control gaps effectively).

• Experience in working in a matrix reporting structure and leading discussions and initiatives.

• Confident, with the ability to remain calm, controlled and focused during high pressured situations

• Knowledge of incident management tools such as; ServiceNow, X-Matters, Everbridge

• A working knowledge of how a layered defence and intelligence driven defence works

• A working knowledge of Risk Management and the part that controls play in a security posture of an organisation

• Ability to build relationships with stakeholders at all levels to help effectively drive incident outcomes and communication.

• Excellent English verbal and written communication (must have)

• Certified Security Incident Handler Certification (ex. ECIH or GCIH)

Desirable skillsets/ good to have:

• Confident, with the ability to remain calm, controlled, and focused while under pressure

• Ability to identify operational risks and issues in a fast time environment, and take proportionate and appropriate actions

• Previous experience working in a large multinational organisation with colleagues and stakeholders based in multiple / remote locations

• Previous experience in a Security Control Room environment

• ITIL Expert / Intermediate  

• Other Cyber security certifications like CISSP/CISA/CISM etc

This role will be based out of Pune.