BUK CISO - Security Analyst

Purpose of the role

To provide a primary liaison service between the business, technology, and security functions. In order to ensure the confidentiality, integrity and availability of information, and support the mitigation of security risk. 

Accountabilities

• Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
• Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
• Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
• Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
• Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
• Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
• Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.

Analyst Expectations

• To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.
• Requires in-depth technical knowledge and experience in their assigned area of expertise
• Thorough understanding of the underlying principles and concepts within the area of expertise
• They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources.
• If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.
• OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate.
• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Takes responsibility for end results of a team’s operational processing and activities.
• Escalate breaches of policies / procedure appropriately.
• Take responsibility for embedding new policies/ procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex / sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Join us as a Security Analyst at Barclays where you'll spearhead the evolution of our digital landscape, driving innovation and excellence. You'll harness cutting-edge technology to revolutionise our digital offerings, ensuring unapparelled customer experiences.

BUK CISO are looking for a motivated, technically minded individual to join our BUK Cyber Assurance Team within BUK CISO. This role will support holistically across the following cyber domain scope:

• Penetration Testing: supporting with the day-to-day Penetration Testing for BUK Applications. Requires the coordination of 3rd party Pen Test vendors and Barclays Application teams to scope and deliver successful testing of each in scope IT Application.  
• Application Security: support engagements with BUK Application Teams to ensure all in scope services are onboarded to the Application Security Toolsets and subsequent findings are communicated and remediated in line with the relevant Application Security Standard.
• Infrastructure Vulnerability Management – Support with reporting and in driving the remediation of all identified Infrastructure Vulnerabilities across the BUK Services/Applications within SLA and support Service Teams with the enduring application development.

Key Accountabilities

• Infrastructure Vulnerability Management
• Cryptography Management
• Data Loss Prevention
• Reporting & MI
• Education and Awareness
• Stakeholder Management and Leadership
• Risk and Control Objective

To be successful as a Security Analyst, you should have experience with:

• Excellent stakeholder engagement and communication skills.
• Consistently supports business and technical areas in identifying high-quality resolutions to control concerns
• Can work independently and as part of a team as well as being pro-active.
• Has excellent time management and organizational skills
• Understands and can articulate to the business context/significance of vulnerabilities

Other highly valued skills include:

• Sound understanding of Cyber Security Policy and Standards and can convey requirements to others
• Demonstrates ability to solve complex technical problems
• Understands major internal support functions and services

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills

This role will be based out of our Knutsford campus.