Barclays
SecurityConsultant
Neural analysis suggests this role is
optimal for Mid candidates.
“Security Consultant at Barclays. Skills: security architecture, security engineering, security risk management, identity and access management (IAM), cloud security, DevSecOps, risk and controls, change and transformation, business acumen, strategic thinking, digital and technology. enable ‘secure by design’. supporting the bank’s change programmes”
What You'll Achieve.
enable ‘secure by design’; enhance security posture and resilience against cyber threats; deliver on work that impacts the whole business function; create an environment for colleagues to thrive and deliver to a consistently excellent standard; meet required outcomes; support the resolution of escalated issues; strengthening controls in relation to the work done; achievement of the objectives of the organisation sub-function; achieve outcomes
Industry & Context.
Execution of security risk assessments and building threat models; identify vulnerabilities; identify ways to mitigate risk; complex analysis of data from multiple sources of information; solve problems creatively and effectively
What They're Looking For.
Must Have
technically aware with a working understanding of computer networks, operating systems, databases, websites, and architectural principles, written and verbal reasoning skills – comfortable with technical writing and review, able to work as part of a team
Nice to Have
Current security certification CISSP is preferred, Experience of PCI-DSS, Experience in software development or business analysis disciplines including awareness of OWASP
What You'll Do.
enable ‘secure by design’
supporting the bank’s change programmes
design and implement a secure systems and architecture across a broad set of security domains
execution of security risk assessments and building threat models during the change & development lifecycle
identify vulnerabilities within the banks IT systems
applications and infrastructure
embedding compensating security controls and countermeasures
enhance security posture and resilience against cyber threats
provision of timely communication of key findings and recommendations to stakeholders
enablement of DevSecOps (and shift left)
providing engagement channels for customers and stakeholders who wish to engage early seeking security advice and input into their business plans and opportunities
or technology change designs
influencing key stakeholders in COO and CSO to create security strategies to enable business and technology evolution
support and guidance to CISO
CIO and Product Team functions providing security reviews for prospective 3rd party technology products and services
transfer of residual risks to the business/customer as required by the bank’s enterprise risk management framework
collaboration with stakeholder and IT teams to support incident response and investigations using their knowledge of the banks technology systems sharing security insights
participation in the development and maintenance of security policies
standards and procedures aligned to the banks risk tolerance
regulatory requirements and industry best practice
advise and influence decision making
contribute to policy development
take responsibility for operational effectiveness
lead a team performing complex tasks
set objectives and coach employees
appraisal of performance relative to objectives and determination of reward outcomes
lead collaborative assignments and guide team members through structured assignments
identify the need for the inclusion of other areas of specialisation to complete assignments
identify new directions for assignments and/ or projects
consult on complex providing advice to People Leaders to support the resolution of escalated issues
identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda
take ownership for managing risk and strengthening controls in relation to the work done
perform work that is closely related to that of other areas
which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function
collaborate with other areas of work
for business aligned support areas to keep up to speed with business activity and the business strategy
engage in complex analysis of data from multiple sources of information
internal and external sources such as procedures and practises (in other areas
etc). to solve problems creatively and effectively
communicate complex information
influence or convince stakeholders to achieve outcomes
advising our business on security strategy
best practices in Information and Cyber Security
advising our business teams on processes and technology to operate a global enterprise securely within an increasingly dependent digital world
How You'll Work.
Team & Collaboration
Collaborate closely with other functions/ business divisions; Collaboration with stakeholder and IT teams; work as part of a team; lead collaborative assignments and guide team members; collaboration with other areas of work
Communication Scope
timely communication of key findings and recommendations to stakeholders; written and verbal reasoning skills; technical writing and review; communicate complex information; Influence or convince stakeholders
Process & Methodology
change programmes, development lifecycle, business plans, technology change designs, assignments, projects
Full Job Description
# **Job Description** **Purpose of the role** To enable ‘secure by design’, supporting the bank’s change programmes, design and implement a secure systems and architecture across a broad set of security domains. These include data security, security risk management, asset security, security architecture and engineering (incl. cloud security), communications and networks, security operations, software development, security assurance testing, identity and access management (IAM). **Accountabilities** * Control function or security guild responsible for technology change oversight and governance. * Execution of security risk assessments and building threat models during the change & development lifecycle in order to identify vulnerabilities within the banks IT systems, applications and infrastructure, ensuring that compensating security controls and countermeasures are embedded in order to enhance security posture and resilience against cyber threats provision of timely communication of key findings and recommendations to stakeholders. * Enablement of DevSecOps (and shift left), by providing engagement channels for customers and stakeholders who wish to engage early seeking security advice and input into their business plans and opportunities, or technology change designs, influencing key stakeholders in COO and CSO to create security strategies to enable business and technology evolution. * Support and guidance to CISO, CIO and Product Team functions providing security reviews for prospective 3rd party technology products and services. * Transfer of residual risks to the business/customer as required by the bank’s enterprise risk management framework. * Collaboration with stakeholder and IT teams to support incident response and investigations using their knowledge of the banks technology systems sharing security insights. * Participation in the development and maintenance of security policies, standards and procedures aligned to the banks risk tolerance, regulatory r
Applying for this Security Consultant role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Barclays?
Real rants from real employees. Read before you apply.