Barclays

SecurityConsultant

Knutsford, United Kingdom; Glasgow, United Kingdom; Manchester, United Kingdom FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Security Consultant at Barclays. Skills: security architecture, security engineering, cloud security, identity and access management (IAM), security risk management, DevSecOps, security policies and standards. enable ‘secure by design’. supporting the bank’s change programmes”

What You'll Achieve.

enable ‘secure by design’; implement a secure systems and architecture; enhance security posture and resilience against cyber threats; create security strategies to enable business and technology evolution; strengthening controls in relation to the work done; achievement of the objectives of the organisation sub-function; meet required outcomes

Industry & Context.

Problems you'll solve

Execution of security risk assessments and building threat models; identify vulnerabilities; embedding compensating security controls and countermeasures; identify ways to mitigate risk; Engage in complex analysis of data from multiple sources of information; solve problems creatively and effectively

What They're Looking For.

Must Have

technically aware with a working understanding of computer networks, operating systems, databases, websites, and architectural principles, written and verbal reasoning skills – comfortable with technical writing and review, able to work as part of a team

Nice to Have

Current security certification CISSP is preferred, Experience of PCI-DSS, Experience in software development or business analysis disciplines including awareness of OWASP

What You'll Do.

enable ‘secure by design’

supporting the bank’s change programmes

design and implement a secure systems and architecture

execution of security risk assessments and building threat models

identify vulnerabilities within the banks IT systems

applications and infrastructure

embedding compensating security controls and countermeasures

provision of timely communication of key findings and recommendations to stakeholders

enablement of DevSecOps (and shift left)

providing engagement channels for customers and stakeholders seeking security advice

influencing key stakeholders to create security strategies

support and guidance to CISO

CIO and Product Team functions

providing security reviews for prospective 3rd party technology products and services

transfer of residual risks to the business/customer

collaboration with stakeholder and IT teams to support incident response and investigations

sharing security insights

participation in the development and maintenance of security policies

standards and procedures

advising business on security strategy

best practices in Information and Cyber Security

advising business teams on processes and technology to operate a global enterprise securely

How You'll Work.

Team & Collaboration

Collaborate closely with other functions/ business divisions; Lead a team performing complex tasks; collaborative assignments; guide team members through structured assignments; identify the need for the inclusion of other areas of specialisation; Collaboration with stakeholder and IT teams; work as part of a team

Communication Scope

timely communication of key findings and recommendations to stakeholders; written and verbal reasoning skills; comfortable with technical writing and review; Communicate complex information; Influence or convince stakeholders to achieve outcomes

Process & Methodology

change programmes, development lifecycle, business plans, technology change designs, technology evolution, assignments, projects

Full Job Description

# **Job Description** **Purpose of the role** To enable ‘secure by design’, supporting the bank’s change programmes, design and implement a secure systems and architecture across a broad set of security domains. These include data security, security risk management, asset security, security architecture and engineering (incl. cloud security), communications and networks, security operations, software development, security assurance testing, identity and access management (IAM). **Accountabilities** * Control function or security guild responsible for technology change oversight and governance. * Execution of security risk assessments and building threat models during the change & development lifecycle in order to identify vulnerabilities within the banks IT systems, applications and infrastructure, ensuring that compensating security controls and countermeasures are embedded in order to enhance security posture and resilience against cyber threats provision of timely communication of key findings and recommendations to stakeholders. * Enablement of DevSecOps (and shift left), by providing engagement channels for customers and stakeholders who wish to engage early seeking security advice and input into their business plans and opportunities, or technology change designs, influencing key stakeholders in COO and CSO to create security strategies to enable business and technology evolution. * Support and guidance to CISO, CIO and Product Team functions providing security reviews for prospective 3rd party technology products and services. * Transfer of residual risks to the business/customer as required by the bank’s enterprise risk management framework. * Collaboration with stakeholder and IT teams to support incident response and investigations using their knowledge of the banks technology systems sharing security insights. * Participation in the development and maintenance of security policies, standards and procedures aligned to the banks risk tolerance, regulatory r

Free ATS check

Applying for this Security Consultant role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 48 detected · ranked by frequency

cloud security ×6

identity and access management (IAM) ×6

security risk assessments ×4

security policies ×4

security standards ×4

security procedures ×4

OWASP ×4

security architecture ×3

security engineering ×3

security risk management ×3

DevSecOps ×3

security architecture and engineering ×3

threat modeling ×3

security controls ×3

countermeasures ×3

technical writing ×3

technical review ×3

PCI-DSS ×3

security policies and standards ×2

data security

asset security

communications

networks

security operations

software development

security assurance testing

computer networks

operating systems

databases

websites

architectural principles

technology change oversight and governance

BEHAVIOURAL

collaborationcommunicationinfluencelisteningauthenticityenergisinginspiringalignment across the enterprisedeveloping otherscreative problem solving

Role Details

Seniority mid

Experience 2–5 yrs

Level Mid

Work Mode No

Type FULL TIME

AI-Extracted Insights

Domain Areas

data-securitysecurity-risk-managementasset-securitysecurity-architecture-and-engineeringcloud-securitycommunications-and-networkssecurity-operationssoftware-development

Certifications

CISSP

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Barclays?

Real rants from real employees. Read before you apply.

Read Company Rants →