security consultant

Job Description

Job Title: Third Party Security ConsultantLocation: PuneAbout BarclaysBarclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.Risk and Control ObjectiveEnsure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.Working FlexiblyWe re committed to providing a supportive and inclusive culture and environment for you to work in. This environment recognises and supports ways to balance your personal needs, alongside the professional needs of our business. Providing the opportunity for all our employees, globally to work flexibly empowers each of us to work in a way that suits our lives as well as enabling us to better service our customers and clients needs. Whether you have family commitments or you re a carer, or whether you need study time or wish to pursue personal interests, our approach to working flexibly is designed to help you balance your life. If you would like some flexibility then please discuss this with the hiring manager.Introduction:This role is accountable for ensuring the Bank has appropriate visibility, transparency and insight into the operational risks it is exposed to relating to Supplier Risk and the measures required to mitigate them. This accountability will be executed through the implementation of independent, evidence-based assurance of Supplier Risk across the region. This accountability will be executed through the reviewing of implementation of technology platforms which are operated by supplier, in suppliers domain. What will you be doing

• Deliver all supplier assurance services in line with relevant policies, standards and target operating model Identify areas of control weakness or strength for suppliers, driving proactive remediation and action Support and advise the business in developing remediation plans for control weakness
• Support the Chief Security Office (CSO) function with a Programme management service for delivery of supplier assurance programmers within CSO
• Produce timely and accurate management information in support of the governance and operating model of CSO.
• Stakeholder management and leadership. Experience building relationships with internal customers - BU and CCO Customers - as well as externally if required.
• Act as a subject matter expert for Cyber and Information Security within the Supplier Assurance
• Proven ability to operate in a matrix organisation
  • Decision making and problem solving.
  • Track, review and report on the management of Supplier risk across the regions
  • Analyses of data in aggregate to identify trends and indicators of thematic issues
  • Focus on aligning supplier assurance scoping with the business unit and operations the supplier is supporting to proactively identify inherent risk and provide solutions to remediate

What we re looking for:

• Shows integrity while addressing challenging situations
• Actively seeks ways to understand, mitigate or reduce third party risks
• Ability to work under pressure or within tight timescales
• Freely shares information and experiences and seeks knowledge from others
• Effective at working with minimal guidance in unstructured teams, situations and environments
• Challenges way of operating with a focus on pragmatism
• Demonstrates initiative and competence
• Supports and encourages positive working behaviours in others
• Able to shift well from task to task

Skills that will help you in the role:

• 10+ years of experience with technology operations, functions, controls and emerging trends at a strategic level
• Professional risk management qualifications and certifications desirable
• Good understanding of risk management frameworks and compliance activities
• Lead IT/Cyber security audit, due diligence/risk assessment in relation to 3rd party supplier s sites and partner organisations, including the identification of security controls and assessing their effectiveness.
• A demonstrated understanding of Internet protocols, network architecture, appliances, and knowledge of network security technologies
• Working knowledge of the cyber security threats, countermeasures and practices related to cloud technologies.
• Ability to understand and communicate risk posture, possible impact on business functions, and paths for remediation
• Skill in testing cyber security controls against control framework

Desirable skills/Preferred Qualifications:

• Knowledgeable about existing best practices for integration of security controls
• Awareness of core development methodologies and their associated technologies
• Good understanding of Information security standards such as ISO 27001/2, ISO 22301, PCI-DSS and knowledge of regulations such as MAS, HKMA, etc.

Where will you be working PuneBe More at BarclaysAt Barclays, each day is about being more as a professional, and as a person. Be More @ Barclays represents our core promise to all current and future employees. It s the characteristic that we want to be associated with as an employer, and at the heart of every employee experience. We empower our colleagues to Be More Globally Connected, working on international projects that improve the way millions of customers handle their finances. Be More Inspired by working alongside the most talented people in the industry, and delivering imaginative new solutions that are redefining the future of finance. Be More Impactful by having the opportunity to work on cutting-edge projects, and Be More Valued for who you are.Interested and want to know more about Barclays Visit home.barclays/who-we-are/ for more details.Purpose, Values and MindsetWe deploy finance responsibly to support people and businesses, acting with empathy and integrity, championing innovation and sustainability, for the common good and the long term.Our values underpin everything we do: Respect, Integrity, Service, Excellence and Stewardship.RespectWe harness the power of diversity and inclusion in our business, trust those we work with, and value everyones contribution.IntegrityWe operate with honesty, transparency and fairness in all we do.ServiceWe act with empathy and humility, putting the people and businesses we serve at the centre of what we do.ExcellenceWe champion innovation, and use our energy, expertise and resources to make a positive difference.StewardshipWe prize sustainability, and are passionate about leaving things better than we found them.Our Mindset shapes how we take action, living by our Values, driven by our Purpose, always with our customers and clients at the heart of what we do; our Mindset is to Empower, Challenge and Drive.EmpowerTrust and support each other to deliver. Make decisions with those closest to the topic. Include diverse perspectives. Celebrate success and learn from failure.ChallengeQuestion whether things can be done better. Use insights based on data to inform decisions. Be curious about how we can adapt and improve. Speak up and be open to alternative viewpoints.DriveFocus on outcomes. Deliver with pace. Be passionate and ambitious about what we do. Take personal responsibility. Actively build collaborative relationships to get things done.,

Keyskills :
equipment supplysecurity auditconsumer bankingrisk management frameworkiso 22301risk managementinformation security standardsnetwork securitypci dssemerging trendscyber security