ISACA - Serving IT Governance Professionals, New Delhi Chapter
Home | About ISACA | Contact Us | Membership | Certifications | Resources | Events | General Guidelines
ISACA
» About ISACA
» Board of Directors
» New Delhi Chapter
» Audited Accounts
Membership
Certifications
Trainings
Resources
Events
General Guidelines
 Home » Resources » Job Opportunities

JOB OPPORTUNITIES

BARCLAYS STANDARD ROLE PROFILE

Job Title IT Security Manger, BSS
Job Grade B4/B5 (To be Evaluated)
(4-5 years of IT Security experience. Overall 7+ years of IT experience)
Business Area(e.g. Cluster and SBU) BSS
Name of Current Job Holder(if vacant leave blank; if interim say so) -
Reports To(line manager's job title only) Head IT - Risk, BSS
Number of Direct Reports (the minimum requirement, but direct report job titles can also be listed here) 1
Overall Job Purpose The purpose of this role is to:
  • Design, promote and assist with the implementation of IT security solutions, which align the business objectives of BSS and Barclays Bank.
  • Conduct Vulnerability assessment and ethical hacking exercise for entire business including desktop, servers and network.
  • Develop plans, goals, objectives, and other project management aids for the implementation of ISO 27001 implementation in IT.
  • Champions the cause of Information Security in Technology function.
Key Accountabilities & approximate time split (%)(Ideally 4-10 points, or headings with sub-points. Quantify where possible e.g. cost/income budget, no of subordinates, likely no of yrs/mths to complete longest task. Could note key external/internal lateral relationships) 1. IT- Security (80%)
[Competency level: Advanced]

Highly-technical expertise in IT
  • Drive IT Security for IT infrastructure & projects.
  • Conduct Vulnerability assessment and ethical hacking using tools like Foundstone, Nessue, Metasploit, Wireshark, ISS Internet scanner, Db scanner, Cain etc.
  • Conduct baseline security configuration assessment and implement Barclays hardening standards.
  • Be the lead in IT Security for IT Projects. Ensure BSS information security standards are implemented.
  • Evaluate and create IT Security standards & guidelines in line with Barclays Bank policies.
  • Work with SMEs on Server/ Desktop/ Network side to implement key IT controls.
  • Participate in the production of Security dashboards, and follow up of security indicators.
  • Implement and maintain various security tools across BSS such as end point protection, hard disk encryption etc.
  • Maintain Detailed Risk and Control Assessment for IT function.
  • Liase with BSM team for creation and implementation of Disaster Recovery Plans.
  • Ensure appropriate training and awareness of IT personnel's and IT contractors.
  • Ensure implementation of appropriate change management procedures.
  • Develop and maintain relationships with the BSS senior management teams, meeting regularly to review the Function's risk profile/other governance and control matters and to obtain appropriate sign off and acceptance for risk/control exposures.

2. Strategy Contribution (5%)
[Competency level: Intermediate]

  • Contribute to the development of Information Security strategy and the delivery of the business objectives (e.g. supporting plans for expansion into new premises/locations etc.)
  • Participate as a member of the BSS Information Security team, providing appropriate information risk/governance input in support of their strategy and performance agendas.

3. Team Leadership (15%)
[Competency level: Intermediate]

  • To lead and motivate staff, both direct, indirect reports, peer groups and at both senior and junior levels. Identifying individual and team development needs, providing coaching and recommending and/or arranging training.
  • Be self driven.
  • Conduct formal performance and development reviews for direct reports.
  • Provide support to the wider BSS Ops Risk team and support the teams’ responsibilities to GRCB Ops Risk.
Person Specification (Personal attributes essential to performing role: e.g. skills, competencies, expertise, knowledge, and experience. Note: experience not to be time-bound) 1. Skills/Competencies

Excellent Technical Skills:
  • Strong admin experience in Operating system (Windows, Active Directory)
  • Strong admin experience in Networking, TCP/IP and VoIP.
  • Strong IT technical skill sets on Microsoft (Windows Active Directory, Server 2003, XP professional), Cisco networking (routers, switches), Databases (Oracle/ SQL), Citrix / Virtualisation.
  • Preference for MCSE, RHCE, SCSA, etc and in Networking CCNA/CCNP
  • Strong implementation expertise on IT security tools, such as end point protection, Hard disk encryption, vulnerability assessment, active directory / LDAP implementation, VPN technologies etc.
  • Strong negotiation and influencing skills to determine an outcome that is mutually acceptable to all parties concerned.
  • Strong communication skills to communicate complex material to a wide and varied audience in a clear and concise format.
    • Strong facilitation and presentation skill sets.
Role Model Competencies (Behaviours)
  • Service Excellence
  • Problem Solving/Decision Making
  • Technical skills & Knowledge
  • Relationship/Partnership Approach
  • Communication /Influence
2. Specific Knowledge, Expertise & Qualifications

Essential
  • Computer Science or relevant degree with proven experience in the information security. MBA preferred.
  • Preferred Information Security degree (Graduation or Post grad)
  • Preference for MCSE, RHCE, SCSA, etc and in Networking CCNA/CCNP.
  • Certified Ethical Hacker (CEH) required.
  • CISA/ CISM/ or CISSP preferred.
  • Knowledge of emerging regulations in Data protection and data privacy for Europe/ UK.
  • Substantive experience gained in a financial services business.
  • Previous experience of working in a global business / Big 4.
Preferred
  • A working knowledge and understanding of the markets in which Global Retail and Commercial Banking operates e.g. customer base and competitors in general and products and services.
  • Experience of working in close co-operation or across different, complex international areas/functions of the business to achieve results including matrix management.
Date of Completion of Role Profile (month and year) 30/07/2008
Name of Role Profile Content Creator (person with this version electronically) Gautam Kapoor
Agreed by Line Manager (for Approved roles only) (person with this version electronically)
Name Signature
Date
Co-signed by HR Business Partner (for Approved roles only)
Name Signature
Date

© 2007 ISACA New Delhi Chapter. All Rights Reserved.
Subscribe to ISACA New Delhi Mailing List