|
|
Home
» Resources » Job
Opportunities
JOB OPPORTUNITIES
BARCLAYS STANDARD ROLE PROFILE
| Job Title |
IT Security Manger, BSS |
| Job Grade |
B4/B5 (To be Evaluated) (4-5 years of IT Security experience. Overall 7+ years of IT experience) |
| Business Area(e.g. Cluster and SBU) |
BSS |
| Name of Current Job Holder(if vacant leave blank; if interim say so) |
- |
| Reports To(line manager's job title only) |
Head IT - Risk, BSS |
| Number of Direct Reports (the minimum requirement, but direct report job titles can also be listed here) |
1 |
| Overall Job Purpose |
The purpose of this role is to:
- Design, promote and assist with the implementation of IT security solutions, which align the business objectives of BSS and Barclays Bank.
- Conduct Vulnerability assessment and ethical hacking exercise for entire business including desktop, servers and network.
- Develop plans, goals, objectives, and other project management aids for the implementation of ISO 27001 implementation in IT.
- Champions the cause of Information Security in Technology function.
|
| Key Accountabilities & approximate time split (%)(Ideally 4-10 points, or headings with sub-points. Quantify where possible e.g. cost/income budget, no of subordinates, likely no of yrs/mths to complete longest task. Could note key external/internal lateral relationships) |
1. IT- Security (80%) [Competency level: Advanced]
Highly-technical expertise in IT
- Drive IT Security for IT infrastructure & projects.
- Conduct Vulnerability assessment and ethical hacking using tools like Foundstone, Nessue, Metasploit, Wireshark, ISS Internet scanner, Db scanner, Cain etc.
- Conduct baseline security configuration assessment and implement Barclays hardening standards.
- Be the lead in IT Security for IT Projects. Ensure BSS information security standards are implemented.
- Evaluate and create IT Security standards & guidelines in line with Barclays Bank policies.
- Work with SMEs on Server/ Desktop/ Network side to implement key IT controls.
- Participate in the production of Security dashboards, and follow up of security indicators.
- Implement and maintain various security tools across BSS such as end point protection, hard disk encryption etc.
- Maintain Detailed Risk and Control Assessment for IT function.
- Liase with BSM team for creation and implementation of Disaster Recovery Plans.
- Ensure appropriate training and awareness of IT personnel's and IT contractors.
- Ensure implementation of appropriate change management procedures.
- Develop and maintain relationships with the BSS senior management teams, meeting regularly to review the Function's risk profile/other governance and control matters and to obtain appropriate sign off and acceptance for risk/control exposures.
2. Strategy Contribution (5%) [Competency level: Intermediate]
- Contribute to the development of Information Security strategy and the delivery of the business objectives (e.g. supporting plans for expansion into new premises/locations etc.)
- Participate as a member of the BSS Information Security team, providing appropriate information risk/governance input in support of their strategy and performance agendas.
3. Team Leadership (15%) [Competency level: Intermediate]
- To lead and motivate staff, both direct, indirect reports, peer groups and at both senior and junior levels. Identifying individual and team development needs, providing coaching and recommending and/or arranging training.
- Be self driven.
- Conduct formal performance and development reviews for direct reports.
- Provide support to the wider BSS Ops Risk team and support the teams’ responsibilities to GRCB Ops Risk.
|
| Person Specification (Personal attributes essential to performing role: e.g. skills, competencies, expertise, knowledge, and experience. Note: experience not to be time-bound) |
1. Skills/Competencies
Excellent Technical Skills:
- Strong admin experience in Operating system (Windows, Active Directory)
- Strong admin experience in Networking, TCP/IP and VoIP.
- Strong IT technical skill sets on Microsoft (Windows Active Directory, Server 2003, XP professional), Cisco networking (routers, switches), Databases (Oracle/ SQL), Citrix / Virtualisation.
- Preference for MCSE, RHCE, SCSA, etc and in Networking CCNA/CCNP
- Strong implementation expertise on IT security tools, such as end point protection, Hard disk encryption, vulnerability assessment, active directory / LDAP implementation, VPN technologies etc.
- Strong negotiation and influencing skills to determine an outcome that is mutually acceptable to all parties concerned.
- Strong communication skills to communicate complex material to a wide and varied audience in a clear and concise format.
Strong facilitation and presentation skill sets.
Role Model Competencies (Behaviours)
- Service Excellence
- Problem Solving/Decision Making
- Technical skills & Knowledge
- Relationship/Partnership Approach
- Communication /Influence
2. Specific Knowledge, Expertise & Qualifications
Essential
- Computer Science or relevant degree with proven experience in the information security. MBA preferred.
- Preferred Information Security degree (Graduation or Post grad)
- Preference for MCSE, RHCE, SCSA, etc and in Networking CCNA/CCNP.
- Certified Ethical Hacker (CEH) required.
- CISA/ CISM/ or CISSP preferred.
- Knowledge of emerging regulations in Data protection and data privacy for Europe/ UK.
- Substantive experience gained in a financial services business.
- Previous experience of working in a global business / Big 4.
Preferred
- A working knowledge and understanding of the markets in which Global Retail and Commercial Banking operates e.g. customer base and competitors in general and products and services.
- Experience of working in close co-operation or across different, complex international areas/functions of the business to achieve results including matrix management.
|
| Date of Completion of Role Profile (month and year) |
30/07/2008 |
| Name of Role Profile Content Creator
(person with this version electronically) |
Gautam Kapoor |
| Agreed by Line Manager (for Approved roles only)
(person with this version electronically) |
|
| Co-signed by
HR Business Partner (for Approved roles only) |
|
|