1. Home
  2. RTB Vulnerability Analyst
Expires soon
Barclays

RTB Vulnerability Analyst

  • Knutsford (Cheshire East)
  • Infra / Networks / Telecom
Apply Now

Job description

Global Information Security is a fully globalised team, with over 800 colleagues across Europe, Asia, Africa and the Americas. We support all Barclays' Businesses in ensuring confidentiality, integrity and availability of the firm's information assets, and in implementing world-class security solutions to meet their needs.

We operate critical controls and work in partnership with the Business to ensure our customers can trust Barclays to protect their sensitive information, and that the security of our critical infrastructure, staff, and assets is maintained.

The Cyber Security and Controls Centre is one of the GIS pillars of best practice which are driving our strategy to Protect, Enable, Innovate and Educate.

Within this structure, Central Information Risk Management, including the Vulnerability Management team, is responsible for ensuring that the Group's Policies and Standards are fully implemented with compliance upheld.

We identify and manage information in addition to reporting on the maturity and vulnerability of our stakeholder functions. Where key control issues are identified, we execute programmes of remediation across a large and complex stakeholder group.

Overall purpose of role

· Support Head of RTBVM with Vulnerability Management and Remediation. Deliver prioritised remediation initiatives in line with the team's objectives
· Facilitate in risk and vulnerability assessments of applications and systems to ensure technical vulnerabilities are identified and correctly managed.

Key Accountabilities

Vulnerability Management and Remediation

· Ensure that security issues identified during RTB activities are managed, and where appropriate ensuring that RTB vulnerabilities are progressed to BTB projects to ensure appropriate governance to remedial actions
· Assist Risk Owners to accurately assess the likelihood and impact of technical vulnerabilities.
· Provide accurate and timely data for technical vulnerability reports as per approved standards and processes.
· Prepare intelligent management information sets for the vulnerability exposure position of the production and disaster recovery environments.
· Articulation of security risk exposure to Run The Bank stakeholders.
· Provide input to Security Solutions for the creation and update of Secure Builds and Secure Building Blocks
· Collaborate with GIS Red Team to capture and oversee the remediation of identified security weaknesses, ensuring these are delivered as BTB project activities where appropriate and adherence to required change governance
· Facilitate in the management of non-compliances to Information Risk Standards and Policies for the RTB teams on security issues identified
· Facilitate in root cause analysis for wide scale vulnerabilities

Stakeholder Management and Leadership

· Manage relationships with the BU RTB and GIS teams.
· Provide technical advice and guidance on IT security related queries when required.

Decision-making and Problem Solving

· Provide security consultancy to ensure Run The Bank services are protected in a manner that ensures adoption of the relevant security strategy, designs, standards, controls and tools.

Risk and Control Objective

· All Barclays colleagues have to ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards

Person Specification

Your Skills and Qualifications will include

· IT expertise coupled with understanding of financial services and impacting laws and regulations
· Understanding of principles, practices, and techniques related to IT Security
· Knowledgeable about existing best practices for integration of security controls
· Understands security controls from a people, process and technology perspective. Experienced at implementing or managing risk management processes and tools
· Deliver results which add value
· Working towards security qualification (CISSP or CISM, Security Testing, Ethical Hacker Certification Preferred)
· Relationship, communication and stakeholder management skills
· Working in a team and task prioritisation with a focus on delivery
· Strong Written and Verbal language skills

Make every future a success.
  • Job directory
  • Business directory
    •