Vice President Cyber Operations

Purpose of the role

To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats. 

Accountabilities

• Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage.
• Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise.
• Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats.
• Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network.
• Management of cyber security incidents including remediation & driving to closure.

Vice President Expectations

• Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment.
• Manage and mitigate risks through assessment, in support of the control and governance agenda.
• Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does.
• Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business.
• Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies.
• Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions.
• Adopt and include the outcomes of extensive research in problem solving processes.
• Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Embark your transformative journey as Vice President Cyber Operations. You will work as an Incident Response T3 Analyst at Barclays and become a crucial defender of our digital landscape. In this role, you will be instrumental in protecting our systems and data, ensuring its confidentiality, integrity and availability. As a key member of the Cyber Operations Team, your insights will significantly impact our ability to proactively identify, thoroughly investigate, and effectively neutralize security threats. You will focus on rapid response, meticulous containment, and continuous improvement, collaborating closely with security engineers, threat intelligence experts, and key stakeholders across the organization.

To be successful as Vice President Cyber Operations, you should have experience with:

• Security Information and Event Management (SIEM) platforms (e.g., Splunk, QRadar, etc) for real-time monitoring, correlation and analysis of security events.
• Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike) for threat detection, investigation and response on endpoints.
• Incident response methodologies (e.g., NIST, SANS) and frameworks for handling security incidents effectively.
• Operating systems (Windows, Linux, macOS) and networking concepts for understanding system behavior and network traffic.
• Security tools and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), vulnerability scanners and penetration testing tools.

Additional relevant skills include:

• Analyzing security logs and events to identify potential security threats and incidents,Conducting initial triage and analysis of security incidents to determine scope, severity and impact.
• Following established incident response procedures to contain, eradicate and recover from security incidents and hands-on experience in analyzing high priority large scale Cyber Incidents.

• *Experience with Cyber Regulatory Exercises and create Work Instructions for Junior analysts to work on Cyber Incidents.
• Documenting security incidents thoroughly and accurately, including details of the incident, actions taken and lessons learned and communicating effectively with technical and non-technical stakeholders regarding security incidents.
• Experience with threat intelligence platforms and sources for staying up-to-date on the latest threats and vulnerabilities
• Knowledge of malware analysis and reverse engineering techniques for understanding malicious software, scripting skills (e.g., Python, PowerShell) for automating incident response tasks.
• Certifications such as CompTIA Security+, GSEC, GCIH, GPEN, GCFA, CISM, CISSP.

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills.

This role is for Pune Location.