Controls Business Partner - Cyber
On site
Glasgow, United Kingdom
Full Time
25-02-2025
Job Specifications
Join us as a Cyber Control Business Partner. In this role you will assess the integrity and effectiveness of the banks internal control framework to support the mitigation of risk and protection of the banks operational, financial, and reputational risk.
To be successful in the role of a Cyber Controls Business Partner you should have:
Experience in Cyber/Control Subject Matter Expert with excellent understanding of Cybersecurity principles and the application of Cybersecurity frameworks as defensive measures.
Technical knowledge of cyber security domains, preferably with strong Identity and Access Management, Application Security and Network Security credentials.
Risk and Control experience of managing cyber risk in accordance with enterprise risk management frameworks.
Extensive proven experience in Operational Risk and Controls management and frameworks.
Stakeholder Management experience, working with senior stakeholders across the lines of defence to constructively challenge and provide informed opinion on the cyber security control agenda. Proven excellence of preparing materials for senior management, for the Board and/or for regulators.
Some Other Highly Valued Skills Include
Strong written and verbal communicator with collaborative mindset and able to share best practice at all levels.
Highly organised, ability to prioritise and work under pressure, delivering to tight deadlines and multiple demands across a ‘matrix’ organisation.
You may be assessed on key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job specific technical skills.
This role can be based out of Glasgow or Knutsford.
Purpose of the role
To assess the integrity and effectiveness of the banks internal control framework to support the mitigation of risk and protection of the banks operational, financial, and reputational risk.
Accountabilities
Collaboration with various stakeholders across the bank and business units to improve overall control effectiveness through detailed documentation of control assessments, procedures, and findings.
Identification and investigation of potential weaknesses and issues within internal controls to promote continuous improvement and risk mitigation aligned to the bank’s control framework, prioritised by its severity to disrupt bank operations.
Development of reports to communicate key findings from risk assessment including control weaknesses and recommendations to control owners, senior management, and other stakeholders.
Execution of reviews to determine the effectiveness of the bank's internal controls framework aligned to established and evolving policies, regulation, and best practice.
Implementation of adherence to the Barclays Controls Framework and set appropriate methodology of assessing controls against the Controls Framework.
Vice President Expectations
To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and escalate breaches of policies/procedures..
If managing a team, they define jobs and responsibilities, planning for the department’s future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements..
If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others..
OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions..
Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment.
Manage and mitigate risks through assessment, in support of the control and governance agenda.
Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does.
Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business.
Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies.
Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions.
Adopt and include the outcomes of extensive research in problem solving processes.
Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes.
All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.
About the Company
Barclays is a British universal bank. Our vision is to be the UK-centred leader in global finance. We are a diversified bank with comprehensive UK consumer, corporate and wealth and private banking franchises, a leading investment bank and a strong, specialist US consumer bank. Through these five divisions, we are working together for a better financial future for our customers, clients and communities. With over 325 years of history and expertise in banking, Barclays operates in over 40 countries and employs approximately ... Know more
Related Jobs
- Company Name
- Formula Recruitment
- Job Title
- Senior Frontend Developer
- Job Description
- Senior Frontend Developer Up to £75,000 Central London - Flexible Hybrid Options Health-tech A start-up within the health space are seeking a Senior Frontend Developer to join a high performing squad of engineers building a unique SAAS platform which is radically streamlining an existing complex process. You'd join as a Senior Frontend Developer and make a real impact on user facing features from the off while enhancing frontend architecture in order to accelerate the products groundbreaking advancements. As a Senior Frontend Developer, you will have the following: Strong expertise in React & Typescript - ideally also with Next.js Strong UI/UX intuition with a user-centric approach Fullstack exposure with Python or another backend programming language - Java, Go, Node etc Experience working in a lean start-up environment is beneficial What's on offer: Salary up to £75,000 Central London - Flexible Remote options (Max 2 days per week onsite) Chance to make a positive social impact and grow with the company This is an exciting opportunity to work on impactful projects in a forward-thinking environment. If you are passionate about front-end development, we’d love to hear from you!
- Company Name
- Citi
- Job Title
- Java Developer (Agile) AVP - C12 - Belfast
- Job Description
- 25837967 Java Developer (Agile) AVP - C12 - BELFAST Overview Citi is a world-leading global bank. We have approximately 200 million customer accounts and a presence in more than 160 countries and jurisdictions worldwide. We provide consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. We enable clients to achieve their strategic financial objectives by providing them with cutting-edge ideas, best-in-class products and solutions, and unparalleled access to capital and liquidity. What We Do / The Team Prime Brokerage Technology provides solutions that underpin the operations of our clients and traders that provide the foundation of our Prime Finance business. This is an area of great opportunity and is a major growth target for Citi – with technology providing the key to unlock this potential. Role Overview/What will you do: Ownership and delivery on components (Java/Kotlin) within the Core Prime Brokerage platform. Hands-on Development. Actively contribute to an agile development, applying and improving skills in Continuous Integration and Continuous Deployment (CI/CD) practices. Implement and maintain developer-led automated testing solutions. Participate in the ongoing refinement of SDLC, agile and DevOps processes. Participate in design, planning and estimation discussions within the team. Perform detailed analysis of assigned work, breaking work into individual technical tasks. Collaborate with business analysts and stakeholders to clarify and refine requirements. Create and maintain project and technical documentation Assist in identify potential risks or issues within assigned tasks and communicate them to the team lead. Assist in production support by working closely with operations and business teams. Participate in support rotations to diagnose and resolve escalated issues. Contribute to documentation and post-mortem reviews. Implement software enhancements to resolve root-causes and improve reliability, performance and scalability. Collaborate as part of a global team on deliveries and engage in peer reviews such as code reviews / pull requests. Coach and mentor junior analysts and grads. Key Skills And Experience Required Technical Experience: Java & Test-Driven Development are essential. Experience in any number of additional technologies (listed below) is advantageous: Kotlin Cloud Technologies (Kubernetes, Open Shift) Messaging Technologies (Kafka, Solace, TIBCO) Database / Data Store / Data Query Technologies (SQL Server, Trino, Mongo, S3) Observability Technologies (OpenTelemetry, Elastic Stack / ELK, Grafana) This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. What We’ll Provide You By joining Citi London, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as: 27 days annual leave (plus bank holidays) A discretional annual performance related bonus Private Medical Care & Life Insurance Employee Assistance Program Pension Plan Paid Parental Leave Special discounts for employees, family, and friends Access to an array of learning and development resources Visit our Global Benefits page to learn more. Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive. ------------------------------------------------------ Job Family Group: Technology ------------------------------------------------------ Job Family: Applications Development ------------------------------------------------------ Time Type: Full time ------------------------------------------------------ Citi is an equal opportunity and affirmative action employer. Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View the "EEO is the Law" poster. View the EEO is the Law Supplement. View the EEO Policy Statement. View the Pay Transparency Posting
- Company Name
- Rapiscan Systems
- Job Title
- Cyber Security Manager
- Job Description
- Join Our Team as a Cyber Security Manager About Us: Rapiscan Systems is a global leader in detection technology, providing advanced cargo and vehicle inspection systems and services for high-security environments such as ports, borders, military facilities, and checkpoints. Our innovative solutions help combat terrorism, drug smuggling, illegal immigration, and trade fraud. We pride ourselves on our commitment to excellence, delivering best-in-class imaging performance, reliability, and operator satisfaction. Role Overview: As a Cyber Security Manager, you will lead the operations of our cyber security testing lab and generate critical product security documentation. You will collaborate with the Cargo Engineering Software Team to manage cybersecurity risks in our Cargo X-ray software suite. This role is integral to our larger corporate cybersecurity team at OSI Systems. Key Responsibilities: Security Design & Documentation: Define cybersecurity design requirements and develop product security documentation for border protection and transportation security products within a standardized security framework. Risk Management: Analyze, report, and manage security-related risks, proposing further security improvements. Education & Training: Educate product design staff and stakeholders on cybersecurity impacts on product design and support efforts. Innovative Solutions: Develop innovative solutions to secure and support networked products used in diverse settings over long periods. Vulnerability Assessment: Lead the development of product test protocols to assess vulnerabilities and recommend remediation techniques. Threat Assessment: Assess product vulnerabilities to new and emerging threats, identify root causes, and develop remediation strategies. Standardization: Prepare and document standard operating procedures to ensure product security throughout their lifecycle. Company Benefits Excellent salary Excellent career development. Holidays 25 days holidays plus bank holidays increases up to 29 days after 10 years’ service. Life insurance entitlement from first working day which is four times your basic salary. Charity work 2 days paid leave if you wish to volunteer and work for your nominated charity. One day paid leave to take your Birthday off Pension Company Car Lease Scheme Cycle to work scheme. Enhanced Maternity and Paternity pay. Healthcare Cash plan Eden Red discounts Qualifications: Experience: 7+ years in IT with a focus on security, including supporting product design and leading cybersecurity efforts based on industry standards. Knowledge: Familiarity with security standards and frameworks (e.g., NIST 800-53, NIST CSF, ISO 27001). Technical Skills: Detailed knowledge of operating system and network security in physical, virtual, and cloud-based environments (AWS). Hands-On Experience: Proficiency in security systems, including endpoint security, vulnerability management, firewalls, IDS/IPS, wireless security, authentication systems, log management, and encryption. Communication: Strong verbal and written communication skills, with the ability to convey complex security concepts and risks. Leadership: Proven ability to lead projects from start to finish and work effectively as part of a team. Education: Bachelor's degree in Computer Science, Information Security, Engineering, or related field. Cybersecurity certifications (e.g., Security+, CISSP, CCNA Security) are desirable. Global Perspective: Experience working in a global environment across multiple time zones, with the ability to travel internationally as needed. Why Join Us? At Rapiscan Systems, you will be part of a dynamic team dedicated to making the world a safer place. We offer a collaborative work environment, opportunities for professional growth, and the chance to work on cutting-edge technology that has a real-world impact.
- Company Name
- Roku
- Job Title
- Director, DevSecOps – Trust Engineering
- Job Description
- Teamwork makes the stream work. Roku Is Changing How The World Watches TV Roku is the #1 TV streaming platform in the US and Mexico, and we've set our sights on powering every television in the world. Roku pioneered streaming to the TV. Our mission is to be the TV streaming platform that connects the entire TV ecosystem. We connect consumers to the content they love, enable content publishers to build and monetize large audiences, and provide advertisers unique capabilities to engage consumers. From your first day at Roku, you'll make a valuable - and valued - contribution. We're a fast-growing public company where no one is a bystander. We offer you the opportunity to delight millions of TV streamers around the world while gaining meaningful experience across a variety of disciplines. About The Team The Trust Engineering Team builds platforms used by all cloud engineers at Roku. Together, these components are designed to be a cost-effective and a secure platform of services Roku engineers use globally. Our team owns the following segments: Threat Hunting Attack Surface Management Threat Intelligence Incident Response Security Infrastructure as Code FinOps Security Architecture and Engineering Our team members are smart, collegial, collaborative, and focused on building the best-in-class platform. We foster a culture of experimentation, looking for the best idea to take the day. As a leader on this team, our Director, Development Operations, models this behaviour: If we’re not trying new things, we’re not growing. We need to grow and adapt so that Roku stays on top. About The Role As Director, DevSecOps, you will lead Trust Engineering’s Security Operations organization. This role involves responsibilities in the following key areas: Provide technical leadership to the team with your experience and focus on simplifying and accelerating developer experience. Lead trust platform, provide automation and tools to developers, security observability, and cloud security governance. Continue to build a world-class team of Trust engineers by attracting and hiring high-quality talent across the US, UK, and India. We are expanding in India, so part of your time in this role will involve working closely with the rest of engineering in supporting a development centre in India and attracting the best talent there. Work with senior management and align roadmaps, communication strategy, and evolution of the platform based on their feedback and users of our platform Act as a product manager for the organization by designing mechanisms to deeply understand our internal customers who use the platform and their pain points Example: Automation of security infrastructure as code aligned with company CICD pipelines. Engage with external vendors in negotiations and drive Roku’s cloud security governance program and security tooling, thereby getting involved in the build vs buy decisions as needed. We're Excited If You Have Leadership Skills: You enjoy building a world-class team, attracting, inspiring, and retaining top talent You have excellent soft skills and can effectively communicate and drive alignment with a diverse set of people, ranging from developers to Roku executives. You enjoy the challenge of building internal platforms, cross-team collaboration, influencing the direction of the work, and substantively contributing to system architecture Provide technical leadership to the team with your experience and focus on simplifying and accelerating developer experience. Lead developer platform, application hosting platform, observability and cloud governance Continue to build a world class team of platform engineers by attracting and hiring high quality talent across US, UK and India. We are expanding in India, so part of your time in this role will involve working closely with rest of engineering in supporting a development center in India, and attracting the best talent there Work with senior management and align roadmaps, communication strategy and evolution of platform based on their feedback and users of our platform You are self-driven and enjoy taking complete ownership of initiatives Technical Skills: 10+ years in a strategic engineering leadership role, setting vision and leading teams of 15+ people with excellent experience in leading and evolving managers. Advanced background with common automation tools such as Terraform or CloudFormation. Experience designing and implementing DevSecOps, Security & Access management policies. Experience leading teams to build and maintain services within Cloud providers, like AWS, GCP and data centers. Advanced background with common automation tools such as Terraform or CloudFormation. Demonstrated ability to engage senior leadership and drive strategic outcomes Demonstrated ability to work with internal users as customers Strong architectural abilities towards building a wholistic developer experience Experience with Kubernetes, Istio, and Envoy Experience with observability tools like Prometheus, Grafana, Loki, Sumo Logic, XSIAM, etc. Experience with AI in automating security processes and to optimizing Experience with Gitlab, Artifactory, Docker, Terraform, CI/CD, and a good understanding of different deployment architectures Deep knowledge of one cloud provider between AWS and GCP and working knowledge of another is sufficient. Experience with cloud cost governance involving forecasting and managing costs Bachelor’s in Computer Science, or equivalent work experience Benefits Roku is committed to offering a diverse range of benefits as part of our compensation package to support our employees and their families. Our comprehensive benefits include global access to mental health and financial wellness support and resources. Local benefits include statutory and voluntary benefits which may include healthcare (medical, dental, and vision), life, accident, disability, commuter, and retirement options (401(k)/pension). Our employees can take time off work for vacation and other personal reasons to balance their evolving work and life needs. It's important to note that not every benefit is available in all locations or for every role. For details specific to your location, please consult with your recruiter. The Roku Culture Roku is a great place for people who want to work in a fast-paced environment where everyone is focused on the company's success rather than their own. We try to surround ourselves with people who are great at their jobs, who are easy to work with, and who keep their egos in check. We appreciate a sense of humor. We believe a fewer number of very talented folks can do more for less cost than a larger number of less talented teams. We're independent thinkers with big ideas who act boldly, move fast and accomplish extraordinary things through collaboration and trust. In short, at Roku you'll be part of a company that's changing how the world watches TV. We have a unique culture that we are proud of. We...