Barclays, banca universale multinazionale britannica, ricerca un Cyber & Information Security Manager per la sede di Milano.
About the Chief Security Office
The Chief Security Office (CSO) is a fully global team, with over 1000 colleagues across Europe, Asia, and the Americas. We support the business in ensuring the security of the firm’s assets, and in implementing world-class security solutions to meet business needs. CSO operates critical controls and works in partnership with the business to ensure our customers can trust Barclays to protect their sensitive information, and that the security of our critical infrastructure, staff, and assets is maintained.
About Barclays Europe CISO
The Barclays Europe entity is headquartered in Dublin, Ireland and operates a range of financial services across ten European Union countries currently including; Ireland, France, Germany, Italy, Spain, Portugal, Italy, Luxembourg, Netherlands and Sweden. The Barclays Europe Chief Information Security Officer (CISO) team is responsible for driving the implementation and maintenance of effective Information and Cyber security across the entity.
Overall purpose of role
Stakeholder management, information gathering, analysis and dissemination with close engagement to the Barclays Europe business areas is fundamental to this role. The overall purpose of the role is to drive robust Information and Cyber Security practices through provision of a comprehensive “first line of defence” service to the business across the Barclays Europe entity.
Key Accountabilities
The individual holding this job role must be capable of supporting team members in many of the group-level Information and Cyber Security processes and at any time might be participating in multiple activities. Therefore, the individual should look forward to a mix of accountabilities as follows.
- Lead the provision of Information and Cyber Security SME advice and guidance to key stakeholders across Barclays Europe including multiple senior Managing Directors and Directors.
- Provide coaching and cross-training to Information and Cyber Security colleagues in order to increase the skills maturity of the function as a whole.
- Lead the reporting of the status of our risk exposure and control maturity against the relevant Policies and Standards
- Lead investigations, incidents and exceptions to address Information and Cyber Security matters.
- Lead the design and implementation of an information and cyber security controls and change initiatives across the Barclays Europe entity.
- Creating an environment and culture that promotes excellence and a continuous improvement approach
- Continuously develop information and cyber security SME capability in line with needs and expectations.
- Use risk management principles to ensure the confidentiality, integrity and availability of information are safeguarded in accordance with the bank’s operating model and risk appetite.
- Manage security controls exceptions and ensure incidents are tracked and managed to closure
While performing these accountabilities, the individual must maintain regular liaison with management and maintain a network of Barclays, industry and law enforcement contacts. In addition, they are accountable for following Group policy and processes in relation to finance and expense management, and regulatory and compliance duties.
Stakeholder Management and Leadership
This role requires strong computer application skills, especially in Excel and PowerPoint, with additionally strong critical thinking and analytical skills to support Information and Cyber Security activities, as well as, ensuring deliverables and deadlines are met on time. The role holder’s ability to present, communicate to stakeholders in a timely and also proficient manner is critical for the success of this role.
Decision-making and Problem Solving
This role requires decision-making and problem solving as it pertains to managing Information and Cyber Security controls in Barclays Europe. The ability to resolve basic issues and answer questions on policy and standards is essential to this role. This role interacts with many levels of people in the business, so the ability to communicate solutions to problems will be very critical.
Risk and Control Objective
Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.
Person Specification
- Proactive approach, committed, team-focused & strong work ethic
- Ability to multi-task and produce high quality work
- Strong stakeholder management skills with the ability to translate complex technical issues in to a business context
- Positive attitude
Essential Skills/Basic Qualifications:
- Significant experience in working within the information and cyber security field, including systems audit, internal controls and/or security consulting
- Significant experience at implementing or managing risk management processes and tools
- Actively seeks ways to understand, mitigate or reduce risks, drawing on technical experience, risk assessment, and management reports
- Experience in leading and managing multiple stakeholders within a complex matrix environment across multiple geographies
- Fluent in English and Italian languages
Desirable skills/Preferred Qualifications:
- Significant professional experience and /or qualification preferred
- Experience in relevant information risk and control frameworks including NIST, ISO27001
- Information security accreditation such as CISSP, CISA
- Understanding of relevant regulatory environment within European Union
- Fluent in European languages in addition to English and Italian
- Experience working in information security risk within Financial Services
Purpose, Values and Mindset
We deploy finance responsibly to support people and businesses, acting with empathy and integrity, championing innovation and sustainability, for the common good and the long term.
Our values underpin everything we do: Respect, Integrity, Service, Excellence and Stewardship.
Respect
We harness the power of diversity and inclusion in our business, trust those we work with, and value everyone’s contribution.
Integrity
We operate with honesty, transparency and fairness in all we do.
Service
We act with empathy and humility, putting the people and businesses we serve at the centre of what we do.
Excellence
We champion innovation, and use our energy, expertise and resources to make a positive difference.
Stewardship
We prize sustainability, and are passionate about leaving things better than we found them.
Our Mindset shapes how we take action, living by our Values, driven by our Purpose, always with our customers and clients at the heart of what we do; our Mindset is to Empower, Challenge and Drive.
Empower
Trust and support each other to deliver. Make decisions with those closest to the topic. Include diverse perspectives. Celebrate success and learn from failure.
Challenge
Question whether things can be done better. Use insights based on data to inform decisions. Be curious about how we can adapt and improve. Speak up and be open to alternative viewpoints.
Drive
Focus on outcomes. Deliver with pace. Be passionate and ambitious about what we do. Take personal responsibility. Actively build collaborative relationships to get things done.
https://search.jobs.barclays/job/milan/cyber-and-information-security-manager/13015/23022693168