Security Analytics and Development Centre, Chief Security Office
Chief Security Office (CSO) is a fully global team, with colleagues across Europe, Asia, Africa and the Americas. We support the business in ensuring confidentiality, integrity and availability of the firm's information assets, and in implementing world-class security solutions to meet business needs. CSO operates critical controls and works in partnership with the business to ensure our customers can trust Barclays to protect their sensitive information, and that the security of our critical infrastructure, staff, and assets is maintained.
The purpose of this technical hands-on leadership role is to drive integration of number of security products into "Fusion" - a leading edge security and data platform at Barclays.
Core purpose of the role will be to deploy and integrate best in class solutions for holistic end-to-end security comprising of both 3rd party and internally developed applications, big data and bespoke automations.
The role will require you to work with architects, application and infrastructure teams on adoption of strategic security components and services. Working with these teams; you will assist planning, and then deployment and integration of components which interact with strategic security services.
Specifically you will be involved in the following:
* Development/deployment/integration - ThreatConnect, IBM Resilient, migration of SIEM (likely McAffee Nitro to Splunk SE), Tanium, Appian (case management), ServiceNow, Atlassian stack (JIRA, Confluenhce, Hipchat), BigData/Cloudera Hadoop, Anaconda Enterprise Notebooks (Python), bespoke internal API/UI
* Ensuring expediency of delivery while meeting Internal Records Management policies, Leidos (3rd party consultancy scoring Barclays on their security posture) as well as other internal strategic security programmes
* Creation of a leading edge API framework and integration framework with all new tools seamlessly integrated
* Support delivery streams effectively and deliver high quality back end according to requirements and great satisfaction for scrums and assisting operations from both a security and technical point of view
* Developing a great team culture - quality of code, review and strong communication and support tools to enable developers to achieve 'faster, better, cheaper' their objectives
* Determination and passion for driving delivery and performance in self and othersSelf-motivated and organised individual
* High degree of (hands-on) technical leadership with broad subject matter expertise
* Excellent ability to execute where information is ambiguous, utilising professionalism, experience and prior knowledge
* Capability in leading teams of up to 6 people
* A solid understanding of Enterprise IT
* Knowledge and understanding of modern cyber threat actors, their motivation, scenarios, tools, tactics and procedures.
* A minimum of 10 years of progressively demonstrating professional and management capabilities
* A degree in computer science, mathematics, engineering or related field in required
* Technical Knowledge - Essential
* Capability to be persistent and creative in solving complex and challenging problems.
* Extensive experience creating innovative solutions.
* Ability to differentiate between vulnerability and threat centric approaches.
* Proven capability in programming / scripting skills
* Strong understanding of the security mechanisms associated with Windows or Unix operating systems, switched networks, web based applications and databasesIn-depth technical understanding of most of the following is required to succeed in the role.Security Products
* SIEM - Splunk and Splunk SE or McAfee Nitro
* Incident Management - IBM Resilient, ServiceNow
* Endpoint Management - Tanium, Symantec EPO
* Data Leakage Prevention - Vontu
* Behavioural Analytics - Exabeam
* Strong Development Experience - Java, .NET/C#
* Strong Scripting - Python, Bash, PowerShell
* Strong DB skill - MS-SQL, MySQL, BigData/Cloudera, Elastic Search
* Source Control - Stash/Git
* Atlassian Suite (JIRA, Confluence, HipChat)
* Strong systems knowledge - Windows ,RedHat, AD, Packaging and deployments (MSI/rpm)
* Infrastructure services - Bluecoat, Infoblox
* Identity, federation and authentication technologies (e.g SAML, OAUTH).
* Web Services technologies (e.g. REST, XML, JSON)
* Service-oriented architectures and security issues (e.g.IaaS, PaaS)Technical Knowledge - Beneficial