Infomation security officer

06 November England - Hampshire, Fleet Perm

About Barclays

Barclays is a transatlantic consumer, corporate and investment bank offering products and services across personal, corporate and investment banking, credit cards and wealth management, with a strong presence in our two home markets of the UK and the US.

Barclaycard Business Solutions

Barclaycard Business Solutions is a portfolio of B2B2C (business to business to consumer) businesses including merchant acquiring, commercial payments, offers and point-of-sale (POS) finance.

Making our clients more successful is at the heart of what we do. We are the only business in the UK which can make and take payments, putting us in a unique position to offer a broader choice of payment solutions and products to our B2B customers. Our focus is on making clients more successful by allowing them to always make the sale, help them pay and to help them to promote and sell.

Payments Tower

The primary function for the Payments Technology Tower is to support the Barclaycard Payment Solutions (BPS) business and in doing so running payment transactions for 30% of the UK high street, adding business value by leveraging technology solutions and payments domain / industry knowledge. The tower also operates across Barclaycard and the wider Bank, providing payment solutions where the other business units are acting as a merchant or in the operation of authorisations and settlement routing.

Role Purpose

Support all elements of information security in the provision of BPS (Payment Integrator) external services and internal information security requirements.

Key Accountabilities

* In association with the lead Information Security Officer, create and maintain an overall security architecture against which BPS (PI) software and service products can be designed.
* Ensure that all necessary security policies and procedures are established and maintained in relation to the on-going service operation.
* Ensure on-going compliance with standards such as PCI DSS, PA DSS, P2PE. Maintain all current accreditations, ensuring all updates and renewals are scheduled and actioned and ensure all new relevant releases are scheduled for audit and listing.
* Act as company contact and representative for all third party audits.
* Support strategic security planning to achieve business goals by prioritising defence initiatives and co-ordinating the evaluation, deployment, and management of current and future security technologies.
* Support development and communication of security strategies to the Operational Team and all other key stakeholders, including Partners and Clients, as required
* Support development, implementation, maintenance and oversight for enforcement of policies, procedures and associated plans for all system and information security requirements based on industry-standard best practices. Recommend and implement changes in security policies and practices in accordance with changes in legislation.
* Manage the administration of all computer security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
* In conjunction with the office facilities administrator, manage the administration of BPS (PI) Fleet office and data facility security systems and their corresponding equipment or software and access control, including security guards, fire alarms, locks, intruder detection systems, and anti-theft measures, in collaboration with Barclays suppliers.
* Maintain the security incident process such that all stakeholders understand and perform their duties when an incident occurs.
* Remain informed on trends and issues in the security industry, including current and emerging technologies and associated cost implications.
* Support penetration testing of all systems in order to identify system vulnerabilities.
* Review and recommend improvements to connection security for local area networks, the company Website, intranet and e-mail communications.
* Ensure that BPS (PI) security compliance is maintained, by monitoring compliance with the relevant standards and communicating closely with the necessary governing bodies / accreditors.
* Support preparing BPS (PI) annually for security audits.
* Support the design and delivery for all relevant security awareness training across all BPS (PI) operational units.
* Act as subject matter expert in assisting Sales Support with request for proposals on security and risk questions as required.
* Maintain and control all security inventories and ensure key management processes are followed.
* Ensure all 3rd Party Service Providers comply with all elements of Barclays/BPS (PI) security standards in relation to the services they provide and carry out security audits on all of our suppliers to ensure compliance.

Person Specification

* Degree or equivalent experience
* Relevant security qualification e.g. CISSP or CISM
* Experience in maintaining PCI DSS security compliance
* Good technical experience
* Ideally have an understanding of PA DSS and P2PE security compliance

Other Jobs IT finance

Back to the list