Business Information Security Officer

Embark on a transformative journey as a Business Information Security Officer (BISO). At Barclays, our vision is clear – to redefine the future of banking and help craft innovative solutions. As a BISO, you will provide a primary liaison service between the business, technology, and security functions to ensure the confidentiality, integrity, and availability of information, and support the mitigation of security risk for Barclays US consumer Banking Business (USCB).

This role will utilize your prior domain expertise to assist in the implementation and translation of enterprise security requirements as well as policies and procedures.

To be successful as a Business Information Security Officer, you should have experience with:

• Broad domain expertise across network security (cloud, IAM, data protection, 3rd party and vendor risk, application security, incident response, etc.)

• Working knowledge of NIST Cyber Security and/or PCI DSS frameworks

• Experienced in governance and oversight, including committees, KRIs/KCIs (Key indicators), risk acceptances and control issues - translating Group Cyber GRC requirements into BU implementation and adoption

• Risk and controls background within the consumer banking domain

Some other highly valued skills may include:

• Working knowledge of Cards and Payments industry

• Prior experience performing cyber due diligence to support Mergers and Acquisitions and Business partnerships

• Proven stakeholder management experience across Technology, business, and control partners – building business partnerships and creating strategic influence

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, as well as job-specific technical skills.

This role is located in Wilmington, DE office.

To provide a primary liaison service between the business, technology, and security functions. In order to ensure the confidentiality, integrity and availability of information, and support the mitigation of security risk.

• Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
• Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
• Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
• Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
• Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
• Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
• Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.

• To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and escalate breaches of policies/procedures.
• If managing a team, they define jobs and responsibilities, planning for the department’s future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements.
• If the position has leadership responsibilities, People Leaders are expected to…