Avp-cco Cso Cbp

**Job Title**: AVP-CCO CSO CBP

**Location: Pune**

**About Barclays**

**Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.**

**Risk and Control Objective**

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.

**Working Flexibly**

We’re committed to providing a supportive and inclusive culture and environment for you to work in. This environment recognises and supports ways to balance your personal needs, alongside the professional needs of our business. Providing the opportunity for all our employees, globally to work flexibly empowers each of us to work in a way that suits our lives as well as enabling us to better service our customers’ and clients’ needs. Whether you have family commitments or you’re a carer, or whether you need study time or wish to pursue personal interests, our approach to working flexibly is designed to help you balance your life.

If you would like some flexibility then please discuss this with the hiring manager.

**Introduction**:
This role is within the CSO Chief Control Office (CCO) primarily to support Regulatory Engagement and Horizon Scanning. The focus of the role is to:

- Systematically monitor and examine information related to Cyber Risks across industry - such as emerging threats, regulatory actions, regulatory change, Cyber & Technology breaches and risk events
- Present comprehensive view to management for rationalization and prioritization for further analysis
- Partner with relevant functions to carry out deep dive analysis of such events, considered to represent direct risk to Barclays and assess Barclays Controls posture and preparedness against such risks
- Present findings to management and recommend next course of action(s)
- The role will also entail regulatory and compliance review and responding to audit and regulatory related internal/external requests/events and document the findings summary

**What will you be doing?**
- Develop and maintain the horizon scanning framework
- Scan the horizon for external events such as Regulatory actions & penalties, regulatory changes/breaches and emerging threats using agreed tools & techniques
- Present comprehensive summary to management for rationalization and prioritization for further analysis
- Carry out proactive risk assessment to analyse Barclays Controls environment & preparedness
- Prepare assessment findings including control gaps and risk to Barclays, corrective actions and present in relevant management fora
- Partner with relevant Cyber functions and keep abreast of remediation programs across the bank
- Develop and maintain strong working relationships with horizontals, verticals, 2nd and 3rd line of defence and drive periodic engagement meetings
- Develop and maintain Management Information (MI) to enable management with decision making and intervention
- Respond to Regulatory data/meeting requests and participate in the regulatory examinations and internal/external audits
- Understand regional regulatory environment and impact on technology and cyber landscape, leading to proactive assessment of regulatory exposure and supporting management in escalating concerns
- Establish and maintain an effective risk culture

**What we’re looking for**:

- Bachelor’s degree in Computer Science and equivalent work experience in relevant industry with strong background in risk management, technology and information security
- Minimum three years of practical knowledge of Technology and Cyber Risk Management - Horizon scanning
- Experience in assessing design and operating effectiveness of technology controls
- Experience of a project environment, in particular planning, testing, and tracking against a plan
- Experience in leveraging IT risk frameworks such as COBIT5, COSO, NIST and/or data management frameworks DCAMM/CMM-DMM
- Excellent knowledge of information technology risks, controls and risk remediation and experience using industry wide GRC tools (e.g. Archer, Metricstream)

**Skills that will help you in the role**
- Experience in playing a lead role in:

- Review of Audit findings, self-identified issues and breaches to align them with operational risk, regulatory requirements and Barclay’s Control Framework
- Advising IT on pragmatic approaches to meeting regulatory mandated technology controls and risk reduction
- Delivering of risk reduction and operational improvement projects
- Managing diverse staff and stakeholders
- Relevant professional certification such as CISA, CISSP, CISM,