Cyber Controls Assurance

Job Title : Cyber Controls Assurance - BA4
Location: Pune

About Barclays
Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.

Risk and Control Objective
Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.

Working Flexibly

Hybrid Working

BUK & BX - All locations

Introduction:

- Provide assurance to Technology Leadership regarding the design and operating effectiveness of the Technology control environment in mitigating relevant risks through a defined and agreed programme of testing activity for Barclays.
- Review activities to remediate control gaps and assess whether the risk has been fully mitigated and whether the implemented controls are sustainable for Barclays.
- Identify, evaluate, report and escalate risks in line with Barclays risk and control frameworks, utilising relevant tools and analytical techniques.
- Provide guidance to ensure compliance with Barclays Group and Technology Policies, Standards, frameworks and procedures across Business Units, Functions and Shared Services.
- Report the results of testing activities to Senior Stakeholders across Business Units, Functions and Shared Services.
- Influence and support the implementation of the Technology CCO strategy.
- Meet the needs of key internal and external risk processes, reporting schedules, stakeholders and regulatory authorities in delivering assurance activities.

What will you be doing?
- Ensure quality and accuracy of control testing by performing internal quality assurance (QA) verification as per Barclays Control Framework
- Liaise with stakeholders across the three Lines of Defence to ensure efforts are aligned and complementary
- Review activities undertaken by management to remediate control gaps and provide an opinion as to whether the risk has been fully mitigated and whether the implemented controls are sustainable.
- Identify and leverage appropriate data sources and data analytical techniques to deliver targeted testing
- Extend the support towards implementation of the Technology CCO strategy to drive global consistency and improvements in risk awareness and risk management capability by developing a close and trusted relationship with key stakeholders, wherever required.
- Maintain an independent perspective, challenging as required and setting out quantified control options and risk decision recommendations.

What we’re looking for:
Project Management:

- 4-8 years of testing experience of ITGC/Cyber/Application Controls
- Has in-depth knowledge of the project lifecycle process
- Responsible for the preparation of project documentation throughout the project lifecycle, which also includes the business case
- Ability to assess and manage scope change controls
- Can manage the trade-offs of delivery within time, cost, and quality constraints
- Proactively identifies risks, issues and dependencies and can perform analysis on value at risk and mitigation options across a project
- Hands on experience into IS Audits / IT Assessments and GRC (Governance, Risk & Controls)
- Analytical approach and proven ability to manage issues through to resolution
- Strong interpersonal skills and ability to communicate effectively across a global team
- Ability to successfully multitask and complete assignments with varying lead times
- Self-starter & works independently
- Good understanding of programming/ database languages viz. C++, Java, COBOL, SQL
- Understanding of Software development, various testing during software development life cycle

Skills that will help you in the role:

- Extensive knowledge of technology risk and control including relevant tools and techniques
- Extensive knowledge and experience in one or more of the following fields IT audit, Risk and Control, IT security
- Relevant professional certification (CISA, CISSP, CRISC, CISM, ISO 27001) or equivalent

This role requires extensive knowledge and working experience in Technology, Information, and Security domain.
- Basic understanding of programming/ database languages viz. C++, Java, COBOL, SQL
- Knowledge or IS/IT Risks & Controls and respective Standards / Frameworks (e.g. COBIT, ITIL)
- Practical experience in managing Technology Risks & Controls in Banking/ NBFC domains
- Practical experience in design and development of SharePoint or similar tools

Where will you be working?
Pune

Be More at Barclays
Interested and want to know more about Barclays? Visit home.barclays/who-we-are/ for more details.

Purpose, Values and Mindset

We deploy finance