IT Security Specialist - Access Controls

  • Excellent + Benefits
  • Knutsford, England, United Kingdom Knutsford England GB
  • Permanent, Full time
  • Barclays UK
  • 14 Mar 18 2018-03-14

The purpose of the Violation Management Lead is to lead to be the violation management analysts in performing the activities of SoD controls are in place and operational for all systems included in the Application Access Controls scope, which spans across Barclays Business Units

Overall purpose of role

The purpose of the Violation Management Lead is to lead to be the violation management analysts in performing the activities of SoD controls are in place and operational for all systems included in the Application Access Controls scope, which spans across Barclays Business Units

Your Role

Violation management

  • To provide functional leadership for violation management team
  • To work with violation analysts and review and validates the accuracy of the daily SoD report to assess any violations that have occurred
  • Conduct weekly meeting with RTB leads on status of violations, health of Application feeds, status of exceptions categorized by business areas, applications, risk levels and SLA breaches. Analyse and assign ownership to RTB Leads and provisioning teams to ensure all risks are remediated on time and send status update to senior management
  • To develop subject matter expertise in the SoD rules across different business areas and the applications under management - and to act as this subject matter expert for issues and questions from teams within and outside of GIS. These questions may be from business users, external and Internal IT teams, internal and external auditors
  • Managing discussion with feed Management team to ensure timeliness and accuracy of Application feeds and ensuring that the reports are generated on a daily basis
  • Managing discussion of SoD status summary reports across different Business Areas by collecting, analysing and summarizing information and trends with Application Team leads and RTB leads. Negotiates on timelines of remediation and follows up to ensure that the risks are closed within agreed timelines
  • Managing the SoD Violation team to ensure that the violations are managed and removed from the underlying applications within agreed SLA and schedule follow up calls and escalation process when SLA is breached. Also, manage expectations with senior management by providing risk summary presentation of overall SoD violation status for management view
  • To prepare daily reports of violations for the TCLs
  • Creates process documents based on inputs provided by SoD Manager, ensures SoD Violation team are aligned to process, and proposes any process improvements areas that the team is facing to SoD Manager
  • Reviews and proposes any process improvement areas for the SoD Violation Team
  • Communicates the levels of IT compliance risk and control effectiveness to key stakeholders such as IT-business unit management, senior management and internal/external auditors.

Project Management

  • Planning and monitoring the project is on time and budget and escalating to the Programme Manager any risks requiring discussion at programme level
  • Managing project risks, issues and dependencies including the development and tracking of contingency plans
  • Ensures that realistic project plans are prepared and maintained

Person Specification

  • Strong communication skills and an ability to communicate at all levels within an organisation
  • Ability to navigate across the organisation working with different levels of stakeholders.
  • Good facilitation skills - and an ability to bring diverse teams together to work to solve a common problem
  • Good analytical skills, with the confidence to challenge and ask questions where there are anomalies / differences

Essential Skills/Basic Qualifications:

  • Experience in project management
    • Experience in IT Security
    • Experience of working with globally distributed teams

Desirable skills/Preferred Qualifications:

  • Experience in Internal and External Audit support and/or facilitation
  • Experience in technology risk and control

About Us

Barclays is a transatlantic consumer, corporate and investment bank offering products and services across personal, corporate and investment banking, credit cards and wealth management, with a strong presence in our two home markets of the UK and the US. Our goal is to become the bank of choice by providing superior services to customers and clients and supporting our stakeholders via a commercially successful business that generates long-term sustainable returns.

Risk and Control Objective

All Barclays colleagues have to ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.

Your Application

To be considered for this role, click on the apply button now.

Barclays Values & Diversity

Dynamic working gives everyone at Barclays the opportunity to integrate professional and personal lives, if you have a need for flexibility then please discuss this with the hiring manager. We are an equal opportunity employer and we are opposed to discrimination on any grounds. It is the policy of Barclays to ensure equal employment opportunity without discrimination or harassment on the basis of race, colour, creed, religion, national origin, alienage or citizenship status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law.