Cybercrime and cyber-attacks against institutions are growing considerably in quality, quantity, and complexity, targeting both private industry and national critical infrastructure. However, a holistic approach across all security disciplines is required to ensure that these are mitigated successfully. Successful attacks against organizations can result in significant disruptions to business transactions, operations, and client activities, as well as regulatory scrutiny, reputational harm and b... more details
Role Title: Whippany Cyber Operations Director
Location: Whippany, NJ
Overall purpose of role Cybercrime and cyber-attacks against institutions are growing considerably in quality, quantity, and complexity, targeting both private industry and national critical infrastructure. However, a holistic approach across all security disciplines is required to ensure that these are mitigated successfully. Successful attacks against organizations can result in significant disruptions to business transactions, operations, and client activities, as well as regulatory scrutiny, reputational harm and brand tarnishment. As a global bank, Barclays is at the crosshair of cyber threat actors. As an organization that process financial transactions, stores and transmits sensitive client information, and participates in the global financial marketplace, Barclays is an attractive target to organized criminals, hackers and hacktivists. Barclays can expect to see a continued increase in the number and sophistication of cyber-attacks against it, its partners, and its employees and clients. This is made more of a critical issue given the bank’s strategy of providing more and more of its services and products online and via mobile channels. The developments described above require a different and much more proactive and intelligence led cyber defence, compared to the normal reactive and incident-based defences built over the last 20 years. The modern Chief Security Office develops and operates tools that are used by internal groups for protecting information, understanding internal systems and networks in order to prevent attacks, and analysing information to determine whether the organization is under attack. In addition, other tools used in the day-to-day management of employees or systems may be managed by the Chief Security Office if they are related to its mission of protecting the assets of the company and its customers. |
Key Responsibilities Lead the Whippany, NJ based Cyber Operational team, reporting into the MD, Cyber Operations and collaborating with globally distributed function that performs the following mission critical functions: - Deliver the consolidated strategy to operate a 24x7 Current Operations service, for alerting, event management and incident response global monitoring service.
- Operate the procedures for the Threat Management Service to anticipate current and emerging cyber security threats to Barclays.
- Drive critical security improvements and influence the security culture across Barclays by providing common services and sharing best practice.
- Deliver a step-change in the operational and cost effectiveness of the Cyber Operations teams, including transferring functions to lower cost strategic locations as appropriate.
- Oversee the operation of key controls to ensure the teams maintain regulatory compliance and are able to fulfil security obligations to the appropriate stakeholders and authorities.
- Deliver Ad Hoc and weekly briefings on the information security threat landscape to senior management.
- Demonstrate decision-making logic and exemplary reaction to security events affecting the business areas of Barclays Group
- Provide command, control and reporting support to JOC for all cyber security incidents.
- Establish and maintain relationships with business units as well as wider CSO organisation to drive ongoing service improvement activities.
- Drive the enhancement, improvement and delivery of monitoring and response methods and processes to reduce risk.
- Ensure that all team members are appropriately trained, developed and motivated by demonstrating role model behaviours and providing opportunities to RISE.
- Establish and deliver methods & tools that provide value for the organization by reducing risk.
- Provide strategic input to technical detection and response programs and initiatives leveraging previous experience.
- Use previous experience in global environments to provide success criteria & lessons learned with regards to toolset deployment and associated costs, benefits and impacts
- Understand costs and complexities associated with technical changes, and subsequent impact on time, quality and stability of the changes.
- Clearly communicate risks associated with detected events on a technical and non-technical layer to stakeholders.
|
Risk and Control Objective
Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise-Wide Risk Management Framework and internal Barclays Policies and Policy Standards.
Person Specification
Competencies
· Experience in the field of security monitoring, incident response and mitigation, web application security, threat research or intelligence analysis.
· Experience in attack surface reduction work, proactively using intelligence to increase controls before a threat manifests.
· Experience in dealing with all other aspects of Red, Blue and Purple team operations and management.
· Proven experience of running & operating a 24x7 facility.
· Proven leadership, relationship management and communication skills
· Experience of building and delivering a world-class security operations team.
· Incident, Problem and Change Management trained.
· Extremely effective people manager – able to manage, motivate and inspire a diverse, operational team.
Desired Skills
· Proficiency in
o Cyber Kill Chain
o Intelligence Driven Defence
o Security architectures
· Confident, with the ability to remain calm, controlled and focused in pressure situations.
· Ability to identify operational risks and issues in a fast time environment and take proportionate and appropriate actions.
· Ability to help write concise reports based on complex data with accuracy, brevity, and speed.
· A good understanding of a Corporate, Physical Security Environment.
· Previous experience in a Security Control Room environment is desirable.
· Previous experience of Incident Response procedures, with technical ability to ‘take control, and co-ordinate’ major security incidents.
· Mentoring experience