Date live:27/08/2025
Business Area:Chief Information Security Office
Area of Expertise:Technology
Contract:Permanent

Reference Code:JR-0000067664

• The Head of Cyber Assurance is key leadership position within the Barclays Cyber Posture and Assurance function, part of the Chief Information Security Office, with enterprise wide responsibility.
• The role has accountability for defining, implementing, and evolving the strategy for cyber assurance testing across the enterprise and ensuring that all arising findings are comprehensively remediated holistically across the bank.
• This role oversees the development and execution of comprehensive testing frameworks, leads a team of Cyber Assurance Subject Matter Experts, and ensures that the assurance activities achieve the a thorough evaluation against emerging threats and regulatory standards.
• The role requires broader analysis to ensure risks are appropriately managed and root causes identified, fostering continuous improvement.
• The Head of Cyber Assurance collaborates extensively with stakeholders throughout the business, partnering with Technology, Operational Risk, Internal Audit, and senior security leadership to promote a culture of security assurance.
• Threat Intelligence Collaboration: Incorporate threat intelligence insights into testing programmes to simulate real-world attack vectors effectively.
• Regulatory & Compliance Alignment: Ensure testing activities comply with applicable standards (e.g., ISO 27001, NIST, PCI DSS, GDPR) and facilitate internal and external audit requirements.
• Experience in any of information security and/or technology with a leadership capacity focused on assurance testing, controls enforcement, red/blue teaming, or vulnerability management.

ACCOUNTABILITIES

• Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
• Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
• Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
• Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
• Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
• Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
• Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.

To provide a primary liaison service between the business, technology, and security functions. In order to ensure the confidentiality, integrity and availability of information, and support the mitigation of security risk.