Business Information Security Officer

Embark on a transformative journey as a Business Information Security Officer at Barclays. Our vision is clear – to redefine the future of banking and help craft innovative solutions.

As BISO, you will partner closely with key technology and business stakeholders to ensure business strategies are supported and that the business operates in a secure environment with security proactively embedded into services. The role offers high visibility across Cyber & Technology leadership, working in partnership with senior management to ensure understanding of cyber risk posture and to prioritize actions for improvement.

To be successful as a Security Officer, you should have:

• Understanding of Security & Control Frameworks & Methodologies
• Knowledge of Security Tooling and capabilities such as NIST
• Excellent communication skills across all levels of the organization, including senior executives

Additional valued skills include strong communication skills. You may be assessed on key skills such as risk and controls, change and transformation, business acumen, strategic thinking, digital and technology expertise, as well as technical skills specific to the role.

This role is located in Knutsford, Radbroke Hall.

To serve as the primary liaison between the business, technology, and security functions, ensuring the confidentiality, integrity, and availability of information, and supporting the mitigation of security risks.

• Collaborate with stakeholders to understand security requirements in business processes and IT projects, enhancing overall risk management.
• Execute risk assessments to identify and prioritize potential cybersecurity threats, guiding mitigation strategies and communicating findings to senior stakeholders.
• Work with business units to develop and implement security policies and procedures aligned with the risk management framework.
• Manage the implementation, testing, and monitoring of security controls across IT systems to ensure effectiveness and risk mitigation.
• Conduct training sessions to educate employees, increase cybersecurity awareness, and promote safe online practices.
• Manage complex cybersecurity incidents by collaborating with IT teams and response experts to resolve cases effectively.
• Identify emerging cybersecurity trends, threats, and technologies to proactively address potential risks and advocate for new security solutions.

• Contribute to strategy, drive requirements, and recommend changes. Plan resources, budgets, and policies; manage policies/processes; deliver improvements; escalate policy breaches.
• For those managing teams, define roles, plan for future needs, counsel employees, and lead specialists to influence operations, aligning with strategic and tactical priorities.
• Demonstrate leadership behaviors: Listen and be authentic, Energize and inspire, Align across the enterprise, Develop others.
• For individual contributors, act as subject matter experts, guide technical direction, lead multi-year projects, and mentor less experienced staff.
• Advise stakeholders and senior management on impact and alignment across functions.
• Manage risks through assessments, supporting governance and control agendas.
• Show leadership and accountability in risk management and control strengthening.
• Understand organizational functions to support business goals.
• Collaborate across areas to stay aligned with business strategies.
• Develop solutions through sophisticated analysis and research, comparing complex alternatives.
• Build and maintain trusting relationships with stakeholders, using influencing and negotiating skills to achieve objectives.

All colleagues are expected to embody Barclays Values: Respect, Integrity, Service, Excellence, and Stewardship, and to demonstrate the Barclays Mindset: Empower, Challenge, Drive.