This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Be a part of a place where challenges are measured in billions, qubits and nanoseconds. Build your career in an environment where we’re advancing machine learning, leveraging blockchains, and harnessing FinTech. Working in Barclays technology, you’ll reimagine possibilities: learning and innovating to solve the challenges ahead, delivering for millions of customers. We are shaping the future of financial technology.
Job Responsibility:
To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats
Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage
Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise
Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats
Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network
Management of cyber security incidents including remediation & driving to closure
Requirements:
10+ years of experience in software security, DevSecOps, or secure SDLC program implementation
Deep understanding of modern SDLC processes, DevOps toolchains, and CI/CD automation (GitLab, GitHub, Jenkins, Azure DevOps, etc.)
Strong knowledge of SSDF, BSIMM, OWASP SAMM, and secure-by-design principles
Demonstrated ability to define governance, metrics, and KRIs for large-scale secure development programs
Proven experience leading global teams and influencing development organizations
Excellent stakeholder-management and communication skills bridging engineering and risk audiences
Nice to have:
Experience in large, distributed financial-services or fintech environments
Expertise in cloud-native development security, container orchestration (Kubernetes), and infrastructure-as-code (Terraform, Helm)
Familiarity with policy-as-code frameworks and secure change-management integration
Advanced knowledge of SAST/DAST/SCA, open-source risk management, and code-signing pipelines
Certifications such as CISSP, CSSLP, or AWS/Azure DevSecOps specialty