Logo of Huzzle

Home

Matches

Explore

Manage

Security Incident Response Handler

image

Barclays

1mo ago

  • Job
    Full-time
    Senior Level
  • Government & Politics
    IT & Cybersecurity
  • Pune

AI generated summary

  • You should have strong SOC skills, incident management tools knowledge, stakeholder management, calmness under pressure, relevant certifications, and experience in large organizations.
  • You will implement resilience strategies, enhance incident management, oversee recovery capabilities, communicate risks, and respond to threats while documenting lessons learned for improvement.

Requirements

  • Strong SOC analyst skills and working experience in managing critical incident triaging and escalation.
  • Situational Awareness & Stakeholder Management skills (Required to engage senior leadership during incidents and briefing executive management on Major incidents in business language articulating high level risk and control gaps effectively).
  • Experience in working in a matrix reporting structure and leading discussions and initiatives.
  • Confident, with the ability to remain calm, controlled and focused during high pressured situations
  • Knowledge of incident management tools such as; ServiceNow, X-Matters, Everbridge
  • A working knowledge of how a layered defence and intelligence driven defence works
  • A working knowledge of Risk Management and the part that controls play in a security posture of an organisation
  • Ability to build relationships with stakeholders at all levels to help effectively drive incident outcomes and communication.
  • Excellent English verbal and written communication (must have)
  • Certified Security Incident Handler Certification (ex. ECIH or GCIH)
  • Confident, with the ability to remain calm, controlled, and focused while under pressure
  • Ability to identify operational risks and issues in a fast time environment, and take proportionate and appropriate actions
  • Previous experience working in a large multinational organisation with colleagues and stakeholders based in multiple / remote locations
  • Previous experience in a Security Control Room environment
  • ITIL Expert / Intermediate
  • Other Cyber security certifications like CISSP/CISA/CISM etc

Responsibilities

  • Socialisation and implementation of the resilience strategy and underpinning framework across the firm (e.g. SMRs and delegates, business / function resilience role owners and all colleagues), ensuring compliance to the standard and controls.
  • Development and enhancement of the resilience, crisis and incident management framework to uplift recovery and response capabilities to ensure Important Business Services can continue to operate during disruption events to minimise the impact on customers, clients and the market.
  • Operational Recovery Planning and Security Incident Management planning standards and controls enhancement according to industry practice, emerging threats and regulatory requirements.
  • Provide oversight to the business and technology recovery capability improvements, and uplifts to third-party (suppliers and Financial Market Infrastructure) recovery capabilities to enable Important Business Services to remain within or mitigate impact tolerance thresholds.
  • Communication of the firm’s / business’ resilience position (risks and remediation) through clear and transparent scorecards / dashboards to enable effective investment decisions to the Board and Executive Committees, Control Forums and business stakeholders.
  • Enhancement of resilience, crisis management and incident response and recovery capability through sophisticated, regular and adequate testing coverage to demonstrate Important Business Services’ ability to recover within impact tolerance for a severe but plausible scenario.
  • Assurance that services and products are built resiliently by the business through the change management process (NAPAs, DRAs, material change process).
  • Continually remain abreast of resilience and crisis and incident management developments, regulatory policy requirements and the emerging landscape.
  • Mitigation of the impact of unexpected incidents by identifying, responding to and enabling the resolution of events that threaten the services, operations, infrastructure, colleagues and clients of the bank.
  • Execution of responses to reported incidents and potential threats from various channels including intelligence, email, phone and monitoring systems prioritised by the assessed or actual impact to the bank.
  • Documentation and analysis of past prioritised incident details, the steps to resolution and the lessons learnt to support the identification and implementation of preventative measures and process improvements.

FAQs

What is the primary role of a Security Incident Response Handler at Barclays?

The primary role is to develop, implement, and maintain an effective resilience strategy and operational recovery planning and incident management framework, ensuring the bank can respond and recover from severe incidents while minimizing impact on customers, clients, colleagues, and the market.

What qualifications are required for this position?

Candidates should have strong SOC analyst skills, experience in managing critical incident triaging, situational awareness, stakeholder management skills, knowledge of incident management tools, and a Certified Security Incident Handler Certification (e.g., ECIH or GCIH).

What skills are desirable for a Security Incident Response Handler?

Desirable skills include previous experience in a Security Control Room environment, ITIL Expert/Intermediate certification, and other cybersecurity certifications like CISSP, CISA, or CISM.

Where is this position based?

This role will be based out of Pune.

What are the expectations for candidates at the Assistant Vice President level?

Candidates are expected to consult on complex issues, identify ways to mitigate risk, take ownership in managing risk, and effectively communicate complex information while collaborating with other areas to support business objectives.

What types of incidents will a Security Incident Response Handler be responsible for?

They will be responsible for identifying, responding to, and resolving unexpected incidents that threaten the services, operations, infrastructure, colleagues, and clients of the bank.

How important is communication in this role?

Excellent communication skills are essential, particularly in articulating high-level risks and control gaps to senior leadership and providing clear updates on major incidents.

Is there a focus on developing relationships with stakeholders in this role?

Yes, the ability to build and maintain relationships with stakeholders at all levels is crucial for effectively driving incident outcomes and communication.

What is the importance of testing in this position?

Regular and adequate testing coverage is vital to demonstrate Important Business Services' ability to recover within impact tolerance during severe but plausible scenarios.

How does Barclays value its employees in terms of company culture?

All colleagues are expected to demonstrate Barclays' values of Respect, Integrity, Service, Excellence, and Stewardship, along with the Barclays Mindset of Empower, Challenge, and Drive.

image

Barclays

Finance
Industry
10,001+
Employees
1690
Founded Year

Mission & Purpose

Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group. With over 325 years of history and expertise in banking, Barclays operates in over 40 countries and employs approximately 83,500 people. Barclays moves, lends, invests and protects money for customers and clients worldwide. Barclays is a trading name of Barclays Bank PLC and its subsidiaries. Barclays Bank PLC is registered in England and is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Registered in England. Registered No. 1026167. Registered office: 1 Churchill Place, London E14 5HP.