SecDevOps - Senior Analyst

Purpose of the role

To lead and manage engineering teams, providing technical guidance, mentorship, and support to ensure the delivery of high-quality software solutions, driving technical excellence, fostering a culture of innovation, and collaborating with cross-functional teams to align technical decisions with business objectives. 

Accountabilities

• Lead engineering teams effectively, fostering a collaborative and high-performance culture to achieve project goals and meet organizational objectives.
• Oversee timelines, team allocation, risk management and task prioritization to ensure the successful delivery of solutions within scope, time, and budget.
• Mentor and support team members' professional growth, conduct performance reviews, provide actionable feedback, and identify opportunities for improvement.
• Evaluation and enhancement of engineering processes, tools, and methodologies to increase efficiency, streamline workflows, and optimize team productivity.
• Collaboration with business partners, product managers, designers, and other stakeholders to translate business requirements into technical solutions and ensure a cohesive approach to product development.
• Enforcement of technology standards, facilitate peer reviews, and implement robust testing practices to ensure the delivery of high-quality solutions.

Assistant Vice President Expectations

• To advise and influence decision making, contribute to policy development and take responsibility for operational effectiveness. Collaborate closely with other functions/ business divisions.
• Lead a team performing complex tasks, using well developed professional knowledge and skills to deliver on work that impacts the whole business function. Set objectives and coach employees in pursuit of those objectives, appraisal of performance relative to objectives and determination of reward outcomes
• If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.
• OR for an individual contributor, they will lead collaborative assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will identify new directions for assignments and/ or projects, identifying a combination of cross functional methodologies or practices to meet required outcomes.
• Consult on complex issues; providing advice to People Leaders to support the resolution of escalated issues.
• Identify ways to mitigate risk and developing new policies/procedures in support of the control and governance agenda.
• Take ownership for managing risk and strengthening controls in relation to the work done.
• Perform work that is closely related to that of other areas, which requires understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategy.
• Engage in complex analysis of data from multiple sources of information, internal and external sources such as procedures and practises (in other areas, teams, companies, etc).to solve problems creatively and effectively.
• Communicate complex information. 'Complex' information could include sensitive information or information that is difficult to communicate because of its content or its audience.
• Influence or convince stakeholders to achieve outcomes.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Join us as a CISO IAM Operations - Senior Analyst at Barclays where you will spearhead the evolution of our infrastructure and deployment pipelines, driving innovation and operational excellence. You will harness cutting-edge technology to build and manage robust, scalable and secure infrastructure, ensuring seamless delivery of our digital solutions.

We are looking for individuals who have profound understanding of Access & Privileges management applications like SSO & CyberArk and have good people management skills. In this role, you will be responsible for driving successful delivery and implementation of key enterprise initiatives related to Privileged Identity and Access Management technologies. The individual would be responsible to serve as a cross-platform technical subject matter expert and provide consulting support to architects and engineers on application integration. Customer-focused on strong service delivery. To coordinate security related activities such as scheduled maintenance, upgrade, performance tuning and trouble shooting. Decision Making- Participate and contribute to MIH where individual need to apply his technical skills and take decision. Drive Information Security principles and controls

To be successful as a CISO IAM Operations - Senior Analyst, you should have experience with:

• Must have skill # 1

• Strong understanding on Access Management (SSO, PING FEDERATION) & Privileged Access Management (CyberArk/Vaults) application.

  
  
  

• Strong understanding on managing different components of CyberArk Application (VAULT/PVWA/PSM/CCP/AAM/EPM/PSMP/CONJOUR)

  
  
  

• Should have strong knowledge on writing API based scripts to automate activities related to CyberArk.

  
  
  

• Strong Communication Skills to interact with various key stake holders and senior management for escalations, candidate should have strong verbal and written communication.

  
  
  

• Should have strong understanding on Plugin and PSM Connector development to manage the password for different applications.

  
  
  

• Support of system outages, fixes, and enhancements 

  
  
  

• Perform trending & root cause analysis of issues

  
  
  

• Support and management of system outages via the published major incident management process.

  
  
  

• Analyse automation failures, identify root cause of failure and work internally/with Vendor to fix the issue.

  
  
  

• Attend Major Incident Management calls related to outages and complex technical issues needing interaction with multiple teams.

  
  
  

• Attend conference calls opened by applications team for complex technical issues. Understand the urgency, priority and gravity of the situation and accordingly maintain two-way communication. 

  
  
  

• Should be able to take decisions during major incidents, outages on matters related to service degradation and managing communications to impacted stakeholders. Be able to supplement with a rationale for decisions taken. 

  
  
  

• Should also has a strong background in Information Security principles and controls. 

  
  
  

• Must have skill # 2

• Develop and maintain strong and constructive relationships with stakeholders in other business units. 

  
  
  

• Engage with stakeholders, negotiating appropriate prioritisation of work. 

  
  
  

• Maintain awareness and deep understanding of IT security issues with Endpoint Security. 

  
  
  

• Communicate regularly with stakeholders to promote information security awareness and ensure consistency in security policy and procedures. 

  
  
  

• Communicate issue/concerns with stakeholders & business cluster & participate to develop solutions. 

  
  
  

• Must have skill # 3

• Ability to troubleshoot and resolve complex technical issues successfully whilst making clear decisions that are in the best interests of stakeholders. 

  
  
  

• Understand the requirements of strong governance in a large financial environment, particularly around Change Management, Risk Management, handling major and minor incidents, Disaster Recovery planning / testing and meeting requirements of rigorous Audit mandates. 

  
  
  

• Ability to multi-task, and work under pressure and to deadlines. 

  
  
  

Some other highly valued skills may include:

• Nice to have skill # 1

Service Now ticketing tool

Operating systems - Unix, Linux, Windows servers

Database Management Systems, Web Servers

• Nice to have skill # 2

Basic knowledge of Automation, Java, Golang.

Experienced in cloud, code as infrastructure and policy as code technologies.

Hands-on experience with microservice architecture, distributed consensus

In-depth knowledge of PKI/SSL/TLS, encryption, design patterns and algorithms

In-depth Knowledge Authentication and Authorization Protocols: JWT/OAUTH2

In-depth knowledge of Cryptography Java (Java 8/11, Spring boot)

Knowledge of relational and Document databases (MySQL/Postgres)

Hasicorp Vault, Hashicorp Consul.

Build systems, CI/CD (Jenkins, TC), version control: git, Kubernetes/OpenShift

You may be assessed on key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job-specific technical skills.

The role is based out of Pune.