Helpdesk Click here to connect with our resourcing helpdesk team ?
Skip to main content

Insider Threat Technical Lead

Knutsford, England

Key information

Date live Jun. 23, 2022

Business Area COO & Functions

Area of Expertise Operations

Contract Permanent

Reference Code 90335243

Job description

Insider Threat Technical Lead

As a Barclays Insider Threat Technical Lead, you will have the opportunity to join an exciting new venture within the Insider Core Team. You will be responsible for working with Security Architecture, Innovation and Technology partners to ensure the most appropriate technology solution is deployed to deliver the requirements of the Insider Core team. This will be the ideal role for you to showcase your experience with security incident investigations, cyber incident response or insider threat incident response.

Barclays is one of the world's largest and most respected financial institutions, with 329 years of success, quality and innovation behind us. We offer careers that provide endless opportunity – helping millions of individuals and businesses thrive, and creating financial and digital solutions that the world now takes for granted.

We are currently operating in a hybrid working environment, meaning that many colleagues spend part of their working hours at home and part in the office, depending on the nature of the role they are in. Please discuss the detail of the working pattern options for the role with the hiring manager.

What will you be doing?
• Maintaining of Insider Threat data and technology architecture, to ensure it remains fit for purpose aligned with ongoing data and technology changes and emerging threat scenarios
• Building and maintaining logic and rules within technology solution(s) to support multiple Insider Threat use cases,
• Using multiple diverse and sensitive data sets from across the organisation, including HR data and Security Incident data
• Working closely with SIEM engineers within CSO Security Engineering & Technology Services
• Working with Insider Threat Consultants to validate additional data feeds and use cases for ingestion into technology solution(s)
• Reporting to Senior Management on Insider Threat Data and Technology strategy

What we’re looking for:
• Experienced in SIEM engineering, log parsing, event ingestion, alert creation and data enrichment
• Experienced in implementing data models and implementing parsing according to defined standards
• Experienced in building complex correlation searches, basic statistical models and applying scores and weightings
• Intermediate Splunk Certifications such as Power/Advanced Power User, Certified Admin and demonstrable equivalent training or experience

Skills that will help you in the role:
• Experience of defining and maturing security and technology architectures
• Experienced in designing data models and defining and implementing logging standards
• Advanced Splunk Certifications such as Splunk Developer or Security Certified Admin or demonstrable equivalent training and experience
• Experience in threat modelling techniques and/or visibility/telemetry/logging assessments

Where will you be working?
You will be based in Radbroke, Knutsford. The Barclays Technology Campus just outside Manchester is our tech command centre and a vital strategic powerhouse behind our global operations.


The Barclays Way

This is the spirit of Barclays. It’s why we exist, what we believe and how we behave. But most importantly, it’s how we make decisions, take action and get things done.

Learn more


We exist to provide responsible finance to people and business – but also a whole lot more.


We believe great talent RISES. It acts with Respect, Integrity, Service, Excellence and Stewardship.


We discover our full potential through our desire to Empower, Challenge and Drive each other.

More about working at Barclays