Controls Business Partner GTSM

Job Title: Controls Business Partner GTSM

Location: Pune

About Barclays

Barclays is a British universal bank. We are diversified by business, by different types of customers and clients, and by geography. Our businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by our service company which provides technology, operations and functional services across the Group.

Risk and Control Objective

Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Barclays Policies and Policy Standards.

Working Flexibly

We’re committed to providing a supportive and inclusive culture and environment for you to work in. This environment recognises and supports ways to balance your personal needs, alongside the professional needs of our business. Providing the opportunity for all our employees, globally to work flexibly empowers each of us to work in a way that suits our lives as well as enabling us to better service our customers’ and clients’ needs. Whether you have family commitments or you’re a carer, or whether you need study time or wish to pursue personal interests, our approach to working flexibly is designed to help you balance your life. 

If you would like some flexibility then please discuss this with the hiring manager.

Introduction:

This role is within the Technology CCO for Advisory and Oversight function.

• The primary focus of the role will be to provide the risk & control support for the Controls Business Partnering  team in providing Group Technology Service Management(GTSM) aligned global as well as regional coverage of the quantification and delivery of a highly visible, business focused and pragmatic Technology Controls agenda to ensure compliance with Barclays technology policies, standards, frameworks and procedures.
• This will require the successful candidate to establish successful engagement with key stakeholders within the GTSM, Technology CCO and relevant Business Units, as well as stakeholders external to Technology such as Internal Audit, External Audit and Compliance.

What will you be doing?

• Provide Governance, oversight and total operations support on technology risk identification/assessment, risk mitigation and response across all the GTSM (Group Technology Service Management) areas including Markets, Risk Finance & Treasury, Functions, BUK, Corporate, Cards & Payment etc. to operate within risk appetite and in compliance with Barclays Control Framework.
• Be the Primary point of contact (PPOC) for all the Technology/Cyber Controls, risk identification & remediation specific initiatives/deliverables from GTSM perspective.
• Proactively support all GTSM areas on all Technology & Cyber Control Policy & Standard breaches by highlighted the risk to senior stakeholders as well as working on risk remediation/mitigation/acceptance through the organization’s  Controls toolset.
• Assist respective GTSM areas across the overall Audit (Internal/External) engagement journey including initial Audit engagement, evidencing policy conformation, agreement of gaps identified, gap remediation & governance and closure evidence sharing in adherence with the organizational compliance requirements.  
• Be the primary Issue/Action Coordinator for any global GTSM specific Risk events, Controls gap/Issue/Action in the Barclays specific Operations risk (ORAC) tool and provide overall governance & management updates till Issues closure & subsequent management sign-off.
• Provide accurate guidance, review and proactively highlight any risk to the GTSM Management in order to enable them to review the compliance status & set the overall strategy and targets of the team.
• Effectively manage the Technology SOX compliance framework for GTSM, assisting with the overall SOX Technology Controls Testing process including  gap identification, risk remediation and periodic Testing status to GTSM stakeholders. This also includes constant interaction with the SOX Testers/auditors and providing coordination support across GTSM areas.
• Ensure that Technology Operational Risk metrics, KRI/KPIs, assessments and reporting are backed by correct data, duly highlighted/escalated to respective GTSM stakeholders ensuring demonstration of effective risk management process.
• Proactively Promote awareness of Technology & Cyber Security policies, standards and procedures across global GTSM teams.
• Proactively scan the overall Organizational environment for internal/external risk events, Policy breaches, non-adherence to Standard and then effectively carry out risk assessment to analyze GTSM Controls environment/preparedness and recommend remediation & ownership for identified gaps.
• Identify and proactively manage potential Technology & Cyber Risk cases/events and resulting ORAC issues/Actions for respective GTSM management visibility and awareness.
• Provide APAC specific coverage for all potential Risk & compliance Issues involving GTSM areas in ORAC tool as well as providing specific Risk & Control support/guidance/handholding to APAC management
• Promote awareness of applicable technology and security policies, standards and procedures
• Establish and maintain an effective risk culture

What we’re looking for:

• Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment
• Ability to rapidly assess a situation and identify, isolate and communicate problems and issues. 
• Excellent communication skills (both oral/written) including ability to clearly communicate risks and control issues to technologists and non-technologists
• Experience in Data modelling to present risk and control summary to Senior Leadership
• Excellent analytical and methodical approach to respond to internal and external events related to Technology & Cyber, emerging threats, identified vulnerabilities, regulatory actions.
• Excellent leadership skills, provide thought leadership to the team and ability to work as an individual contributor
• Detail orientated with excellent time management skills
• Problem solving – ability to think unconventionally and find solutions to unstructured problems
• Ability to network and establish rapport with internal colleagues across global teams
• Strong interpersonal skills with an ability to communicate difficult or complex ideas clearly and constructively
• Collaborative, able to drive agreement across varying stakeholders
• Confident in negotiating and influencing colleagues or stakeholders
• Degree of independent thinking and decision-making authority, and ability to influence upwards
• Strong assertiveness skills and ability to challenge effectively at all the levels in the organization on the underlying risk management
• Being a global role, person must be adaptive and flexible to work across various time zones

Skills that will help you in the role:

• Bachelor’s degree in Computer Science or Engineering and equivalent work experience in relevant industry with strong background in risk management, technology and information security
• Experience in assessing design and operating effectiveness of technology controls related to Service Management, Technology Infrastructure, Networks etc.
• Hands-on experience in service delivery or project management of IT infrastructure (servers, network, storage) and software components with excellent understanding of related technology controls to mitigate risk
• Hands-on experience in managing the service delivery and operations with the help of key metrics like KRI,  KPI etc. and designing the scorecard etc.
• Hands-on experience working/supporting SOX, SOC, Internal/ External/ Regulatory Audits
• Experience in leveraging IT risk frameworks such as ISMS, COBIT5, COSO, NIST
• Excellent knowledge of information technology risks, controls and risk remediation and experience using industry wide GRC tools

Desirable skills/Preferred Qualifications

• Experience in playing a lead role in Internal/External Audits, Technology Risk reviews.
• Review of Audit findings, self-identified issues and breaches to align them with operational risk, regulatory requirements and Barclay’s Control Framework
• Advising IT on pragmatic approaches to meeting regulatory mandated technology controls and risk reduction
• Delivering of risk reduction and operational improvement projects
• Managing diverse staff and stakeholders
• Relevant professional certification such as CISA, CISSP, CISM, PMP, CRISC or equivalent

Where will you be working?

Pune

Be More at Barclays

At Barclays, each day is about being more – as a professional, and as a person. ‘Be More @ Barclays’ represents our core promise to all current and future employees. It’s the characteristic that we want to be associated with as an employer, and at the heart of every employee experience. We empower our colleagues to Be More Globally Connected, working on international projects that improve the way millions of customers handle their finances. Be More Inspired by working alongside the most talented people in the industry, and delivering imaginative new solutions that are redefining the future of finance. Be More Impactful by having the opportunity to work on cutting-edge projects, and Be More Valued for who you are.

Interested and want to know more about Barclays? Visit home.barclays/who-we-are/ for more details.

Purpose, Values and Mindset

We deploy finance responsibly to support people and businesses, acting with empathy and integrity, championing innovation and sustainability, for the common good and the long term.

Our values underpin everything we do: Respect, Integrity, Service, Excellence and Stewardship.

Respect

We harness the power of diversity and inclusion in our business, trust those we work with, and value everyone's contribution.

Integrity

We operate with honesty, transparency and fairness in all we do.

Service

We act with empathy and humility, putting the people and businesses we serve at the centre of what we do.

Excellence

We champion innovation, and use our energy, expertise and resources to make a positive difference.

Stewardship

We prize sustainability, and are passionate about leaving things better than we found them.

Our Mindset shapes how we take action, living by our Values, driven by our Purpose, always with our customers and clients at the heart of what we do; our Mindset is to Empower, Challenge and Drive.

Empower

Trust and support each other to deliver. Make decisions with those closest to the topic. Include diverse perspectives. Celebrate success and learn from failure.

Challenge

Question whether things can be done better. Use insights based on data to inform decisions. Be curious about how we can adapt and improve. Speak up and be open to alternative viewpoints.

Drive

Focus on outcomes. Deliver with pace. Be passionate and ambitious about what we do. Take personal responsibility. Actively build collaborative relationships to get things done.