What you will do:
• Provide an Information Security support and oversight service to change initiatives (from Small Change to enterprise level Programmes), to ensure that Information Security risk is managed in accordance with the Bank’s Risk Management and Information Security policy frameworks
• Work with various first line of defence teams to ensure alignment of technology controls to relevant information security standards
• Support and challenge Information Security control design across IT and the wider business to be as efficient and effective as possible given the dynamic nature of risk and threat within the banking industry
• Ensure transparency in Information Security decisions made across all programmes and projects that you are supporting
• Support a varied and demanding programme of bank-wide change working with project teams to advise and guide on information security best practice
• Identify security testing requirements, collaborate with appropriate stakeholders to scope these tests and to ensure that the business risk associated with any issues identified is incorporated into project risk management
• Bullet seven
And... we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the courage to call out any concerns.
What you will need:
• Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders
• A good understanding of information security within the project management lifecycle, alongside a solid working knowledge of enterprise technology
• a strong risk management background and experience in conducting security risk assessments on projects and developing security controls
• Specific experience in secure design, build and control methodologies aligned to relevant security standards, ISO27001, PCI DSS, NIST.• Bullet five
• Demonstrable experience of Agile, DevSecOps, Cloud, containerization, microservices and similar technologies is desirable.
• Detailed technical knowledge of Application Security and Network Security is beneficial but not essential for the role
Our promise to you…
• We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts!
• We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).
• We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible.