CISO Proactive Defense Unit - Service Manager

Barclays•Hanover Township, NJ

About The Position

Job Description Purpose of the role To manage and implement the service management framework for internal service provision including management of contractual documentation, service change governance and performance reporting, collaborating with business stakeholders and facilitating a consistent and efficient approach across all global Service Management offices. Accountabilities Management, oversight and implementation of the service management framework for internal service provision. Collaboration with teams across the bank to ensure adherence internal service management processes. Management of internal service change governance processes including oversight and maintenance of contractual agreements for internal service provisioning and oversight of BX hierarchy alignment. Development of reports and insights on internal service management performance and communicate findings to internal senior stakeholders. Participation in projects and initiatives to improve internal service management efficiency and effectiveness. Identification of areas for improvement to continually evolve internal service management through process improvement and automation, and work with business stakeholders to implement changes. Director Expectations To manage a business function, providing significant input to function wide strategic initiatives. Contribute to and influence policy and procedures for the function and plan, manage and consult on multiple complex and critical strategic projects, which may be business wide.. They manage the direction of a large team or sub-function, leading other people managers and embedding a performance culture aligned to the values of the business. Or for an individual contributor, they lead organisation wide projects and act as deep technical expert and thought leader, identifying new ways of working and collaborating cross functionally. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions.. Provide expert advice to senior functional management and committees to influence decisions made outside of own function, offering significant input to function wide strategic initiatives. Manage, coordinate and enable resourcing, budgeting and policy creation for a significant sub-function. Escalates breaches of policies / procedure appropriately. Foster and guide compliance, ensure regulations are observed that relevant processes in place to facilitate adherence. Focus on the external environment, regulators, or advocacy groups to both monitor and influence on behalf of Barclays, when appropriate. Demonstrate extensive knowledge of how the function integrates with the business division / Group to achieve the overall business objectives. Maintain broad and comprehensive knowledge of industry theories and practices within own discipline alongside up-to-date relevant sector / functional knowledge, and insight into external market developments / initiatives. Use interpretative thinking and advanced analytical skills to solve problems and design solutions in often complex/ sensitive situations. Exercise management authority to make significant decisions and certain strategic decisions or recommendations within own area. Negotiate with and influence stakeholders at a senior level both internally and externally. Act as principal contact point for key clients and counterparts in other functions/ businesses divisions. Mandated as a spokesperson for the function and business division. All Senior Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave. The Proactive Defense Service Manager is a senior leader dedicated to supporting the achievement of the Proactive Defense organization’s strategic goals and objectives. Proactive Defense unites Application Security (AppSec), Vulnerability Management, Red Team, Secure Configuration, and Penetration Testing (Pentesting) teams to deliver robust, forward-looking security services and drive secure-by-design principles as well as Continuous Threat Exposure Management (CTEM) across the enterprise. While secure-by-design and CTEM are overall responsibilities of the Proactive Defense organization, the Service Manager’s role is to provide critical oversight, guidance, and senior-level support—enabling these teams to realize those strategies through effective execution, resource alignment, and strategic problem-solving. The Service Manager acts as a primary interface with program management and transformation teams, advocating for service needs and progress, and facilitating the removal of organizational obstacles to empower Proactive Defense to fulfill its mission. Accountabilities Provide strategic oversight and senior-level guidance for the delivery of services across AppSec, Vulnerability Management, Red Team, Secure Config, and Pentesting, ensuring alignment with organizational goals and security strategies. Serve as the primary liaison between the Proactive Defense organization and program management, transformation, and executive leadership teams, representing service needs, priorities, and outcomes. Support the development of planning frameworks, resourcing models, and prioritization for the Proactive Defense book of work in partnership with PM and Transformation staff. Monitor high-level progress of initiatives, escalate barriers and risks to appropriate owners, and advocate for timely resolution of issues. Provide regular strategic updates and insights to stakeholders, synthesizing input from multiple teams to present a holistic view of service health and organizational posture. Champion continuous improvement efforts by facilitating inter-team communication, identifying systemic challenges, and recommending enhancements to processes and controls. Advocate for the development and integration of secure-by-design and CTEM strategies into organizational transformation efforts. Promote a culture of innovation, excellence, and collaboration within the Proactive Defense organization, serving as a mentor and advisor to service leads and technical managers. Ensure compliance with organizational policies, standards, and regulatory expectations across all Proactive Defense functions. Build and sustain strategic relationships with internal and external stakeholders, acting as a senior point of contact for all matters related to Proactive Defense services. Oversee and maintain a consolidated view of all control Issues (ORACs) owned by or dependent on the PDU domain, ensuring timely escalation of barriers, clear understanding of dependencies, and effective prioritization of remediation activities. Support the annual planning process by ensuring stakeholder clarity on the multi-year PDU strategic vision and its alignment with the overarching CISO strategy. Coordinate with Business Management and Change teams to define annual budget requirements, ensuring alignment with strategic objectives and the operating model. Lead workforce planning, recruitment, and resourcing activities to ensure the Proactive Defense organization is equipped with the necessary talent and capacity to deliver on its mission.

Requirements

Bachelor’s degree in Information Security, Computer Science, Business Administration, or a related field (or equivalent professional experience).
Extensive experience in senior leadership roles within cybersecurity, risk management, or IT service domains.
Strong understanding of Application Security, Vulnerability Management, Red Team, Secure Configuration, and Penetration Testing.
Demonstrated success influencing and collaborating with program management, transformation, and executive teams.
Exceptional strategic thinking, organizational awareness, and analytical skills.
Excellent communication skills, with experience briefing executive audiences and translating complex topics to non-technical stakeholders.
Proven ability to navigate complex organizations, manage competing priorities, and facilitate consensus among diverse groups.
Strong stakeholder engagement, partnership-building, and interpersonal skills.
Track record facilitating continuous improvement across teams and process optimization activities.
Analytical aptitude to interpret KPIs, resolve systemic challenges, and uphold a security-first culture.

Nice To Haves

Master’s degree in a relevant field.
Relevant certifications (e.g., CISSP, CISM, SABSA, CISA, ITIL).
Track record of driving secure-by-design or CTEM initiatives at scale.
Experience interfacing with large transformation programs and program management offices.
Familiarity with regulatory frameworks, risk management, and controls (e.g., GDPR, SOX, PCI DSS).
Experience managing or advising in large, complex, or highly regulated environments.
Expertise in facilitating continuous improvement or organizational change.
Ability to identify and advocate for emerging technologies and innovative security solutions.
Familiarity with ITIL-based service delivery, SLA/OLA management, and service lifecycle oversight.
Experience in managing budgets, cost estimates, vendor contracts, and staffing plans.
Knowledge in cloud security, network security, malware analysis, SIEM, cryptography, pen testing, and vulnerability assessments.

Responsibilities

Manage and implement the service management framework for internal service provision.
Collaborate with teams across the bank to ensure adherence internal service management processes.
Manage internal service change governance processes including oversight and maintenance of contractual agreements for internal service provisioning and oversight of BX hierarchy alignment.
Develop reports and insights on internal service management performance and communicate findings to internal senior stakeholders.
Participate in projects and initiatives to improve internal service management efficiency and effectiveness.
Identify areas for improvement to continually evolve internal service management through process improvement and automation, and work with business stakeholders to implement changes.
Provide strategic oversight and senior-level guidance for the delivery of services across AppSec, Vulnerability Management, Red Team, Secure Config, and Pentesting, ensuring alignment with organizational goals and security strategies.
Serve as the primary liaison between the Proactive Defense organization and program management, transformation, and executive leadership teams, representing service needs, priorities, and outcomes.
Support the development of planning frameworks, resourcing models, and prioritization for the Proactive Defense book of work in partnership with PM and Transformation staff.
Monitor high-level progress of initiatives, escalate barriers and risks to appropriate owners, and advocate for timely resolution of issues.
Provide regular strategic updates and insights to stakeholders, synthesizing input from multiple teams to present a holistic view of service health and organizational posture.
Champion continuous improvement efforts by facilitating inter-team communication, identifying systemic challenges, and recommending enhancements to processes and controls.
Advocate for the development and integration of secure-by-design and CTEM strategies into organizational transformation efforts.
Promote a culture of innovation, excellence, and collaboration within the Proactive Defense organization, serving as a mentor and advisor to service leads and technical managers.
Ensure compliance with organizational policies, standards, and regulatory expectations across all Proactive Defense functions.
Build and sustain strategic relationships with internal and external stakeholders, acting as a senior point of contact for all matters related to Proactive Defense services.
Oversee and maintain a consolidated view of all control Issues (ORACs) owned by or dependent on the PDU domain, ensuring timely escalation of barriers, clear understanding of dependencies, and effective prioritization of remediation activities.
Support the annual planning process by ensuring stakeholder clarity on the multi-year PDU strategic vision and its alignment with the overarching CISO strategy.
Coordinate with Business Management and Change teams to define annual budget requirements, ensuring alignment with strategic objectives and the operating model.
Lead workforce planning, recruitment, and resourcing activities to ensure the Proactive Defense organization is equipped with the necessary talent and capacity to deliver on its mission.