Group Tech and Functions BISO - India
Pune, Maharashtra, India
Role Purpose
The Director – Group Tech and Functions BISO will provide senior cyber and information security leadership for Group Technology and enterprise functions, acting as the primary interface between the business, technology leadership and the CISO organisation. The role will own and manage the cyber risk posture for the aligned area, ensure enterprise security requirements are translated into practical business and technology outcomes, and drive consistent execution of security controls, remediation and governance across the portfolio.
This is a critical backfill role required to maintain continuity of senior security leadership, protect delivery momentum across technology change and BAU risk management, and ensure clear accountability for security outcomes across Group Tech and Functions. The successful candidate will be expected to operate at director level, influencing senior stakeholders, resolving complex risk issues and ensuring security is embedded early and proportionately across strategic technology initiatives.
Key Accountabilities
- Own and manage the cyber and information security risk profile for Group Tech and Functions, ensuring risks are understood, prioritised, governed and remediated in line with enterprise risk appetite.
- Act as the senior trusted advisor to technology and functional leadership, translating enterprise security requirements, policies and standards into practical implementation plans.
- Provide consistent security representation across major technology change initiatives, ensuring security requirements are embedded early in design, delivery and operational readiness activities.
- Drive cyber risk hygiene across the aligned area, including KRI positions, issue management, control remediation, SLA breaches, audit actions, regulatory commitments and governance reporting.
- Lead bi-directional engagement between Group Tech and Functions and the CISO organisation, ensuring business priorities, technology roadmaps and security demand are aligned.
- Oversee the identification, assessment and escalation of business-related security issues, including support for risk assessments, control design and remediation planning.
- Coordinate with TISO, Security Consulting, Architecture, Engineering, Cyber Operations, Governance, Risk and Compliance teams to deliver integrated security outcomes.
- Represent the cyber risk position of Group Tech and Functions in senior forums, committees, standard councils and operating model governance discussions.
- Support cyber incident handling and crisis management for the aligned business area, ensuring appropriate senior engagement, decision-making and post-incident follow-up.
- Drive security awareness, education and adoption across the aligned business area, promoting a culture where information security is understood as a core business requirement.
Leadership Expectations
- Provide visible, accountable and outcome-focused leadership across a complex technology and functional stakeholder landscape.
- Influence senior executives and technology leaders by clearly articulating cyber risk, control exposure, remediation priorities and trade-offs.
- Lead through ambiguity, balancing business enablement with strong control outcomes and regulatory expectations.
- Build trusted relationships across CISO, Group Technology, enterprise functions, second line risk, audit and operational teams.
- Develop and coach supporting VP and AVP colleagues, ensuring effective delegation, clear priorities and high-quality delivery.
- Promote a collaborative, transparent and risk-aware culture that supports secure-by-design delivery and continuous improvement.
Required Experience and Expertise
- Extensive experience in cyber, information security, technology risk, or business-facing security leadership roles, ideally within financial services or another highly regulated environment.
- Proven ability to operate at director level, influencing senior technology, business, risk, audit, and CISO stakeholders on complex security and control matters.
- Strong understanding of enterprise cyber risk management, information security controls, governance, issue management, remediation planning, and risk acceptance processes.
- Experience translating security policies, standards, and regulatory expectations into practical delivery plans across technology change, cloud, infrastructure, applications, and enterprise functions.
- Demonstrable knowledge of key security domains, including vulnerability management, identity and access management, secure-by-design delivery, third-party risk, incident response, and operational resilience.
- Track record of leading through ambiguity, resolving competing priorities, and driving measurable improvements in cyber risk posture, control effectiveness, and stakeholder accountability.
- Excellent communication, executive reporting, and challenge skills, with the ability to simplify complex cyber risk topics for senior leadership and non-technical audiences.
- Relevant professional certifications such as CISSP, CISM, CRISC, CISA, or equivalent experience are desirable.
Purpose of the role
To provide a primary liaison service between the business, technology, and security functions. In order to ensure the confidentiality, integrity and availability of information, and support the mitigation of security risk.
Accountabilities
- Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management.
- Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders.
- Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework.
- Management of the implementation, testing and monitoring of security controls across the banks IT systems to ensure the effectiveness of controls and mitigation of risk.
- Execution of training content and sessions to educate employees, enhance cybersecurity awareness and provide guidance on safe online practices.
- Management of complex cybersecurity incidents by collaborating with IT teams and response experts to effectively resolve cases through analysis, expertise support and project supervision.
- Identification of emerging cybersecurity trends, threats, and new technologies to address potential risks by advocating the adoption of new security solutions.
Director Expectations
- To manage a business function, providing significant input to function wide strategic initiatives. Contribute to and influence policy and procedures for the function and plan, manage and consult on multiple complex and critical strategic projects, which may be business wide..
- They manage the direction of a large team or sub-function, leading other people managers and embedding a performance culture aligned to the values of the business. Or for an individual contributor, they lead organisation wide projects and act as deep technical expert and thought leader, identifying new ways of working and collaborating cross functionally. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions..
- Provide expert advice to senior functional management and committees to influence decisions made outside of own function, offering significant input to function wide strategic initiatives.
- Manage, coordinate and enable resourcing, budgeting and policy creation for a significant sub-function.
- Escalates breaches of policies / procedure appropriately.
- Foster and guide compliance, ensure regulations are observed that relevant processes in place to facilitate adherence.
- Focus on the external environment, regulators, or advocacy groups to both monitor and influence on behalf of Barclays, when appropriate.
- Demonstrate extensive knowledge of how the function integrates with the business division / Group to achieve the overall business objectives.
- Maintain broad and comprehensive knowledge of industry theories and practices within own discipline alongside up-to-date relevant sector / functional knowledge, and insight into external market developments / initiatives.
- Use interpretative thinking and advanced analytical skills to solve problems and design solutions in often complex/ sensitive situations.
- Exercise management authority to make significant decisions and certain strategic decisions or recommendations within own area.
- Negotiate with and influence stakeholders at a senior level both internally and externally.
- Act as principal contact point for key clients and counterparts in other functions/ businesses divisions.
- Mandated as a spokesperson for the function and business division.
All Senior Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.
All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.