Group Tech and Functions BISO Professional
Barclays · Pune, Maharashtra, India
Barclays · Pune, Maharashtra, India
Role Purpose The Director Group Tech and Functions BISO will provide senior cyber and information security leadership for Group Technology and enterprise functions, acting as the primary interface between the business, technology leadership and the CISO organisation. The role will own and manage the cyber risk posture for the aligned area, ensure enterprise security requirements are translated into practical business and technology outcomes, and drive consistent execution of security controls, remediation and governance across the portfolio. This is a critical backfill role required to maintain continuity of senior security leadership, protect delivery momentum across technology change and BAU risk management, and ensure clear accountability for security outcomes across Group Tech and Functions. The successful candidate will be expected to operate at director level, influencing senior stakeholders, resolving complex risk issues and ensuring security is embedded early and proportionately across strategic technology initiatives. Key Accountabilities - Own and manage the cyber and information security risk profile for Group Tech and Functions, ensuring risks are understood, prioritised, governed and remediated in line with enterprise risk appetite. - Act as the senior trusted advisor to technology and functional leadership, translating enterprise security requirements, policies and standards into practical implementation plans. - Provide consistent security representation across major technology change initiatives, ensuring security requirements are embedded early in design, delivery and operational readiness activities. - Drive cyber risk hygiene across the aligned area, including KRI positions, issue management, control remediation, SLA breaches, audit actions, regulatory commitments and governance reporting. - Lead bi-directional engagement between Group Tech and Functions and the CISO organisation, ensuring business priorities, technology roadmaps and security demand are aligned. - Oversee the identification, assessment and escalation of business-related security issues, including support for risk assessments, control design and remediation planning. - Coordinate with TISO, Security Consulting, Architecture, Engineering, Cyber Operations, Governance, Risk and Compliance teams to deliver integrated security outcomes. - Represent the cyber risk position of Group Tech and Functions in senior forums, committees, standard councils and operating model governance discussions. - Support cyber incident handling and crisis management for the aligned business area, ensuring appropriate senior engagement, decision-making and post-incident follow-up. - Drive security awareness, education and adoption across the aligned business area, promoting a culture where information security is understood as a core business requirement. Leadership Expectations - Provide visible, accountable and outcome-focused leadership across a complex technology and functional stakeholder landscape. - Influence senior executives and technology leaders by clearly articulating cyber risk, control exposure, remediation priorities and trade-offs. - Lead through ambiguity, balancing business enablement with strong control outcomes and regulatory expectations. - Build trusted relationships across CISO, Group Technology, enterprise functions, second line risk, audit and operational teams. - Develop and coach supporting VP and AVP colleagues, ensuring effective delegation, clear priorities and high-quality delivery. - Promote a collaborative, transparent and risk-aware culture that supports secure-by-design delivery and continuous improvement. Required Experience and Expertise - Extensive experience in cyber, information security, technology risk, or business-facing security leadership roles, ideally within financial services or another highly regulated environment. - Proven ability to operate at director level, influencing senior technology, business, risk, audit, and CISO stakeholders on complex security and control matters. - Strong understanding of enterprise cyber risk management, information security controls, governance, issue management, remediation planning, and risk acceptance processes. - Experience translating security policies, standards, and regulatory expectations into practical delivery plans across technology change, cloud, infrastructure, applications, and enterprise functions. - Demonstrable knowledge of key security domains, including vulnerability management, identity and access management, secure-by-design delivery, third-party risk, incident response, and operational resilience. - Track record of leading through ambiguity, resolving competing priorities, and driving measurable improvements in cyber risk posture, control effectiveness, and stakeholder accountability. - Excellent communication, executive reporting, and challenge skills, with the ability to simplify complex cyber risk topics for senior leadership and non-technical audiences. - Relevant professional certifications such as CISSP, CISM, CRISC, CISA, or equivalent experience are desirable. **Purpose of the role** To provide a primary liaison service between the business, technology, and security functions. In order to ensure the confidentiality, integrity and availability of information, and support the mitigation of security risk. **Accountabilities** - Collaboration with stakeholders to understand their security requirements in business processes and IT projects, to enhance overall risk management. - Execution of risk assessments to identify and prioritise potential cybersecurity threats that could impact the banks operations and data and guide the implementation of mitigation strategies and communicate findings to relevant findings to relevant senior stakeholders. - Collaboration with business units to develop and implement security policies and procedures for the banks operations aligned to the risk management framework. - Management