Please Note: The application deadline for this job has now passed.
Job Introduction
Our UK Information Security Secure Change Team provides InfoSec Subject Matter Expertise to the Bank’s change portfolio. The Information Security Consultant (Salesforce) will be a subject matter expert in all aspects of the Salesforce platform which relate to Information Security.
Main Responsibility
The main purpose of the Information Security Consultant (Salesforce) role is to:
- Act as an InfoSec subject matter expert, primarily focussed on the security of the Bank’s Salesforce platform and connected components (e.g. SIEM, Secure Data Transfer Mechanisms).
- Assess whether the current (and proposed) configuration of the Salesforce platform and connected components meet the Bank’s security requirements, regulatory requirements and good industry practice;
- Define, document and agree security improvements/enhanced configurations where these are necessary;
- Define, document and agree security improvements/enhanced configurations as part of changes to the existing core technologies and the implementation of new capabilities, systems and technologies;
- Represent Information Security with Business stakeholders as a trusted advisor, finding pragmatic and cost-effective security solutions that efficiently support customer needs.
- Act as a specialist owner of 1 or more of the team’s security processes, systems or frameworks, maintaining specialist knowledge and continually evolving the process,system or framework with reference to the bank’s global and local system & process owners, regulation & good practice;
- Provide specialist advice as part of structured risk & control assessments, for example external supplier due diligence;
The Ideal Candidate
Key Skills:
- Information Security subject matter expert in all aspects of the Salesforce platform which relate to information security.
- Ideally also having exposure to multiple cloud technology areas such as M365, Azure (Identity, Security and Compliance), Defender, Azure DevOps, Azure IaaS, etc.
- Solid, practical and demonstrable experience of information security (technical and non technical aspects), ideally with an understanding of privacy ;
- able to influence decision making to surface and mitigate issues and risks across a wide range of stakeholders;
- positive, collaborative and builds and maintains effective relationship with others
- pragmatic, and effectively balances risk and control requirements with commercial drivers;
- Ability to articulate and document security requirements and risks so that they are accurate, auditable and understandable;
- ability to solve problems creatively and effectively
- plan, organise and prioritise tasks and projects effectively
Compliance with the 6 Conduct Rules
- Act with integrity;
- Act with due skill, care and diligence;
- Be open and co-operative with the FCA, PRA and other regulators;
- Pay due regard to the interests of customers and treat them fairly;
- Observe proper standards of market conduct.
- Act to deliver good outcomes for retail customers.
Core Values
- Is business-oriented and focuses on the customer.
- Takes a long-term approach.
- Has the courage to make decisions.
- Is innovative and proactive.
- Takes responsibility for their own development.
- Has high ethical and moral standards.
- Likes good administrative order.
- Collaborates with others to achieve joint goals.
- Contributes to the development of operations and colleagues.