Tuesday , February 27 2024

Bank of Scotland Jobs – Assurance Engineering Lead

Website Bank of Scotland

Job Description:

We’re on the mission to build the bank of the future, and we need your help do it! Continuing our extensive transformation programme, we’re redefining what a bank is from the inside out. Our technology, our culture, and our mind-set is changing to craft a true engineering-led organisation. Our Cloud Centre of Excellence (CCoE) is looking for an Assurance Engineering Lead to ensure the security of the Public Cloud services within the scope of the CCoE. The ability to identify, prioritise, report on and manage security risks to keep all systems and assets in a network protected is paramount to the security of cloud services. You’ll lead the team responsible for the end-to-end assurance processes for public cloud platforms within the scope of the CCoE. This is a senior leadership level role that will require experience in delivering outstanding assurance management and oversight across a multi-cloud environment. You’ll blend both deep domain and technical expertise with experience leading and managing a technical function. You’ll have hands-on experience with vulnerability detection technologies and how it is configured for use on cloud tools and services, with a good understanding of the shared responsibility model. You’ll develop and maintain good working relationships with the CCoE Security, Technology and Leadership groups as well as CCoE Audit and Risk partners.

Job Responsibilities:

  • Design and deliver the assurance management framework for the CCoE, including detection, prioritisation and tracking of remediation of internal and external vulnerabilities, and vulnerabilities in 3rd party products and SaaS solutions in scope of the CCoE
  • Develop robust reporting mechanisms for stakeholders within the CCoE and the wider Group to provide a clear view on the technical security of the platform and develop close links to the GVA (Google Vulnerability Analytics) project to ensure the CCoE is an early adopter, providing transparency to the wider Group
  • Ensure clear demarcation of roles and responsibilities of the CCoE assurance team and existing vulnerability management team within the wider Group
  • Establish and maintain good working relationships with the Strategy, Innovation and Testing team, providing a transparent view of the vulnerability landscape of the services in scope of the CCoE
  • Seek opportunities to automate as much of the assurance framework as possible
  • Develop and mentor members of the team, providing them with support for their continuous development
  • Ensure there are good governance, processes and procedures to support a structured approach to the team’s ways of working which is in line with the Group’s policies and standards
  • Be the first point of contact for the Group’s three lines of defence and ensure processes and procedures are in line with their expectations
  • Establish regular meetings with the Cloud Service Providers to understand their technology roadmap and to ensure the CCoE assurance framework is ready to support new and emerging technologies
  • Regularly assess the market and industry best practices for new and innovative ways to deliver vulnerability management within the Cloud

Job Requirements:

  • Must have senior leadership experience, ideally including line management and experience of building teams from scratch
  • Experience working with a broad set of Azure and Google Cloud Platform (GCP) cloud services, products and concepts, including end-to-end design and architecture of the platform
  • Ability to work autonomously, make sounds judgements and with limited supervision
  • Experience leading an assurance function
  • Hands-on experience with vulnerability detection technologies, including how it is configured for use on cloud tools and services and ensuring the availability, latency, performance, and capacity of those systems
  • Ability to program in languages such as C++, Java (J2EE), XML, Python etc.
  • Reporting to technical, non-technical and senior stakeholders

Qualification & Experience:

  • Experience with ticketing systems such as JIRA or ServiceNow

Job Details:

Company: Bank of Scotland

Vacancy Type:  Full Time

Job Location: Dunfermline, Scotland, UK

Application Deadline: N/A

Apply Here


 Report Job