Cyber Security Controls Testing Manager

5 days ago

England, United Kingdom Nationwide Building Society Full time

As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold.

You will be responsible for creating and delivering testing plans to the highest standards and in accordance with our defined methodology, as well as working with the business to ensure control framework uplifts and enhancements deliver sustainable and proportionate risk mitigation.

To support this, our Control Testing Team is currently looking for an ambitious, energetic and Control Testing Manager with a strong background in Technology and Information & Cyber Security.

As part of the Chief Controls Office, the Controls Testing Team is critical to ensuring the design and operational effectiveness of controls through regular assessment, ensuring they are robust enough to safely and reliably deliver the services our members expect.

At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected.

For this job you'll spend at least two days per week, or if part time you'll spend 40% of your working time, based at either our Swindon, London, Bournemouth, Dunfermline, Sheffield or Northampton office. If your application is successful, your hiring manager will provide further details on how this works. You can also find out more about our approach to hybrid working here .

What you'll be doing

You will be working as a Manager within the Controls Testing Team (CTT), leading a group of controls testers to:

  • Proactively contribute to planning and be accountable for the timely delivery of a control testing plan for the first line of defence
  • Lead a team to test controls against standards that drive continuous improvement in risk and control management practices and contribute to consistency
  • Report on the design adequacy and operational effectiveness of controls in line with our established control testing methodology and approach
  • Work with the business to explain the results of your testing, and suggest ways through which control gaps can be remediated to strengthen the control environment building a partnership with key stakeholders
  • Explore and implement new technologies / approaches to derive and deliver control testing efficiencies
  • Provide constructive challenge and advice to ensure the right outcomes for our members
  • Work as an integral member of CTT leading on internal initiatives to drive a continuous improvement approach in all we do

About you

The following minimum requirements apply as guidance:

  • Certified in or be on your way to completing any of CISA, CISM, CISSP and/or relevant Cloud, Cyber certifications.
  • A good working knowledge of NIST, COBIT, ITIL as well as Cloud and Cyber risk control frameworks.
  • Experience of applied testing of information security management controls across large technology environments, including for example MS Windows and Windows Server, UNIX, LINUX, Mainframes (UNISYS and Fujitsu), AWS, AZURE, as well as database management systems and networks etc.
  • Audit, Controls, Risk or Compliance background with supervisory experience and/or experience of working with/for external auditors on annual financial statement controls testing.
  • Excellent stakeholder management skills and communication skills (written and verbal).
  • Ability to relate to and influence employees at all levels.

Our Customer First behaviours are all about putting customers and members at the heart of how we work together. You can strengthen your application by showing the behaviours that resonate with you, and how you might have already demonstrated these.

  • Say it straight - This is about being honest and direct with good intent and saying what needs to be said in the room. It’s also about being clear, precise, and using language that we and, importantly, our customers and members can understand.
  • Push for better - This is about aiming high and constantly looking for better in how we work together and serve our customers and members.
  • Get it done - This is about prioritising what will have the greatest impact, being decisive and taking accountability for delivering on the end-to-end outcome.

We know applying for jobs can sometimes feel like you’re sending an application into a black hole. We review each application individually. So, it’s a good idea to call out your most relevant experience on your application to give yourself the best chance.

The extras you'll get

There are all sorts of employee benefits available at Nationwide, including:

  • A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
  • Up to 2 days of paid volunteering a year
  • Life assurance worth 8x your salary
  • A great selection of additional benefits through our salary sacrifice scheme
  • Wellhub – Access to a range of free and paid options for health and wellness.
  • Access to an annual performance related bonus
  • Access to training to help you develop and progress your career
  • 25 days holiday, pro rata

  • Cyber Security Controls Testing Manager

    2 weeks ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold. You will be responsible for creating and delivering...

  • Cyber Security Controls Testing Manager

    1 week ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold. You will be responsible for creating and delivering...

  • Cyber Security Controls Testing Manager

    2 weeks ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold. You will be responsible for creating and delivering...

  • Cyber Security Controls Testing Manager

    1 week ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold. You will be responsible for creating and delivering...

  • Cyber Security Controls Testing Manager

    4 days ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold. You will be responsible for creating and delivering...

  • Cyber Security Controls Testing Manager

    2 weeks ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold.You will be responsible for creating and delivering testing...

  • Cyber Security Controls Testing Manager

    1 week ago

    England, United Kingdom Nationwide Building Society Full time

    As a Manager in the Controls Testing Team you will lead a team of control testers to assess the design and operational effectiveness of controls across the Society, focussed on Technology and Security, to ensure the controls mitigate the risks faced by the Society to the set risk tolerance threshold.You will be responsible for creating and delivering testing...

  • Senior Cyber Security Engineer

    1 week ago

    England, United Kingdom GCS Full time

    My client is a leading UK-based consulting and administration business and their Cyber Security division is growing and are seeking an experienced and dynamic Senior Cyber Security Engineer to join their team. This role is ideal for someone with experience in web application security, web application firewalls, vulnerability management, and penetration...

  • Senior Cyber Security Engineer

    2 weeks ago

    England, United Kingdom GCS Full time

    My client is a leading UK-based consulting and administration business and their Cyber Security division is growing and are seeking an experienced and dynamic Senior Cyber Security Engineer to join their team.This role is ideal for someone with experience in web application security, web application firewalls, vulnerability management, and penetration...

  • Senior Cyber Security Engineer

    4 weeks ago

    England,, UK, United Kingdom GCS Full time

    My client is a leading UK-based consulting and administration business and their Cyber Security division is growing and are seeking an experienced and dynamic Senior Cyber Security Engineer to join their team.This role is ideal for someone with experience in web application security, web application firewalls, vulnerability management, and penetration...

  • Senior Cyber Security Engineer

    4 weeks ago

    England, United Kingdom GCS Full time

    My client is a leading UK-based consulting and administration business and their Cyber Security division is growing and are seeking an experienced and dynamic Senior Cyber Security Engineer to join their team.This role is ideal for someone with experience in web application security, web application firewalls, vulnerability management, and penetration...

  • Senior Cyber Security Engineer

    1 week ago

    England, United Kingdom GCS Full time

    My client is a leading UK-based consulting and administration business and their Cyber Security division is growing and are seeking an experienced and dynamic Senior Cyber Security Engineer to join their team. This role is ideal for someone with experience in web application security, web application firewalls, vulnerability management, and penetration...

  • Cyber Security Specialist

    3 weeks ago

    Eastern England, United Kingdom Atlas Recruitment Group Ltd Full time

    Senior Cyber Security EngineerAtlas Recruitment Group Ltd is seeking a highly skilled Cyber Security Specialist to join their team.The ideal candidate will have a strong background in cyber security and experience in designing, building, integrating, and providing support to submarine platforms in the Royal Naval fleet.Key Responsibilities:Developing...

  • Senior Cyber Security Engineer

    4 weeks ago

    Eastern England, United Kingdom GCS Full time

    My client is a leading UK-based consulting and administration business and their Cyber Security division is growing and are seeking an experienced and dynamic Senior Cyber Security Engineer to join their team.This role is ideal for someone with experience in web application security, web application firewalls, vulnerability management, and penetration...

  • Cyber Security Specialist

    2 weeks ago

    Eastern England, United Kingdom Atlas Recruitment Group Ltd Full time

    Senior Cyber Security EngineerWe are seeking a seasoned Cyber Security Engineer to join our team at Atlas Recruitment Group Ltd.Location: Flexible working arrangements with a mix of home and office-based work.Salary: Competitive salary package, based on experience.About the RoleThis globally leading defence and aerospace consultancy is looking for a Senior...

  • Security Operations Analyst

    4 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time €40,000

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a  Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    4 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time €40,000

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a  Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    4 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a  Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    4 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations Analyst Location: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities....

  • Security Operations Analyst

    4 weeks ago

    England, United Kingdom Iceberg Cyber Security Full time

    Security Operations AnalystLocation: Preston, Filton, or Frimley Salary: Around £40,000 (based on experience) Hybrid role I am representing a global defense organization seeking a Security Operations Analyst to join their team. This role focuses on protecting systems from cyber threats by enhancing and developing Technical Operations capabilities.This...