Vulnerability Assessment Security Engineer

Purpose of the role

To develop, implement and maintain solutions that support the safeguarding of the banks systems and sensitive information.  

Accountabilities

• Provision of subject matter expertise on security systems and engineering patterns.
• Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems.
• Management and protection of secrets, ensuring that they are securely generated, stored, and used.
• Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches.
• Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques.
• Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements.
• Development/ Implementation and maintenance of Identity and Access Management solutions and systems.

Analyst Expectations

• To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement.
• Requires in-depth technical knowledge and experience in their assigned area of expertise
• Thorough understanding of the underlying principles and concepts within the area of expertise
• They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources.
• If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.
• OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate.
• Will have an impact on the work of related teams within the area.
• Partner with other functions and business areas.
• Takes responsibility for end results of a team's operational processing and activities.
• Escalate breaches of policies / procedure appropriately.
• Take responsibility for embedding new policies/ procedures adopted due to risk mitigation.
• Advise and influence decision making within own area of expertise.
• Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct.
• Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function.
• Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function.
• Make evaluative judgements based on the analysis of factual information, paying attention to detail.
• Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents.
• Guide and persuade team members and communicate complex / sensitive information.
• Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Join us as a Vulnerability Assessment Security Engineer and help strengthen the security posture of a global banking organisation. This role is ideal for someone with a solid technical foundation in cybersecurity who is eager to grow, learn, and make a meaningful impact. We're looking for an enthusiastic person who shows curiosity and is committed to continuous improvement.

You'll be responsible for maintaining and operating vulnerability assessment tools, ensuring scanning coverage across the bank, and supporting integration with broader security and IT systems. You'll collaborate with engineering, remediation, and delivery teams to ensure vulnerabilities are identified, understood, and addressed effectively.
 

To be successful as a Vulnerability Assessment Security Engineer, you should have experience with:

• Ability to review requirements and support the design, deployment, and maintenance of vulnerability assessment tools (e.g. Tenable, Rapid7, Qualys), including collaboration with engineering and support of related components.
• Experience managing credentials and access for scanning systems, integrating tools with platforms like Splunk and ServiceNow, and documenting processes, architecture, and system builds.
• Skilled in operating scanning tools, maintaining coverage, and supporting remediation teams in interpreting vulnerabilities across various asset types (e.g. laptops, VMs, wireless devices), while contributing to asset repository and scan policy development.
• Comfortable working with delivery managers and technical stakeholders to prioritise tasks, provide Tier 2/3 support for security tools, and continuously improve deployments through integration of new technologies and services.
   

Some other highly valued skills may include:

• Experience in the financial services sector.
• Exposure to additional security tools such as Firewall Assurance, CASB, and CSPM.
   

You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills

This role will be based in Knutsford, Northampton or Glasgow.