You will apply your experience and problem solving skills to manage IT Security service issues and the continuous improvement programme for existing security technologies and services to mitigate current and emerging threats. This role may involve some travel within the UK and our offices in India.

Responsibilities

Design, implement, test and maintain security systems and services to mitigate current and emerging threats while ensuring operational resilience and alignment to recognised frameworks, regulatory requirements and the business and technology strategies

Define and maintain technical security standards and key controls for the Bank’s IT infrastructure

Support investigation of security events and incidents, root cause analysis and impact assessments of affected critical systems or data and inform the necessary corrective action plans

Provide specialist support as a Subject Matter Expert in key areas of IT Security and best practices through consultation and advisory roles within project teams – promote security by design.

Collaborating with IT colleagues to support change programmes and cultivate a sense of security awareness and accountability.

Create Information Security Reporting and Metrics for new platforms and capabilities

Defining configuration policies and active tuning of DLP, L7 Firewalls, VPN, AV, IDS, W/IPS, SIEM, SSL Inspection, Endpoint Protection, mobile device computing, DB Security and similar security technologies/services.

Assess and identify opportunities to for continuous improvement of security technologies, services and MSS providers to improve detection and reduced false positives.

Define and tailor security work-stream tasks and plans for change initiatives.

Support Ethical Hacking engagements to facilitate testing and a risk-based analyse of results in the context of mitigating factors.

Design and secure application architectures with appropriate segregation patterns and integration with standardised security services

Work with IT Technical teams in ensuring Vulnerability Management reporting and patching activities are performed and verified.

Provide audit management support and SME views on risks, controls and operating practices.

Review, challenge and contribute to technical designs and discussions at the Change Management Committee’s to ensure that security requirements and compliance are considered in change requests.

Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility and demonstrate in your day to day work that you put customers at the heart of everything you do.

Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility and demonstrate in your day to day work that you treat data as an important corporate asset which must be protected and managed.

Relationship owner for key security products and solutions – managing 3rd party and vendor risks, service levels and metrics.

Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations.

Experience Requirements

4 years of experience working in a dedicated Information Security (InfoSec) role is essential

3 years of experience implementing and managing AV, perimeter defences, network access controls and cyber countermeasures is essential

3 years’ experience working in financial services is desirable

2 years of experience in supporting investigations of security incidents is essential.

2 years of experience documenting and reviewing security and IT designs to identify security risks and gaps is essential

1 years of experience managing vulnerability scanning and remediation is essential

1 years of experience implementing and managing website and e-mail content filtering, data loss prevention is essential

1 years of experience managing IPS custom rules and SIEM tuning is essential

1 year of experience implementing security quality gates and tooling for development teams and the SDLC process is essential

1 year of experience implementing PCIDSS controls is essential

Knowledge Requirements

Specialist knowledge of threats, vulnerabilities and countermeasures is essential

Detailed knowledge of log analysis and investigation methodologies is essential

Detailed knowledge of Identity and Access Management (IAM) practices and principles as they apply to large corporate environments is essential

Basic knowledge of the UK Data Protection Act/GDPR is essential

Basic knowledge of PCIDSS is essential

Detailed knowledge of Network Security is essential

Basic knowledge of Application Security is essential

Basic knowledge of Enterprise Architecture (TOGAF ) is desired

Basic knowledge of IT Change Management and Service Delivery (ITIL) is desired

You will apply your experience and problem solving skills to support both recovery and remediation activities for service and cyber incidents. This role may involve some travel within the UK and our offices in India.

Core Responsibilities

Design, implement, test and maintain enterprise class security systems and services to mitigate current and emerging threats while ensuring operational resilience and alignment to recognised frameworks, regulatory requirements and the business and technology strategies

Define and maintain technical security standards and key controls for the Bank’s IT infrastructure

Act as an escalation point for the investigation of security events and incidents; lead investigations for root cause analysis and impact assessments of affected critical systems or data and manage the necessary corrective action plan

Provide specialist support as a Subject Matter Expert in all areas of IT Security including alignment of standards, frameworks and security with overall business and technology strategies

Guiding the security team, cultivating a sense of security awareness and developing top talent within the team

Identify and drive improvements on security assessments and internal investigation capabilities through improved technologies, processes and practices

Define cloud security architectures and internal systems designs with appropriate controls and monitoring capabilities through centrally managed monitoring and response services

Create Information Security Reporting and Metrics for new platforms and capabilities

Defining configuration policies and active tuning of DLP, L7 Firewalls, VPN, AV, IDS, W/IPS, SIEM, SSL Inspection, Endpoint Protection, mobile device computing, DB Security and similar security technologies/services.

Conduct research on emerging threats to support security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases.

Drive the continuous improvement of security technologies, services and MSS providers to improve detection and reduced false positives.

Manage security work-streams for new business and IT initiatives through guidance on implementing security by design.

Develop project plans with estimated effort, delivery schedule and cost estimates for new initiatives and existing system upgrades.

Manage Ethical Hacking engagements through specialist third parties to define scope, manage daily debriefings, deliverables and defined corrective action plans.

Conduct first response IT Forensics activities to support incidents.

Design and deliver secure application architectures with appropriate segregation patterns and integration with standardised security services

Work with IT Technical teams in ensuring Vulnerability Management analysis and prioritisation is implemented managed in collaboration with the IT Teams.

Provide audit management support and SME views on risks, controls and operating practices.

Review, challenge and contribute to technical designs and discussions at the Architecture and Change Management Committee’s to ensure that security is designed into new solutions

Ensure that you fully understand and comply with the organisation’s Risk Management Policies as they relate to your area of responsibility and demonstrate in your day to day work that you put customers at the heart of everything you do.

Ensure that you fully understand and comply with the organisation’s Data Governance Policies as they relate to your area of responsibility and demonstrate in your day to day work that you treat data as an important corporate asset which must be protected and managed.

Relationship owner for key security products and solutions – managing 3rd party and vendor risks, service levels and metrics.

Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations.

Qualifications/Certifications

GSCE/GCE qualifications in both maths and English are essential

Active CISSP, CISM, CISA, CEH, SANS certifications or equivalents is essential

Professional IT accreditation such as ITIL, Network +, CCNA is desirable

Experience Details

7 years of experience working in a dedicated Information Security (InfoSec) role is essential

5 years of experience implementing and managing AV, perimeter defences, network access controls and cyber countermeasures is essential

5 years’ experience working in financial services is desirable

3 years of experience documenting and reviewing security and IT designs to identify security risks and gaps is essential

3 years of experience managing vulnerability scanning and remediation is essential

3 years of experience implementing and managing website and e-mail content filtering, data loss prevention is essential

3 years of experience with Cloud-based services and securing cloud architectures is essential

2 years of experience analysing and investigating security incidents including root-cause analysis is essential, leading a CSIRT is desirable.

2 years of experience managing IPS custom rules and SIEM tuning is essential

1 year of experience implementing security quality gates and tooling for development teams and the SDLC process including training developers on secure coding practices is essential

1 years of experience implementing PCIDSS controls is essential

Knowledge Requirements

Specialist knowledge of threats, vulnerabilities and countermeasures is essential

Detailed knowledge of log analysis and IT forensic tools and investigation methodologies is essential

Specialist knowledge of security incident response is essential

Detailed knowledge of Identity and Access Management (IAM) practices and principles as they apply to large corporate environments

Basic knowledge of the UK Data Protection Act/GDPR is essential

Detailed knowledge of PCIDSS is essential

Detailed knowledge of Cloud computing and security is essential

Detailed knowledge of Network Security is essential

Basic knowledge of Application Security is essential

Basic knowledge of Enterprise Architecture (TOGAF ) is desired

Basic knowledge of IT Change Management and Service Delivery (ITIL) is desired

The responsibilities in this team will include hands on bug fixing, service transition, supporting the team technically, code reviews and mentoring talented resources. You will become the ‘go to’ person in the custom team for supporting the custom applications as well as offering technical recommendations in how to approach a problem and how to obtain an optimal solution in a timely manner.

Core Responsibilities

Maintain Application support activities and team management

Hands on Incident Management, Problem management, Change management and Information management

Metrics/KPI – Calls and tickets ensuring we understand our KPI support numbers on monthly basis

Ensure proper procedures are in place for Service level management, OLA and knowledge base

Hands on supporting Java applications. Knowledge of .Net framework and C# is desirable but not must to have.

Excellent debugging and analysis skills, identifying fixes for reported issues by business team/users in production

Own Service transition of application to BAU from project teams

Production of service review information including monthly service levels packs as well as creating transparency around key outage areas

Monitoring of the tickets and environment ensuring we stay on top of issues and lead incident calls

Post Implementation signoff: Getting sign off from the business that deliver into production is complete

Conduct and document regular 1-2-1 with direct reports.

Escalate issues in advance to line managers in advance if any.

Identify the team members gap/training needs.

Collaborate with technical leads and cross teams to remove obstacles for the team if any.

Managing teams’ deliveries – unblocking team members, coordinating dependencies, guiding technical approaches for a problem

Coordinating dependencies with onsite and any other external teams

Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations

Actively manage risk and ensure that relevant control/risk process are adhered to

As nominated risk champion for your function, work alongside the risk function in developing and maintaining as risk management agenda, acting both to ensure the necessary levels of transparency for potential risks and promoting positive culture awareness and accountability throughout your function.

Line manage, coach all direct reports, including all aspects of performance management, resource planning, development, conduct, sickness management, appraisals, employee administration and recruitment.

Managing and owning team’s deliverables in terms of quality, schedule by using right practices and adhering to company’s process and policies.

Qualifications/Certifications

Graduate or Post graduate in computers or relevant field.

Any Java and MS SQL technical certification would be added advantage.

Application Support background is mandatory.

ITIL V3 Foundation certified desirable

Experience Details

Graduate or Post Graduate in computers or relevant field

10+ years of experience on Java and MSSQL with Application support background mandatory

5+ years of people management mandatory with experience in complex system production and release management is essential

Experience in leading a team technically

Hands on experience on Java development or support

Experience managing teams and deliveries

Experience with Web Services development

Exposure to any of the build and deployment tools

Understanding of upgradation, migration and environments

Good team player and coordination skills

MS .Net technology is a plus but not mandatory

Knowledge Requirements

Intermediate level skills in Microsoft Word and Excel are essential.

Basic knowledge of UK mortgage and/or savings products is mandatory.

Application Support of Java applications mandatory. .Net application support desirable

Knowledge on ITSM tools mandatory

Core Responsibilities

Deal with Data subject access requests(DSAR) received from customers and claim agencies.

Draft emails and letters to customers and claims agencies in relation to DSAR work.

Make outbound calls to customers and claim agency if need additional information in relation to DSAR.

Staff need to answer inbound calls from customers and claim agency in relation to DSAR if received to Customer service team.

Update and maintain the Gifts and Hospitality Register with the details received on the relevant inbox.

Prepare Work in Progress report on a monthly basis, follow up with all 14 law firms to collect data, collate and send it to Legal Head for review and send the final report to Finance team.

Maintain the DSAR logs and other relevant logs.

Need to Organise meetings, prepare agenda and minutes of the meeting.

Co-ordinate with relevant Head office staff for clarifying any job related queries.

Need prepare MI for Data Protection working group within the agreed timelines

Update the Data protection Inbox spreadsheet on a timely basis

Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations

Qualification/Certification

GSCE/GCE qualifications in both maths and English are essential

Any Graduation

Experience Requirements

Open for Fresher as well as 1 year experience in banking industry.

Knowledge Requirements

Good Communication skills – For a Semi Voice Process(Desirable)

Good writing Skills – For Email & letter drafting(Desirable)

Good Analytical Skills(Essential)

The role holder will need to embed a sound understanding of the overarching objectives of both the business and marketing function into the team to ensure outputs are optimised and plans are robust.

You will ensure the OSBI marketing function is positioned as a valued partner to the business, one that takes a commercial and customer-centric approach to delivering on the overarching ambition of the marketing function.

In addition, this role will be responsible for the day-to-day management of the OSBI marketing team, in conjunction with UK line management, overseeing workload and timely execution of deliverables.

Core Responsibilities

Act as the voice of marketing in OSBI, representing the team and the wider marketing function to establish a strong understanding of the value the team outputs

Develop a robust understanding of the business and the marketing function priorities, ensuring this is disseminated appropriately across OSBI to support plan development

Maintain an accurate view of team workload to ensure resource is being allocated appropriately for timely execution of deliverables, challenging where appropriate and supporting team members in prioritising

Work to bring the team together as a single unit, focusing on team cohesion and collaboration to enhance performance / motivation

Manage key stakeholders within the UK marketing function and those external to marketing, ensuring visibility of activity and sound expectation management

Support the development of the function. Identifying individual personal development requirements and ensuring the team are enabled to progress relevant opportunities for growth

Digital - support the Digital Marketing Manager in the UK in managing the deliverables of the team, whilst continuously challenging the team to identify new opportunities that will further optimise outputs

Customer Insight – support the Head of Customer Insight in the UK in meeting tight timelines on deliverables, whilst pushing the team to add deeper value to their analysis and address the ‘so what’

Internal communications – support the Internal Comms Manager in the UK in embedding this new function into OSBI, supporting the development of a network around the business that can be utilised to streamline the existing approach to internal comms and give the team greater control over all relevant channels

Design – support the Head of Design in the UK in embedding this new function into OSBI and ensure rigid alignment to high quality standards and brand requirements

Monitoring and tracking of industry marketing and insight / research trends

As nominated Risk Champion for your function, work alongside the Risk function in developing and maintaining a risk management agenda, acting both to ensure the necessary levels of transparency for potential risks and promoting a positive culture of awareness and accountability throughout your function

Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations

Line manage and coach all direct reports, including all aspects of performance management, development, conduct, sickness management, appraisals, employee administration and recruitment

Maintain the company’s compliance standards and own compliance training

Qualifications/Certifications

Any Graduate or Post Graduate.

Professional development qualifications desirable but ability to demonstrate CPD essential

Experience Details

3 years previous Marketing and Communications experience is essential

12m previous marketing experience within the Financial Services industry is desirable

18m previous experience managing a marketing team is essential

18m previous experience of managing external agencies is essential

Knowledge Requirements

Detailed knowledge of marketing and research techniques is essential

Detailed knowledge of the digital environment is essential

Robust knowledge of regulatory requirements for marketing, customer and communications is essential

Strong level of knowledge of the Financial Services operating environment (macro-economic, political and regulatory) is desirable

Intermediate knowledge of Microsoft Office (Excel, Word and PowerPoint) is essential

The group is currently in the process of enhancing its risk analytics capability and the creation of this new role will facilitate acceleration in the enhancement of insights provided to Senior Management and internal and Board risk committees.

The role holder will also be responsible for periodic 2nd line thematic (deep dive) reviews (e.g. lending exceptions performance analysis), and periodic testing of the quality assurance / controls implemented and executed by the 1^st line business functions (i.e. lending underwriting assurance process).

The risk team at OneSavings Bank PLC plays a central role in achieving the Bank’s ambitious growth plans and the successful candidate will have a unique opportunity to liaise with other parts of the Risk and Compliance team and the wider business functions and achieve personal development goals.

Core Responsibilities

Ad hoc risk analysis (supporting all risk types i.e. credit, market and liquidity, operational and conduct risk).

Thematic risk specific deep dive reviews and controls testing across the business risk functions as required.

As nominated Risk Champion for your function, work alongside the Risk function in developing and maintaining a risk management agenda, acting both to ensure the necessary levels of transparency for potential risks and promoting a positive culture of awareness and accountability throughout your function

Take the ownership of monthly deliverables of Risk team and maintain an eye to the detail (to spot different trends).

Keep your analytical mind open while working on the requests from UK stakeholders, so that you can create a story to present from your analysis.

Maintain the company’s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations

Qualification/Certification

A university degree in a quantitative field (i.e. Engineering or Mathematics) is essential.

Experience Requirements

2+ years’ experience of owning and running regular ad hoc risk analysis.

2+ years previous experience using SAS/SQL

Advanced excel user (i.e. proficient user with respect to Vlookups, VBA, other excel formulas) essential.

Proficient user of Microsoft PowerPoint, creating presentations for senior management.

2+ years’ experience of undertaking a risk related role within a retail consumer finance business is desirable

Knowledge Requirements

Knowledge of risk management within the banking / financial services sector.

Responsibilities

Responds to all enquiries, whether received by telephone, in writing or made in person efficiently and in accordance with the bank standards of service

Shares the responsibility with other team members in balancing books and reconciling all the balance sheet items.

Responds promptly and efficiently to queries from branches, agents and other departments relating to finance related matters

Responsible for month end closures.

Responsible for accounting Intercompany transactions, fixed assets, prepayments & Accruals.

Preparation of daily /weekly /monthly management reports.

Deal with audit queries (Both internal & external).

Preparation of policies, procedures and flowcharts and keeping the documents up to date.

Handling additional Finance projects as assigned by supervisors and Managers.

Ensures the timely communication of information to colleagues and line management.

Undertakes any other duties, commensurate with grade and job title, requested by Supervisor/Line Manager or above.

Suggesting process development ideas (Automation / Semi automation / simplification/ additional controls)

Skills Requirements

Reliability and integrity

Smart appearance with a confident, mature attitude

A concern for quality, accuracy and attention to detail

The ability to co-operate and work effectively as part of a team

The ability to work effectively under pressure

Good administration skills

Highly organized with the ability to prioritize and manage own workload

Excellent communication skills and a good telephone manner

A common sense approach with the capacity to use initiative within guidelines

Computer literate with good word processing and spreadsheet skills. The ability to learn internal computer systems

Qualification

Post graduate degree in Finance / Commerce is desirable

Experience Details

24-36 Months experience is essential

Knowledge Requirements

Sound accounting knowledge / experience is essential

Responsibilities

HR Operations: Responsible for gamut of Employee life cycle activities as listed below but not limited to

Onboarding and orientation

Record keeping: keep Personnel files current at all times, develop strategy to manage active/inactive files, create and maintain error free HR letters

Review and update standard operating procedures

Design and execute Human Resources policies and procedures

Maintain and keep HRIS updated at all times. Leverage the features to automate cyclical tasks and bring about effectiveness in HR processes

Working knowledge of  HR Systems like Workday, Success Factors etc. and willing to work with small/local service provider

Exposure to Compensation and Benefits is a plus

Qualification Details

Post graduate degree in Human Resource or equivalent

Experience Details

5-8 years of experience in both Employee relations/HRBP (basic- intermediate) and HR Generalist (expert) roles

Experience of corporate is preferable

Knowledge Requirements

Human Resource Management

Human Resource Information Systems

Business Management

Employment laws