The defence of the Society and its members data and money is of critical importance, and as our adversaries evolve, so do we in line with our "threat led" cyber strategy.
Are you working in an IT role and want to help secure technology using your expertise in platforms?
Are you working in a Security Operations role and want to use your insights and knowledge gained from being at the frontline of investigating cyber attacks to help implement security improvements?
Are you working in a penetration testing role and want to help secure technology based on the insights you have gained from finding and exploiting vulnerabilities?
Are you working in a security engineering role and looking to broaden your cyber security skills?
If you have a passion for technology and security, this role in our Attack Surface Operations team provides an exciting opportunity to join a team that we see as playing a critical role in the future of the society.
Our Attack Surface Operations team is a recently established team that is creating an innovative and cutting edge new capability within the Security & Resilience department focussed on managing and reducing our internal and external attack surface against a constantly evolving threat - and in identifying and executing targeted interventions that shift the dial to provide the most reduction in residual risk.
This is an exciting opportunity to join and contribute to our Attack Surface Operations function.
Attack Surface Operations is about applying a threat lens to attack surface information with dedicated ringfenced resource to proactively identify vulnerabilities and weaknesses, and fix issues that have the greatest impact on reducing our risk exposure.
We want our Attack Surface Operations team to grow and foster deep technical expertise in understanding how to securely configure and maintain technology, and in how attackers can exploit organisations attack surface to gain access.
At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected.
For this job you'll spend at least two days per week, or if part time you'll spend 40% of your working time,
based at either our Swindon, London, Wakefield, Dunfermline, Sheffield, Northampton, Bournemouth offices. If your application is successful, your hiring manager will provide further details on how this works. You can also find out more about our approach to hybrid working here .
If based outside of our Swindon or London office, there will be the requirement to attend one of these offices on a bi-monthly basis for collaboration and ad/hoc meetings. If we receive a high volume of relevant applications, we may close the advert earlier than the advertised date, so please apply as soon as you can.
What you'll be doingAs part of a pro-active team, you will be responsible for identifying and assessing security vulnerabilities that impact Nationwide's technology estate. This includes tracking issues to remediation, understanding the potential impact and escalating blockers to progress.
You will work with colleagues to enforce security standards across the society to prioritise vulnerability fixes, articulating technical terms into easy to understand language.
You will actively participate in and be accountable for high priority tasks and activities, designed to focus on specific threats to quickly resolve them, minimising the risk to Nationwide's estate.
You will contribute to regulatory and critical reporting processes, providing assurance that our technology is secure.
A big part of the role is conducting research into new and existing security topics, ensuring that the Attack Surface Operations team are on the front-foot in protecting Nationwide. This keeps your knowledge current, and enables you to continue your own development.
About youAs a minimum, you'll:
- Have hands on experience of vulnerability management practices or other security disciplines such as Security Operations or Access Management.
- Have knowledge of securing Microsoft or UNIX or networking technologies to industry good practice standards.
- Have working knowledge of the principals of attack surface mapping and remediation.
- Be ready to build good working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism.
- Have the ability and desire to quickly learn new technologies.
- Have a strong understanding of risk management processes and techniques.
Our Customer First behaviours are all about putting customers and members at the heart of how we work together. You can strengthen your application by showing the behaviours that resonate with you, and how you might have already demonstrated these.
- Say it straight - This is about being honest and direct with good intent and saying what needs to be said in the room. It's also about being clear, precise, and using language that we and, importantly, our customers and members can understand.
- Push for better - This is about aiming high and constantly looking for better in how we work together and serve our customers and members.
- Get it done - This is about prioritising what will have the greatest impact, being decisive and taking accountability for delivering on the end-to-end outcome.
We know applying for jobs can sometimes feel like you're sending an application into a black hole. We review each application individually. So, it's a good idea to call out your most relevant experience on your application to give yourself the best chance.
The extras you'll getThere are all sorts of employee benefits available at Nationwide, including:
- A personal pension - if you put in 7% of your salary, we'll top up by a further 16%
- Up to 2 days of paid volunteering a year
- Life assurance worth 8x your salary
- A great selection of additional benefits through our salary sacrifice scheme
- Wellhub - Access to a range of free and paid options for health and wellness.
- Access to an annual performance related bonus
- Access to training to help you develop and progress your career
- 25 days holiday, pro rata
What makes us differentNationwide is the world's largest building society. With over 15 million customers, we have a relationship with almost a quarter of the UK's population. We've got the scale to compete with the big banks, but we're not a bank.
As a building society, we're owned by our members - that's our customers who have their current account, mortgage or savings with us. It means we can do things differently to deliver our Purpose - Banking - but fairer, more rewarding, and for the good of society.
When you work at Nationwide, you can experience that difference for yourself. You'll be part of a high-performing, purpose-driven organisation that offers rewarding career experiences and a highly competitive range of benefits to match. You'll also be joining us at an important time as we seek to reach more and more people in the UK. We want everyone in the UK to know that they don't have to bank with a bank. They can choose a modern mutual instead.
What to do nextIf this role is for you, please click the 'Apply Now' button. You'll need to attach your up to date CV and answer a few quick questions for us.
We respond to everyone, so we will be in contact shortly after the closing date to let you know the outcome of your application.
#LI-post