
How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Cloud Security Audit AVP
Cloud Security Audit AVP
At Barclays Internal Audit, you will play a critical role in driving Cyber Security audit assurance, supporting the bank’s governance, risk management, and control effectiveness. Collaborating with cross-functional teams, you will deliver independent and reliable findings to executive management and the Board.
About the Role
As a Cloud Security Audit AVP, you will contribute to:
- Audit planning and execution
- Risk assessment and control evaluation
- Victim resolution processes
- Development of actionable recommendations to improve business processes and mitigate cyber security risks
Key Responsibilities
-
Audit Execution & Assurance
- Provide independent evaluation of Cyber Security controls within cloud environments (AWS, Azure)
- Identify misconfigurations, vulnerabilities (e.g., serverless functions, container escapes, storage risks)
- Test compliance with cloud governance standards, cyber security frameworks (ISO, NIST, CIS), and regulatory requirements
-
Risk Management & Compliance
- Assess security architecture (traditional on-premise, hybrid, and cloud systems)
- Conduct threat modelling,leveraging MITRE ATT&CK and Cyber Kill Chain frameworks
- Evaluate incident response plans, vulnerability management, and data leakage protection controls
-
Stakeholder Engagement
- Communicate findings and recommendations to Audit Owners, senior management, and Board members
- Propose solutions for improving risk management and control effectiveness
-
Team Leadership & Process Improvement
- Mentor team members and drive objective setting, performance appraisals, and rewards
- Align audits with Barclays’ standards and strategic objectives
- Represent Internal Audit in cross-functional projects (e.g., IT/GRC, Risk teams)
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Required Skills & Experience
-
Technical Proficiency
- Cloud Security Expertise: Hands-on experience with AWS/Azure security components (IAM, SAM, network security, storage encryption).
- Containers & Serverless: Detection and remediation of vulnerabilities in Kubernetes, Docker, and serverless architectures.
- Cyber & Risk Frameworks: Deep knowledge of NIST, ISO 27001, MITRE ATT&CK, and regulatory environments (e.g., GDPR, FCAC for financial services).
- Data & Analytical Tools: Proficiency in Python, SQL, or audit-specific tools (e.g., SIEM platforms).
-
Professional Qualifications
- CISA, CISM, CISSP or similar technical certifications (highly preferred).
- Relevant graduate degree in Cyber Security, Risk, or IT auditing.
-
Cross-Functional collaboration:
- Familiarity with IT architecture, traditional enterprise systems, and SOC (Security Operations Center) workflows.
Highly Desirable
- Financial Services Industry Knowledge: Experience with industry-specific standards (e.g., FCAR, global fintech regulations).
- Agile/Waterfall Delivery Experience: Auditing or consulting on large-scale programmes/projects (e.g., system migrations, cloud adoption).
- Threat Hunting & Defensive Strategy: Understand adversarial tactics to evaluate risk strategies proactively.
Location
This role can be based in London or Knutsford.
Barclays Expectations for the Role
Core Accountabilities
- Review and validate audit deliverables to ensure compliance with Barclays’ audit methodologies and global internal audit standards.
- Report cyber risk findings to Board-level governance committees.
- Drive improvements through ICT control evaluations and actionable guidance for remediation.
- Stay current with industry trends to incorporate best practices.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Leadership & Influencing
- Collaborate with Internal/external stakeholders (Audit Owners, CISO, Project Teams) to align audit findings with operational improvements.
- Provide guidance to business leaders on managing cyber risks.
- Develop and present reports for Audit Committees and Boards.
- Embed the Barclays Mindset (Empower, Challenge, Drive) while engaging colleagues across various unit functions.
Expected Leadership Traits for AVP
Emphasis on the LEAD framework if assigned a team:
- L (Listen & Authenticity): Foster open dialogue within the team.
- E (Energise & Inspire): Accelerate accountability through transparent, motivated leadership.
- A (Align Across the Enterprise): Collaborate horizontally with teams to synchronise objectives.
- D (Develop Others): Compete performance reviews, provide feedback with constructive focus, and utilise growth plans to upskill team members.
Barclays Values
All colleagues are expected to embed the five core values of Respect, Integrity, Service, Excellence, and Stewardship.
At Barclays, you’ll be contributing to a dynamic landscape where ethical leadership drives audit excellence—and where your security skillset plays a pivotal role in safeguarding the future of banking.
Apply today and help redefine Cyber Security assurance at one of Europe’s leading financial institutions.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills