Back

Senior Technical Specialist, Cyber Resilience Team

£108,800 - £122,000 yearly
Full Time Information Technology Risk Strategy-Planning

Job Description

London based.

Supervisory Risk Specialist Directorate

The Bank of England is the UK's central bank. Our mission is to deliver monetary and financial stability for the British people. The Bank is a diverse organisation, with more than 4,000 people committed to public service. Together, we work to promote the good of the people of the United Kingdom by preserving monetary and financial stability.

Supervisory Risk Specialists (SRS) is a directorate within the Prudential Regulation Authority (PRA). SRS provides deep technical expertise and applies expert judgement across risk disciplines, supporting the PRA's coordinated supervisory approach to identify, analyse and mitigate material risks to the safety and soundness of PRA‑authorised firms.

SRS comprises five divisions:

  • Credit, Risk, Analytics, Liquidity and Capital (CRACL)
  • Investment Banking and Sector Risks (IBSR)
  • Model Development and Review Division (MDRD)
  • Operational Risk & Resilience Division (ORRD)
  • Sector Resilience Division (SRD)

The Sector Resilience Division (SRD) leads the PRA's work on the resilience of the financial sector to a range of non‑financial risks, including cyber. Our objective is to ensure that firms can continue to deliver critical economic functions to the levels of resilience expected by the Bank, even in the face of severe but plausible disruption.

This is a high‑profile and rapidly evolving area of work, with significant focus across central banks, regulators and government bodies globally. SRD priorities include assessing the systemic importance of firms and their exposure to threats, evaluating cyber resilience, developing supervisory and assurance tools, and strengthening the UK's financial system resilience through close collaboration with national and international partners.

Job Description

An opportunity has arisen for a Senior Technical Specialist to join the Cyber Resilience Team (CRT). The role will play a key part in shaping the PRA's cyber risk and resilience strategy within the context of Operational Resilience (OR). This includes ownership and evolution of the supervisory cyber approach, associated toolkits (e.g. CBEST, STAR‑FS, CQUEST), and the engagement required to deliver the PRA's cyber agenda.

The role is well suited to an individual with a strong cyber risk and security background, ideally with prior experience in a regulatory or supervisory environment and a good understanding of the PRA's Operational Resilience framework.

You will play a leading role in developing and implementing the PRA's cyber risk and resilience agenda, combining strategic development with hands‑on delivery of supervisory assessments.

Key responsibilities include:

  • Taking a leading role in developing and advising on policy and supervisory recommendations aligned with Operational Resilience objectives.
  • Leading the development of the PRA's supervisory cyber approach, including evaluation and assessment methodologies for cyber risk and resilience, working closely with Policy, Supervision and specialist teams.
  • Leading the implementation, ongoing review and continuous improvement of the PRA's supervisory cyber toolkit, including CBEST, STAR-FS and CQUEST.
  • Defining and articulating what good cyber practices look like in the context of broader Operational Resilience expectations.
  • Providing deep analytical and technical expertise, ensuring relevant industry standards and good practices are embedded in cyber resilience assessments.
  • Leading meetings with regulated firms to assess cyber risk and resilience capabilities, providing effective challenge to firms' approaches and remediation plans.
  • Developing and maintaining strong working relationships across the Bank and with external stakeholders, including the FCA, HMT, NCSC, CPNI and other domestic and international bodies.
  • Drafting high‑quality papers and briefings, and contributing actively to horizon scanning and Risk Committee discussions
  • Significant experience leading independently regulatory cyber reviews, including threat-led-penetration‑testing assessments (e.g. CBEST, STAR-FS) and other technical reviews across Cyber Resilience or related disciplines.
  • Significant experience leading independently strategic cyber resilience and proven experience to engage with senior stakeholders while delivering projects.
  • Strong knowledge of the PRA's approach to supervising cyber risk and resilience, including its application within the Operational Resilience framework.
  • Strong understanding of the evolving cyber security regulatory landscape, and the key Operational Resilience challenges facing UK financial sector firms and authorities.
  • Strong understanding of the evolving cyber security landscape, including risks associated with emerging technologies such as Artificial Intelligence and post‑quantum computing.
  • Ability to synthesise complex technical cyber and resilience information and translate it into clear, well‑reasoned conclusions and actionable recommendations for senior stakeholders.
  • Ability to represent the organisation's position on key cyber and operational resilience matters internally and externally, including leading meetings, influencing senior audiences, and adapting communication style to context and audience.
  • Strong understanding of recognised cyber resilience standards and frameworks (e.g. UK NCSC CAF, NIST, ISO/IEC 27001, ISO 22301) and cyber‑related regulatory and supervisory expectations (e.g. PRA Rulebook, DORA, NIS2 Directive, CPMI‑IOSCO).
  • Relevant professional qualifications and certifications, such as CISA, CISM, CRISC, CISSP, CSX, or Lead Auditor certifications for ISO/IEC 27001 and ISO 22301.
  • Demonstrated commitment to diversity and inclusion, with evidence of fostering inclusive working practices, valuing diverse perspectives, and contributing to an open and respectful team culture.
  • Financial sector or regulatory experience, with a sound understanding of bank operations and risk and control environments.
  • Experience in assessing and managing cyber and technology risk.

Number of direct reports: None.

Role Requirements:

Minimum Criteria

  • Significant experience leading independently regulatory cyber reviews, including threat-led-penetration‑testing assessments (e.g. CBEST, STAR-FS) and other technical reviews across Cyber Resilience or related disciplines.
  • Significant experience leading independently strategic cyber resilience and proven experience to engage with senior stakeholders while delivering projects.
  • Strong knowledge of the PRA's approach to supervising cyber risk and resilience, including its application within the Operational Resilience framework.
  • Strong understanding of the evolving cyber security regulatory landscape, and the key Operational Resilience challenges facing UK financial sector firms and authorities.
  • Strong understanding of the evolving cyber security landscape, including risks associated with emerging technologies such as Artificial Intelligence and post‑quantum computing.

Essential Criteria

  • Ability to synthesise complex technical cyber and resilience information and translate it into clear, well‑reasoned conclusions and actionable recommendations for senior stakeholders.
  • Ability to represent the organisation's position on key cyber and operational resilience matters internally and externally, including leading meetings, influencing senior audiences, and adapting communication style to context and audience.
  • Strong understanding of recognised cyber resilience standards and frameworks (e.g. UK NCSC CAF, NIST, ISO/IEC 27001, ISO 22301) and cyber‑related regulatory and supervisory expectations (e.g. PRA Rulebook, DORA, NIS2 Directive, CPMI‑IOSCO).
  • Relevant professional qualifications and certifications, such as CISA, CISM, CRISC, CISSP, CSX, or Lead Auditor certifications for ISO/IEC 27001 and ISO 22301.
  • Demonstrated commitment to diversity and inclusion, with evidence of fostering inclusive working practices, valuing diverse perspectives, and contributing to an open and respectful team culture.

Desirable Criteria

  • Financial sector or regulatory experience, with a sound understanding of bank operations and risk and control environments.
  • Experience in assessing and managing cyber and technology risk.

___

Our Approach to Inclusion

The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve.

At the Bank of England, we want all colleagues to feel valued and respected, so we're working hard to build an inclusive culture which supports people from all backgrounds and communities to be at their best at work. We celebrate all forms of diversity, including (but not limited to) age, disability, ethnicity, gender, gender identity, race, religion, sexual orientation and socioeconomic status. We believe that it's by drawing on different perspectives and experiences that we'll continue to make the best decisions for the public.

We welcome applications from individuals who work flexibly, including job shares and part time working patterns. We've also partnered with external organisations to support us in making adjustments for candidates and employees in the recruitment process where they're needed.

For most roles where work can be carried out at home, we aim for colleagues to spend half of their time in the office, with a minimum of 40% per month. Subject to that minimum requirement, individuals and managers should work together to find what works best for them, their team and stakeholders.

Finally, we're proud to be a member of the Disability Confident Scheme. If you wish to apply under this scheme, you should check the box in the 'Candidate Personal Information' under the 'Disability Confident Scheme' section of the application.

Salary and Benefits Information

We encourage flexible working, part time working and job share arrangements. Part time salary and benefits will be on a pro-rated basis as appropriate.

This role offers a salary of circa £108,800 - £122,000. In addition, we also offer a comprehensive benefits package as detailed below:

  • Currently a non-contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year. The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time.
  • A discretionary performance award based on a current award pool.
  • An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits.
  • 26 days' annual leave with option to buy up to 12 additional days through flexible benefits.
  • Private medical insurance and income protection.

National Security Vetting Process

Employment in this role will be subject to the National Security Vetting clearance process (and typically can take between 6 to 12 weeks post offer) and the passing of additional Bank security checks in accordance with the Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes, is set out in the Bank's Privacy Notice.

The Bank of England welcomes applications from all candidates, but as a UK Visas and Immigration (UKVI) approved sponsor, we have a responsibility to comply with the Immigration Rules and guidance. As such, our ability to employ individuals who require sponsorship for immigration purposes is limited. The Bank cannot guarantee that you and / or the role you are applying for will be eligible for sponsorship and that any application made to UKVI will be successful. Eligibility will therefore be considered on a case by case basis.

The Application Process

Important: Please ensure that you complete the 'work history' section and answer ALL the application questions fully. All candidate applications are anonymised to ensure that our hiring managers will not be able to see your personal information, including your CV, when reviewing your application details at the screening stage. It's therefore really important that you fill out the work history and application form questions, as your answers will form a critical part of the initial selection process.

The assessment process will comprise of two interview stages.

This role closes on 24th June.

Please apply online, ensuring that you complete your work history and answer ALL the application questions fully and in detail as your application will not be considered if all mandatory questions are not fully completed.

Bank of England
About Bank of England

The Bank of England is the central bank of the United Kingdom. Sometimes known as the “Old Lady” of Threadneedle Street, the Bank was founded in 1694 with a founding charter that stated its purpose was to “promote the public good and benefit of our people”.

The Bank of England’s purpose today reflects that vision first articulated by our founders. Our mission: to promote the good of the people of the United Kingdom by maintaining monetary and financial stability.

Workplace Initiatives

Program for parents returning to work after Parental Leave?

We have a returner's session they can attend and our Parent's Network also run a separate returners session.

Leadership development programs?

Yes

Mentoring programs?

Yes

Coaching programs?

Yes

Employee-led diversity networks?

Yes

Internal women’s networking groups?

Yes

Open to discussing flexible work arrangements at interview stage?

Yes

No. of weeks paid maternity leave at full salary:

26 weeks

Minimum weeks tenure required to be eligible for paid maternity leave:

26 weeks service at the Qualifying week (15th week before due date)

No. of weeks paid paternity leave at full salary:

2 weeks

Minimum tenure required to be eligible for paid paternity leave:

26 weeks service at the Qualifying week (15th week before due date)

Gender pay gap reporting information 2019 (UK):

Mean pay gap:

20.20%

Median pay gap:

23%

Mean bonus (performance award) gap:

21%

Median bonus (performance award) gap:

22%

Signatory of the UK Women in Finance Charter?

Yes

Targets to raise the number of women in leadership?

Yes

Targets to raise the number of BAME individuals in leadership?

Yes

Listed in the Bloomberg Diversity & Inclusion Index?

No

Returner Programme

We recognise that there is a large untapped talent pool of experienced professionals on a career break, including many high-calibre women who have taken time out of their careers for a variety of different reasons. As part of our inclusion agenda, the Bank is partnering with Women Returners, a specialist return-to-work organisation, to run the Bank of England Career Returners Programme to attract and support returning professionals, with coaching and training support provided by Women Returners and the possibility of a permanent role at the end of the programme.

Applicants will have to go through a short assessment process in order to gain a role. Applicants must have had a career break of two or more years to be eligible for the programme. All returners who gain a position will receive coaching support from Women Returners to help them transition back in to the workplace. The returners will be taking on real live budgeted vacancies – they are not specifically created roles. Flexible working options will be available, though we would ask that all returners attend the full induction.

Testimonials

" I had never thought about working in the public sector. I genuinely can’t remember why I decided to go to the Career Returners launch event at the Bank but it was literally life changing. I realised there was a place where I could work in financial services and still be able to care for my children. This was hugely different from when I was in investment banking. I was also very impressed by the level and quality of people in the Bank. I doubt I wouldn’t be working today if it was not for the programme – it is as simple as that."

"I’m not sure I would have come back to work in the City if I hadn’t have found something like this. Having young children and a long commute, I knew I wouldn’t find the flexibility I needed in the investment banking industry that I used to work in. Finding this scheme gave me the prospect of working part-time and flexibly without giving up on interesting and challenging work."

 

Working for The Bank of England

As a place of work, the Bank feels different from other organisations. The atmosphere is relaxed but professional, research-driven and connected to real events in the economy. While organisations in the private sector are focused primarily on profits, our objectives are the quality of our thinking and analysis.

Whichever area you join, it’s likely you’ll work on high-impact projects. The issues we deal with on a daily basis are often in the news, and affect everyone in the country. For many of our people, contributing to the public good is one of the most rewarding aspects of working here.

Our historic building is located in the heart of the City and combines rich tradition with up-to-date facilities. Just as important, a strong culture of support exists in the organisation.

The Bank is a member of the Disability Confident scheme. This means that applicants who declare a disability and who meet the minimum requirements of the job description are fast-tracked to the first stage of assessment.

The Bank also encourages Diversity of Thought, which inspires colleagues in every area to share different ways of thinking, working and achieving success. The aim of this is to promote creativity and encourage diverse approaches by inviting people with different backgrounds, skills or talents to present their thoughts and ideas.

In order to promote and support diversity in all its forms, we also have a number of Employee Networks:

LGBT+ AND ALLIES NETWORK

The LGBT+ and Allies Network is fully inclusive and open to every member of staff. This includes people who may not identify as LGBT+ themselves, but who actively support their LGBT+ colleagues, and promote a working environment where everyone – regardless of sexual orientation or gender identity – feels safe and confident to be themselves.

We are a Stonewall Diversity Champion and participate in the Workplace Equality Index most years. In 2018, we moved up 101 places in the index – a huge improvement in one year. Working with Stonewall, we are committed to improving LGBT+ diversity and inclusion even further.

DISABILITY NETWORK

The key objective of the Disability Network is to identify and remove barriers so that people with disabilities can achieve their full potential at the Bank. As well as supporting individuals with specific employment issues, the network organises events for all employees to raise awareness of the full range of disabilities and the challenges facing those who live with them.

MENTAL HEALTH NETWORK

This network is focused on improving people’s understanding of mental health issues. As well as highlighting the support available to colleagues, it organises and sponsors events to combat the stigma around mental health. In doing so, it aims to ensure that anyone affected by mental health issues – either directly or indirectly – feels more inclined to open up and seek help earlier.

WOMEN IN THE BANK NETWORK

The Women in the Bank Network aims to ensure that all women can flourish in the workplace. It’s open to everyone, regardless of gender, focusing on identifying and tackling issues that can hold women back in their professional development and job satisfaction.

Although we still have a way to go, our efforts to address the imbalance between male and female employees have already achieved considerable success. Of around 1300 staff here, 43% are women with 33% at Governor level.

BEEM NETWORK

BEEM was established to inform, inspire, advocate and promote Black, Asian and Minority Ethnic (BAME) related matters in the Bank. As well as ensuring BAME staff experience the same performance reviews, rates of pay and development opportunities as non-BAME colleagues, BEEM is committed to addressing the imbalance of BAME representation at a senior management level.

MUSLIM NETWORK

The Muslim Network connects and supports Muslim colleagues throughout the Bank, ensuring no one ever has to compromise their religious obligations or spiritual needs in order to excel in their professional role. As part of this, the network also organises events and activities to mark important Islamic celebrations and bring people together throughout the year.

JEWISH NETWORK

The Jewish Network is here to support all Jewish colleagues across the Bank, and help them celebrate and raise awareness of their shared faith. The network is proud of its inclusivity and welcomes members from all denominations and beliefs, including Orthodox, Conservative, Progressive, Cultural and Atheist Jews, as well as those who are not affiliated.

CHRISTIAN UNION

The Christian Union is open to Christians of any (or no) denominational background, as well as colleagues who don’t consider themselves Christians but are interested in finding out more about the Christian faith. Its members regularly come together to study the Bible, pray, talk and socialise, with a focus on their faith and how it influences their work and everyday lives.

CARERS NETWORK

Whether it involves looking after someone with chronic illness, disability or mental health issues, an elderly relative or young children as part of a family, being a carer can be tremendously rewarding. But it’s also extremely demanding. The Carers Network provides the information, advice and support colleagues need to balance that responsibility with a successful career.

Apply Now