Senior Cyber Analyst (12 Mnth Ftc)

Department Overview

Within Cyber Security you will be working with people who are passionate about protecting the security and stability of our Technology estate. Whether it is identifying threats, uncovering vulnerabilities, or ensuring robust and resilient infrastructure, you'll be working at the pioneering in a security-centric organisation.

The function focuses on ensuring security by design, and ensuring we have safe, stable, and resilient systems. Collaborating closely with colleagues across Technology and throughout the organisation you will help the division safeguard the critical systems and Information which the organisation is responsible for.

Our award-winning specialist teams are committed to developing their expertise in a constantly evolving environment. You'll be aligned to industry best practiced and encouraged to develop your skills both internally and externally, through mentoring, training and formal qualifications.

Job description

The Bank of England is looking for an enthusiastic Cyber Security Analyst to join its outstanding Technical Vulnerability Management Team (TVM). The TVM Team is responsible for the Security Posture Management for the whole bank, this includes Vulnerability Management, Continuous Monitoring, Active Directory, Network Shares and Configuration Hardening.

In this role you will get involved in variety of exciting projects, where you will get the opportunity to run security assessments on bank systems that are critical to the financial stability of the United Kingdom. As well as running assessments you will get exposure to a range of different technologies and offer high quality security advice as specialist in your field. You will be actively encouraged to innovate your approach to finding new ways to secure the bank so that we can make sure we are keeping up to date with the latest threats of today.

We wish to encourage applications from candidates who may not feel they have all of the desired experience or knowledge, but have the ability or experience in some of the areas and a keen interest in cyber security.

Key responsibilities:

• Supporting the Team Lead with the provisioning of security testing services for the bank, including Vulnerability Management, Continuous Monitoring, Active Directory, Network Shares and Configuration Hardening.
• Ensuring the safe and effective execution of security testing for production and non-production assets, improving the security assurance value while minimising the risk to live operational services.
• Developing and driving the technical delivery of new security testing services to increase the efficiency and value of the portfolio of security testing options.
• Provide technical security guidance in plain English to Bank stakeholders
• Provide mentoring and knowledge sharing with team members and other colleagues in the bank.
• Ability to lead multiple projects concurrently.
• Assist in the management of identified vulnerabilities, providing thorough and detailed analysis of vulnerabilities.
• Consistently deliver detailed clear documentation for reporting and compliance purposes.

Essential Criteria

• Good experience in operational security activities in an organisation.
• There is a need for sound knowledge and experience of Cyber Security, threat, risk and technical vulnerability management, although not necessarily to a detailed specialist level (e.g. undertaking penetration tests), although this would be advantageous.
• Strong diagnostic skills and the ability to analyse technical information from various sources.
• Superb communication skills and capability to present sophisticated information clearly to technical and non-technical audiences (including senior stakeholders).
• A service orientated and customer focused approach and be results driven, driving improvements to the services offered and adding new value to the bank.
• A willingness to keep up to date with new and emerging technologies and Cyber Security trends, and an appetite for continuous professional development.
• Excellent knowledge in either securing Active Directory and Network shares.

Desirable Criteria

• A strong interest in Cyber Security matters, with the holding of relevant qualifications (e.g. CISSP, Security+, OSCP) being a distinct advantage.
• Knowledge of network protocols, web application security and an understanding of security toolsets.
• Experience working in financial services or government organisations.
• Experience and knowledge of working with and assuring Cloud technologies would be advantageous.