Senior Cyber Analyst in Cyber Defence Centre presso Bank of England
Bank of England · London, Regno Unito · Hybrid
- Senior
- Ufficio in London
Work for an organisation steeped in history with a front row seat for the digitalisation of the financial sector, and the rise of Fintech and Regtech. A core organisational strength, with our people at our centre, Technology enable the Bank of England to deliver its mission by providing a hugely diverse set of technical solutions and platforms. From supporting critical systems which underpin the UK economy, to evolving data analytics, reinventing our online presence, and introducing a fully digital workplace. Be part of a team that’s constantly evolving, just like our industry.
We take pride in our people, with backgrounds and experiences as diverse as the solutions they provide. You’ll enjoy flexible working opportunities, a sense of community and well-being, and a collective mission to promote the good of the people of the UK. All of which add up to make the Bank a hugely rewarding place to work.
Department overview:
Within Cyber Security you will be working with people who are passionate about protecting the security and stability of our Technology estate. Whether it is identifying threats, uncovering vulnerabilities or ensuring robust and resilient infrastructure, you’ll be working at the cutting edge in a security-centric organisation.
You’ll focus on ensuring security by design, and ensuring we have safe, stable and resilient systems. Collaborating closely with colleagues across Technology and throughout the organisation you will help the division safeguard critical systems and information.
Our award-winning specialist teams are committed to developing their expertise in a constantly evolving environment. Aligned to industry best-practice, staff are encouraged to develop their skills both internally and externally, through mentoring, training and formal qualifications.
Job description
The role will play an integral part of the evolution of the Cyber Defence Centre as it moves towards greater use of automation technologies to improve its ability to respond to cyber-attacks. When not handling incidents, the successful candidate will focus on the continued improvement of the team’s security alert triage and incident response capability ensuring robust processes are in place to support the team’s ability to effectively respond to, contain and mitigate cyber security incidents. It will involve close collaboration with the team’s Threat function to ensure the CDC's incident response capability is fit for purpose against the assessed operational threat, ensuring appropriate response strategies are documented and tested.
In particular, this role will work closely with the Head of Cyber Defence Centre & Cyber Defence Operations Lead to prepare, exercise and lead incident response and management activities for Cyber incidents. The role will play a leadership role within the Cyber Defence Operations function, helping to ensure day-to-day excellence and continuous improvement of security monitoring, incident response and management activities. A keen focus is the delivery of enhanced Enterprise Incident Response capability, utilising existing and developing new Security Orchestration and Automated Response playbooks and integrations.
As with all roles within the Cyber Defence Centre, there is a requirement in this role to partake in more general security operations tasks such as security monitoring and alert triage. This means the role has varied and challenging day-to-day responsibilities, as well as exposure to a range of cutting-edge technology in cyber security, data analytics and intelligence.
As an agile team, comprising its own DevOps function to build tools and integrations, if the successful candidate has software development/programming skill and ambitions, they can get involved with this function including development of the automated incident response playbooks.
Key Experience / Skills
Essential:
- Good understanding of best practice security incident response concepts and approaches
- Practical experience in technical cyber security incident response methodologies
- Experience developing and documenting incident response processes and designing IR playbooks.
- Experience using automation or SOAR platforms
- Excellent written and verbal communication skills
- Ability to convey complex information in a clear and concise manner
- Ability and willingness to learn new technical cyber security skills
- Knowledge of computer network fundamentals, including network protocols and infrastructure (packet capture analysis, firewalls, web proxies, DNS etc.)
- Logical mind-set
Desirable:
- GCIH or similar qualification in Security Incident response
- Experience running or overseeing Security Operations teams
- Understanding of common cyber threats and attacker tactics, techniques and procedures and an ability to identify appropriate mitigation strategies
- Experience using MITRE ATT&CK
- Experience using Splunk
- Experience using a threat intelligence platform
- Software development, scripting or programming skills
- The ability to acquire DV clearance (To be eligible to apply you must be a British citizen (either born here or naturalised) and one of your parents must be a British citizen or have substantial ties to the UK.)
Our Approach to Inclusion
The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve.
At the Bank of England, we want all colleagues to feel valued and respected, so we're working hard to build an inclusive culture which supports people from all backgrounds and communities to be at their best at work. We celebrate all forms of diversity, including (but not limited to) age, disability, ethnicity, gender, gender identity, race, religion, sexual orientation and socioeconomic status. We believe that it’s by drawing on different perspectives and experiences that we’ll continue to make the best decisions for the public.
We welcome applications from individuals who work flexibly, including job shares and part time working patterns. We've also partnered with external organisations to support us in making adjustments for candidates and employees in the recruitment process where they're needed.
For most roles where work can be carried out at home, we aim for colleagues to spend half of their time in the office, with a minimum of 40% per month. Subject to that minimum requirement, individuals and managers should work together to find what works best for them, their team and stakeholders.
Finally, we're proud to be a member of the Disability Confident Scheme. If you wish to apply under this scheme, you should check the box in the ‘Candidate Personal Information’ under the ‘Disability Confident Scheme’ section of the application.
Salary and Benefits Information
We encourage flexible working, part time working and job share arrangements. Part time salary and benefits will be on a pro-rated basis as appropriate.
This role offers a salary of £61,440-£69,120. In addition, we also offer a comprehensive benefits package as detailed below:
- Currently a non-contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year. The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time.
- A discretionary performance award based on a current award pool.
- An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits.
- 26 days’ annual leave with option to buy up to 12 additional days through flexible benefits.
- Private medical insurance and income protection.
National Security Vetting Process
Employment in this role will be subject to the National Security Vetting clearance process (and typically can take between 6 to 12 weeks post offer) and the passing of additional Bank security checks in accordance with the Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes, is set out in the Bank's Privacy Notice.
The Bank of England welcomes applications from all candidates, but as a UK Visas and Immigration (UKVI) approved sponsor, we have a responsibility to comply with the Immigration Rules and guidance. As such, our ability to employ individuals who require sponsorship for immigration purposes is limited. The Bank cannot guarantee that you and / or the role you are applying for will be eligible for sponsorship and that any application made to UKVI will be successful. Eligibility will therefore be considered on a case by case basis.
The Application Process
Important: Please ensure that you complete the ‘work history’ section and answer ALL the application questions fully. All candidate applications are anonymised to ensure that our hiring managers will not be able to see your personal information, including your CV, when reviewing your application details at the screening stage. It’s therefore really important that you fill out the work history and application form questions, as your answers will form a critical part of the initial selection process.
The assessment process will comprise of two interview stages. (Amend and add brief details if relevant, such as interview/assessment dates or process for your specific role).
This role closes on 20 October 2025.
Please apply online, ensuring that you complete your work history and answer ALL the application questions fully and in detail as your application will not be considered if all mandatory questions are not fully completed.