Technology overview:

Work for an organisation steeped in history with a front row seat for the digitalisation of the financial sector, and the rise of Fintech and Regtech. A core organisational strength, with our people at our centre, Technology enable the Bank of England to deliver its mission by providing a hugely diverse set of technical solutions and platforms. From supporting critical systems which underpin the UK economy, to evolving data analytics, reinventing our online presence, and introducing a fully digital workplace. Be part of a team that’s constantly evolving, just like our industry.

We take pride in our people, with backgrounds and experiences as diverse as the solutions they provide. You’ll enjoy flexible working opportunities, a sense of community and well-being, and a collective mission to promote the good of the people of the UK. All of which add up to make the Bank a hugely rewarding place to work.

Department overview:

Within Cyber Security you will be working with people who are passionate about protecting the security and stability of our Technology estate. Whether it is identifying threats, uncovering vulnerabilities or ensuring robust and resilient infrastructure, you’ll be working at the cutting edge in a security-centric organisation.

You’ll focus on ensuring security by design, and ensuring we have safe, stable and resilient systems. Collaborating closely with colleagues across Technology and throughout the organisation you will help the division safeguard critical systems and information.

Our award-winning specialist teams are committed to developing their expertise in a constantly evolving environment. Aligned to industry best-practice, staff are encouraged to develop their skills both internally and externally, through mentoring, training and formal qualifications.

Job description

The Cyber Defence Centre (CDC) is responsible for detecting and responding to cyber-attacks against the Bank. The CDC is made up of three key functions: Threat, Defend and Respond. Reporting to the Cyber Response Lead, within the Cyber Defence Centre’s “Respond” function, responsibilities in this role the include management and escalation of cyber security incidents, co-ordinating and taking part in technical response activities and communicating relevant incident information to senior stakeholders within the Bank.

The role will also play an integral part of the evolution of the Cyber Defence Centre as it moves towards greater use of automation technologies to improve its ability to respond to cyber-attacks.

When not handling incidents, the successful candidate will focus on the continued improvement of the team’s security alert triage and incident response capability ensuring robust processes are in place to support the team’s ability to effectively respond to, contain and mitigate cyber security incidents. It will involve close collaboration with the team’s Threat function to ensure the CDC's capability is fit for purpose against the assessed operational threat, ensuring appropriate response strategies are documented and tested.

As with all roles within the Cyber Defence Centre, there is a requirement in this role to partake in more general security operations tasks such as security monitoring and alert triage. This means the role has varied and challenging day-to-day responsibilities, as well as exposure to a range of cutting-edge technology in cyber security, data analytics and intelligence.

As an agile team, comprising its own DevOps function to build tools and integrations, if the successful candidate has software development/programming skill and ambitions, they can get involved with this function including development of the automated incident response playbooks.

Key Experience / Skills

Essential:

Good understanding of best practice security incident response concepts and approaches

Practical experience in the management of high severity security incidents.

Experience developing and documenting incident response processes and designing IR playbooks.

Excellent written and verbal communication skills

Ability to convey complex information in a clear and concise manner

Ability and willingness to learn new technical cyber security skills

Knowledge of computer network fundamentals, including network protocols and infrastructure (packet capture analysis, firewalls, web proxies, DNS etc.)

Logical mind-set

The ability to acquire DV clearance (To be eligible to apply you must be a British citizen (either born here or naturalised) and one of your parents must be a British citizen or have substantial ties to the UK.

Desirable:

GCIH or similar qualification in Security Incident response

Understanding of common cyber threats and attacker tactics, techniques and procedures and an ability to identify appropriate mitigation strategies

Experience using automation or SOAR platforms

Knowledge of security monitoring

Knowledge of incident response principles

Experience using MITRE ATT&CK

Experience using Splunk

Experience using an intelligence platform

Software development, scripting or programming skills

The Bank values diversity and inclusion – we want to reflect the society we serve better, we want the best people to work for us and we want our workplace to be inclusive.  We value all forms of diversity, including but not limited to age, disability, ethnicity, gender, gender identity, race, religion and sexual orientation.  One way we support diversity and inclusion is through our staff-run networks, which are summarised here.

We are fully committed to having a diverse and inclusive working environment, and are open to considering how the role might be carried out with flexible working.  This role is therefore open to flexible working patterns. (Delete if operationally this may not be feasible)

We are also committed to making adjustments for candidates and employees where possible, and have partnered with external expert organisations to support us in this.  We are a member of the Disability Confident scheme, summarised here, and people who wish to apply under this scheme should check the box in the ‘Candidate Personal Information’ under the ‘Disability Confident Scheme’ section of the application.

We anonymise applications so hiring managers will not be able to see your personal information when reviewing your submission, including your CV. Please fully complete the application form questions as requested, as any incomplete submissions may not be reviewed.