Junior Penetration Tester (Cyber Analyst), Threat & Vulnerability Management – Cyber Security D[...] in Leeds

This is an opportunity to join the Bank of England’s Pentest Team as a Junior Penetration Tester and build your career in offensive security. You’ll gain hands‑on experience in penetration testing, vulnerability assessment, and support for red and purple team activity, working alongside experienced colleagues to help strengthen the Bank’s security across a wide range of systems and services. You will also have access to training to help with your technical and personal development goals.

Flexible Working Options

• Flexible start and end time to each day
• Flexibility to adapt your calendar as needed, for example around the school run, the gym, or appointments
• A 50% in‑office attendance requirement, which can be spread across the month to support different working patterns
• Working from abroad policy (subject to approval and policy within the team)

Opportunities in Leeds

We’re excited to be growing our presence in Leeds, a city we’ve been connected to for nearly 200 years! Our modern, accessible office in the City Centre offers a supportive, flexible working environment. The majority of roles, including this one, are now available in Leeds, giving you the chance to build a meaningful career outside of London while contributing to our mission from a dynamic and growing location. You’ll work collaboratively with London‐based colleagues in a hybrid model, with regular opportunities to travel into the London office to meet and connect together in person.

A day in the role

No two days in this role are exactly the same. You might start the day with a team catch‐up, then spend time supporting a penetration test, researching a new technique, or helping to review findings and draft clear reports. Along the way, you’ll work with experienced teammates who will support your development and help you build confidence across different technologies and testing approaches. The role also offers flexibility in how you organise your day, with flexible start and finish times and hybrid working between the Leeds office and home.

Role Requirements

You may already have some hands‑on penetration testing experience, or you may be looking to deepen your skills in areas such as infrastructure, cloud, or web application testing. If you enjoy problem‑solving, are keen to keep learning, and are excited by the opportunity to grow in a supportive team, we’d be keen to hear from you.

Minimum Criteria

• Hands‑on penetration testing experience, ideally around two years or more
• A recognised penetration testing certification, or clear progress towards one, such as OSCP, OSWA, GPEN, GWAPT, GCPN, CREST (CRT or CCT INF/APP), CSTM or CPTS
• Some practical experience in infrastructure, cloud, or web application pentesting
• Experience using standard offensive security tools
• A good understanding of common operating systems
• A basic understanding of networking concepts, including IP addressing, TCP/IP, and UDP
• An understanding of enterprise infrastructure technologies
• An understanding of cloud technologies
• Clear written and verbal communication skills, including the ability to contribute to technical reporting

Essential Criteria

The experience below would help you succeed in the role. If you bring some of these already and are keen to continue developing in others, we’d still encourage you to apply.

• Some experience or growing capability in cloud security pentesting
• Scripting skills, or a willingness to build them, in Python, PowerShell, or Bash
• Some exposure to Governance, Risk and Compliance processes, or an interest in learning how they support security work
• A high level of integrity, organisation, self‐motivation, and a genuine commitment to learning and continuous improvement

How this role fits into the wider Bank

As part of the Cyber Division, you’ll join a penetration testing team where you can build your skills through hands‑on work identifying vulnerabilities, assessing risk, and supporting remediation across the Bank’s technology and infrastructure. Working closely with colleagues across Technology and the wider organisation, you’ll learn from experienced teammates while helping to protect the critical systems and information the Bank depends on. This gives you the opportunity to make a meaningful contribution from the start.

Our Approach to Inclusion

The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve. At the Bank of England, we want all colleagues to feel valued and respected, so we’re building an inclusive culture that supports people from all backgrounds and communities to be at their best at work. We celebrate diversity in all its forms and draw on different perspectives and experiences to make the best decisions for the public.

Salary and Benefits Information

We encourage flexible working, part time working and job share arrangements. Part‑time salary and benefits will be on a pro‑rated basis as appropriate. The salary range in Leeds is £40,320 to £45,360.

Currently a non‑contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year. The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time.

A discretionary performance award based on a current award pool. An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits. 26 days’ annual leave with option to buy up to 12 additional days through flexible benefits. Private medical insurance and income protection.

National Security Vetting Process

Employment in this role will be subject to the National Security Vetting clearance process (typically 6 to 12 weeks post‑offer) and the passing of additional Bank security checks in accordance with Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes is set out in the Bank’s Privacy Notice.

The Application Process

Important: Please ensure that you complete the ‘work history’ section and answer all the application questions fully. All candidate applications are anonymised so that hiring managers will not see your personal information, including your CV, when reviewing your application at the screening stage. The assessment process will comprise two interview stages. This role closes on 17th June. Please apply online, ensuring that you complete your work history and answer all the application questions fully and in detail as your application will not be considered if all mandatory questions are not fully completed.