Lead Cyber Risk and Assurance Specialists (x3) in Leeds

We currently have a number of opportunities across our Cyber teams - if this role isn’t the right fit, we encourage you to explore what else is available:

• Senior Cyber Analyst in VULNERABILITY MANAGEMENT
• Lead Security Architect in SECURITY ARCHITECTURE

This role is open to flexible working patterns, these may include:

• Job share
• Flexible start and end time to each day
• Part time
• Ability to adapt calendar as needed, this could be to fit in the school run, gym, or appointments
• A 50% in-office attendance requirement can be spread across the month to accommodate diverse working patterns, such as the flexibility to purchase a weekly train ticket for certain weeks
• Compressed hours (subject to approval and policy within the team)
• Working from abroad policy (subject to approval and policy within the team)

The Cyber Security Division (CSD) is an award-winning group of cyber security experts who are committed to keeping the Bank of England safe from cyber-attacks and incidents. In 2023 CSD were recognised with the Financial Services award of the year at the National Cyber Awards.

Within Cyber Security you will be working with people who are passionate about protecting the Bank from Cyber security incidents. Given the importance and complexity of technology for the Bank of England, the security challenges are rarely straightforward and often span multiple systems hosted in our own data centres, in the cloud and as SaaS, requiring cross-team working and deep technical expertise to address them effectively.

You’ll assess the security of solutions being considered by Bank teams, including SaaS solutions. By collaborating closely with colleagues across Technology and throughout the organisation you will play a key role in safeguarding the Bank and its information. Our teams are committed to developing their expertise in a constantly evolving environment. Aligned to industry best-practice, staff are encouraged to develop their skills both internally and externally, through mentoring, training and formal qualifications.

The Cyber Security Division advises business areas on how best to manage and mitigate the cyber security risks in one of the Bank’s most complex and fastest growing risk areas: the supply chain.

We are looking for a highly experienced Lead Cyber Risk and Assurance Specialist or Lead Security Architect who will perform complex risk and assurance activities on systems and solutions that underpin the economy and modernise how our colleagues securely work every day.

As a Lead Cyber Risk and Assurance Specialist, you’ll risk assess a range of IT supplier solutions and steer major programmes so that cyber security, simplicity, and user experience move forward together. You’ll combine hands‑on consultancy or architectural leadership with great stakeholder influence to ensure our suppliers provide secure, useable, and cost-effective solutions to the Bank.

The Lead Cyber Security Risk and Assurance Specialist will:

• Champion a modern security posture - threat‑informed and focused on measurable reduction of attack surface.
• Conduct IT security risk assessments and assurance activities to ensure solutions meet policy and technical standards, including as part of formal procurement tenders;
• Act as senior consultancy voice for high‑impact initiatives, aligning security capabilities to business outcomes and risk profiles, and shaping option analysis with clear trade‑offs.
• Lead/implement projects and initiatives to reduce supply chain security risks and improve our ability to recover from, and be resilient to, supplier incidents;
• Communicate complex security choices simply - at meetings/workshops, in option papers, and risk assessments that influence senior stakeholders and unblock decisions.
• Review and agree cyber security contract terms;
• Provide stakeholder leadership – be comfortable influencing senior leaders and guiding engineers/SMEs, produce strong documentation and have strong communication skills.

Minimum Criteria:

• Proven in technical roles (preferably with a cyber security element).
• Significant experience working in cyber security consultancy or architecture roles within highly regulated sectors (e.g. financial/insurance, defence, civil nuclear, intelligence).
• Considerable experience conducting technical risk assessments:

• Analysing technical problems to identify potential security concerns
• Reviewing IT architecture to identify potential security gaps and/or vulnerabilities
• Assessing compliance with IT security policies and technical standards (e.g. ISO 27001, NIST, Cyber Essentials, COBIT, etc…)
• Liaising with other stakeholders to reach agreement of the level of risk
• Writing technical reports.

Essential Criteria:

• Sufficient experience and expertise in cyber security and risk to be able to act as a point of escalation for the team.
• A solid understanding of IT network architecture and components, software/application security, infrastructure security, Cloud.
• Active interest in new technical concepts and/or technologies.
• Must be able to collaborate with stakeholders to identify critical business functions and establish how cyber security controls can support them.
• Ability to communicate complex security choices simply and effectively.
• Strong stakeholder management and collaboration skills and experience advising up to, and including, ‘C’ suite staff.

Desirable Criteria:

• The ability to acquire DV clearance (To be eligible to apply you must be a British citizen (either born here or naturalised) and one of your parents must be a British citizen or have substantial ties to the UK.)
• Additional technical qualifications (e.g. CompTIA SecurityX, CCSK, CCSP, CompTIA Network Plus;, GDSA)
• Advanced qualifications in Cyber Security, Technology, Computer Science.
• Knowledge of well-known Frameworks (e.g., NIST, MITRE ATT&CK, ISO 27001) and how they are applied pragmatically within delivery.

The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve.

At the Bank of England, we want all colleagues to feel valued and respected, so we're working hard to build an inclusive culture which supports people from all backgrounds and communities to be at their best at work. We celebrate all forms of diversity, including (but not limited to) age, disability, ethnicity, gender, gender identity, race, religion, sexual orientation and socioeconomic status. We believe that it’s by drawing on different perspectives and experiences that we’ll continue to make the best decisions for the public.

We welcome applications from individuals who work flexibly, including job shares and part time working patterns. We've also partnered with external organisations to support us in making adjustments for candidates and employees in the recruitment process where they're needed.

For most roles where work can be carried out at home, we aim for colleagues to spend half of their time in the office, with a minimum of 40% per month. Subject to that minimum requirement, individuals and managers should work together to find what works best for them, their team and stakeholders.

Finally, we're proud to be a member of the Disability Confident Scheme. If you wish to apply under this scheme, you should check the box in the ‘Candidate Personal Information’ under the ‘Disability Confident Scheme’ section of the application.

We encourage flexible working, part time working and job share arrangements. Part time salary and benefits will be on a pro-rated basis as appropriate.

In addition, we also offer a comprehensive benefits package as detailed below:

• Currently a non-contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year.
• The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time.
• A discretionary performance award based on a current award pool.
• An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits.
• 26 days’ annual leave with option to buy up to 12 additional days through flexible benefits.
• Private medical insurance and income protection.

Employment in this role will be subject to the National Security Vetting clearance process (and typically can take between 6 to 12 weeks post offer) and the passing of additional Bank security checks in accordance with the Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes, is set out in the Bank's Privacy Notice.

The Bank of England welcomes applications from all candidates, but as a UK Visas and Immigration (UKVI) approved sponsor, we have a responsibility to comply with the Immigration Rules and guidance. As such, our ability to employ individuals who require sponsorship for immigration purposes is limited. The Bank cannot guarantee that you and / or the role you are applying for will be eligible for sponsorship and that any application made to UKVI will be successful. Eligibility will therefore be considered on a case by case basis.

Important: Please ensure that you complete the ‘work history’ section and answer ALL the application questions fully. All candidate applications are anonymised to ensure that our hiring managers will not be able to see your personal information, including your CV, when reviewing your application details at the screening stage. It’s therefore really important that you fill out the work history and application form questions, as your answers will form a critical part of the initial selection process.

The assessment process will comprise of two interview stages. This role closes on 2nd June 2026. Please apply online, ensuring that you complete your work history and answer ALL the application questions fully and in detail as your application will not be considered if all mandatory questions are not fully completed.