Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Assess and manage cyber risks with third-party suppliers to ensure operational resilience.
- Company: Join a global leader in finance with over 160 years of history.
- Benefits: Competitive salary, diverse teams, and opportunities for professional growth.
- Why this job: Make a real impact on cybersecurity while collaborating with multidisciplinary teams.
- Qualifications: 5+ years in cyber risk or IT risk; degree-level education preferred.
- Other info: Dynamic work environment with a focus on innovation and collaboration.
The predicted salary is between 36000 - 60000 £ per year.
BBVA is a global company with more than 160 years of history that operates in more than 25 countries where we serve more than 80 million customers. We are more than 121,000 professionals working in multidisciplinary teams with profiles as diverse as financiers, legal experts, data scientists, developers, engineers and designers.
The Cybersecurity UK & CE team is responsible for the implementation and continuous improvement of the CIB Corporate Security programme across the region, working closely with technology, risk, and business stakeholders to deliver practical and proportionate security outcomes.
About the job:- Key Responsibilities:
- Third-Party Cyber & IT Risk:
- Assess third-party suppliers’ capability to manage technology and cyber risk.
- Support evaluation of residual risk following application of relevant control frameworks.
- Coordinate and perform due diligence and third-party competency validation for Tier 1 and Tier 2 suppliers prior to contract signature.
- Support contractual embedding of IT risk requirements, including risk-inclusive clauses.
- Obtain and assess third-party assurance artefacts (e.g. SOC, ISAE) where required.
- Track and support remediation of third-party risk findings ahead of contract renewal.
- Contribute to the development of proportionate exit strategies for critical suppliers.
- Support cyber-led third-party resilience activities, including dependency mapping and concentration risk assessment.
- Translate supplier risks into resilience considerations for important business services.
- Support development of realistic cyber and third-party disruption scenarios.
- Coordinate with relevant stakeholders to ensure resilience considerations are reflected consistently across plans and artefacts.
- Support cyber operational resilience activities, including service mapping, scenario coordination, and documentation.
- Assist with preparation and coordination of resilience exercises and follow-up actions.
- Contribute to clear, regulator-ready narratives aligned to UK and EU expectations.
- Support consistency of approach across UK & CE offices, including Milan, Paris, and Frankfurt.
- At least 5 years of experience in cyber risk, IT risk, third-party risk, or related disciplines within a regulated environment.
- Exposure to supplier risk assessment, control assurance, or contractual risk considerations.
- Some experience or interest in operational resilience, business continuity, or technology disruption scenarios.
- Comfortable working across Cyber, IT, Risk, Procurement, and business teams.
- Cyber-literate, with the ability to understand technology services, dependencies, and common failure modes.
- Familiarity with IT risk control concepts and third-party assurance artefacts (e.g. SOC, ISAE).
- Awareness of UK Operational Resilience requirements (BoE, PRA, FCA), and relevant European regulations (EBA, DORA, GDPR).
- Able to analyse, document, and explain complex supplier and service relationships.
- Strong coordination and stakeholder engagement skills.
- Clear, structured written communication suitable for risk and regulatory contexts.
- Organised and detail-oriented, with the ability to track actions across multiple parties.
- Able to operate independently, exercising sound judgement and escalating appropriately when required.
- Degree-level education or equivalent experience.
- Relevant certifications are advantageous but not required.
- English proficiency required; Spanish is a plus.
Please note that priority will be given to candidates who are eligible to work in the UK.
Skills:Business, Control Frameworks, Cyber Risks, Due Diligence, Information Technology (IT) Risk, Legal Practices, Risk Assessments, Supplier Risk Assessment, Third Party Risk Management.
Cyber & Third-Party Resilience Specialist in London employer: BBVA Group
Contact Detail:
BBVA Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber & Third-Party Resilience Specialist in London
✨Tip Number 1
Network like a pro! Connect with professionals in the cybersecurity field on LinkedIn. Join relevant groups, participate in discussions, and don’t hesitate to reach out for informational interviews. It’s all about making those connections that can lead to job opportunities.
✨Tip Number 2
Show off your skills! Create a personal website or portfolio showcasing your projects and achievements in cyber risk and third-party resilience. This gives potential employers a tangible way to see what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to cyber risk and operational resilience. Practice articulating your experiences clearly and confidently. Remember, it’s not just about what you know, but how you communicate it!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for you. Plus, being part of our Talent Community means you’ll be the first to know about future roles that match your profile. So, get that CV uploaded!
We think you need these skills to ace Cyber & Third-Party Resilience Specialist in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Cyber & Third-Party Resilience Specialist role. Highlight relevant experience in cyber risk and third-party assessments, and don’t forget to showcase your coordination skills!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about cybersecurity and how your background makes you a perfect fit for our team. Keep it concise but impactful!
Showcase Your Skills: Don’t just list your skills; demonstrate them! Use specific examples from your past experiences that show how you’ve successfully managed cyber risks or worked with third-party suppliers.
Apply Through Our Website: We encourage you to apply through our website for the best chance of being noticed. It’s straightforward and ensures your application goes directly to us. We can’t wait to see what you bring to the table!
How to prepare for a job interview at BBVA Group
✨Know Your Cyber Risk Basics
Make sure you brush up on your knowledge of cyber risk, IT risk, and third-party risk management. Be ready to discuss specific frameworks and assurance artefacts like SOC and ISAE, as these will likely come up during the interview.
✨Showcase Your Coordination Skills
Since this role involves working with various stakeholders, prepare examples that highlight your coordination and stakeholder engagement skills. Think of situations where you successfully managed multiple parties or projects, and be ready to share those stories.
✨Understand Regulatory Requirements
Familiarise yourself with UK Operational Resilience requirements and relevant European regulations. Being able to discuss how these regulations impact third-party risk management will show that you’re not just knowledgeable but also proactive in understanding the landscape.
✨Prepare for Scenario-Based Questions
Expect questions that ask you to analyse potential cyber disruption scenarios or resilience strategies. Practise articulating your thought process on how you would approach these situations, as it will demonstrate your analytical skills and ability to think critically under pressure.
