Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Assess and manage third-party cyber risks while supporting operational resilience activities.
- Company: Join a leading cybersecurity team focused on innovation and collaboration.
- Benefits: Competitive salary, professional development, and a dynamic work environment.
- Why this job: Make a real impact in cybersecurity and enhance resilience across critical services.
- Qualifications: 5+ years in cyber or IT risk; degree-level education preferred.
- Other info: Opportunity to work with international teams and grow your career.
The predicted salary is between 36000 - 60000 £ per year.
The Cybersecurity UK & CE team is responsible for the implementation and continuous improvement of the CIB Corporate Security programme across the region, working closely with technology, risk, and business stakeholders to deliver practical and proportionate security outcomes.
Key Responsibilities
- Third-Party Cyber & IT Risk
- Assess third-party suppliers’ capability to manage technology and cyber risk.
- Support evaluation of residual risk following application of relevant control frameworks.
- Coordinate and perform due diligence and third-party competency validation for Tier 1 and Tier 2 suppliers prior to contract signature.
- Support contractual embedding of IT risk requirements, including risk-inclusive clauses.
- Obtain and assess third-party assurance artefacts (e.g. SOC, ISAE) where required.
- Track and support remediation of third-party risk findings ahead of contract renewal.
- Contribute to the development of proportionate exit strategies for critical suppliers.
- Cyber & Third-Party Resilience
- Support cyber-led third-party resilience activities, including dependency mapping and concentration risk assessment.
- Translate supplier risks into resilience considerations for important business services.
- Support development of realistic cyber and third-party disruption scenarios.
- Coordinate with relevant stakeholders to ensure resilience considerations are reflected consistently across plans and artefacts.
- Cyber Operational Resilience
- Support cyber operational resilience activities, including service mapping, scenario coordination, and documentation.
- Assist with preparation and coordination of resilience exercises and follow-up actions.
- Contribute to clear, regulator-ready narratives aligned to UK and EU expectations.
- Support consistency of approach across UK & CE offices, including Milan, Paris, and Frankfurt.
What are we looking for?
Experience
- At least 5 years of experience in cyber risk, IT risk, third-party risk, or related disciplines within a regulated environment.
- Exposure to supplier risk assessment, control assurance, or contractual risk considerations.
- Some experience or interest in operational resilience, business continuity, or technology disruption scenarios.
- Comfortable working across Cyber, IT, Risk, Procurement, and business teams.
Skills & Knowledge
- Cyber-literate, with the ability to understand technology services, dependencies, and common failure modes.
- Familiarity with IT risk control concepts and third-party assurance artefacts (e.g. SOC, ISAE).
- Awareness of UK Operational Resilience requirements (BoE, PRA, FCA), and relevant European regulations (EBA, DORA, GDPR).
- Able to analyse, document, and explain complex supplier and service relationships.
Professional Skills
- Strong coordination and stakeholder engagement skills.
- Clear, structured written communication suitable for risk and regulatory contexts.
- Organised and detail-oriented, with the ability to track actions across multiple parties.
- Able to operate independently, exercising sound judgement and escalating appropriately when required.
Qualifications
- Degree-level education or equivalent experience.
- Relevant certifications are advantageous but not required.
- English proficiency required; Spanish is a plus.
Please note that priority will be given to candidates who are eligible to work in the UK.
Cyber & Third-Party Resilience Specialist employer: BBVA
Contact Detail:
BBVA Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber & Third-Party Resilience Specialist
✨Tip Number 1
Network like a pro! Reach out to folks in the cybersecurity field, especially those who work with third-party risk. Attend industry events or webinars and don’t be shy about introducing yourself – you never know who might have a lead on your dream job!
✨Tip Number 2
Get your online presence sorted! Make sure your LinkedIn profile is up-to-date and reflects your experience in cyber risk and operational resilience. Join relevant groups and engage in discussions to show off your knowledge and connect with potential employers.
✨Tip Number 3
Prepare for interviews by brushing up on your knowledge of UK Operational Resilience requirements and third-party assurance artefacts. Be ready to discuss how you've tackled similar challenges in the past – real-life examples can really make you stand out!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities that might just be perfect for you. Plus, it’s a great way to show your enthusiasm for joining our team at StudySmarter!
We think you need these skills to ace Cyber & Third-Party Resilience Specialist
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Cyber & Third-Party Resilience Specialist role. Highlight your experience in cyber risk and third-party assessments, and don’t forget to mention any relevant certifications or projects that showcase your skills.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about cybersecurity and how your background aligns with our needs. Be specific about your experience with supplier risk assessment and operational resilience.
Showcase Your Communication Skills: Since clear written communication is key for this role, make sure your application reflects that. Use structured language and avoid jargon where possible. We want to see that you can convey complex ideas simply and effectively.
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to keep track of your application status. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at BBVA
✨Know Your Cyber Stuff
Make sure you brush up on your knowledge of cyber risk and IT risk concepts. Familiarise yourself with third-party assurance artefacts like SOC and ISAE, as well as UK Operational Resilience requirements. Being able to discuss these topics confidently will show that you're the right fit for the role.
✨Showcase Your Experience
Prepare specific examples from your past experience that highlight your skills in assessing third-party suppliers and managing cyber risks. Use the STAR method (Situation, Task, Action, Result) to structure your answers, making it easy for the interviewer to see how you've successfully handled similar challenges before.
✨Engage with Stakeholders
Since this role involves working closely with various teams, be ready to discuss how you've effectively engaged with stakeholders in the past. Share examples of how you coordinated with different departments to achieve a common goal, demonstrating your strong communication and collaboration skills.
✨Prepare for Scenario Questions
Expect questions about how you would handle specific cyber disruption scenarios or third-party risk assessments. Think through potential situations and how you would approach them, showing your analytical skills and ability to develop realistic resilience strategies. This will help you stand out as a proactive candidate.
