At Metro Bank, we believe the best banking experience starts with people who genuinely care. We’re not just delivering banking services – we’re building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible.
What you will do:
- Design, develop, and maintain a comprehensive internal and external threat framework covering cyber, physical, supplier, and emerging threats
- Manage a repeatable methodology for identifying, assessing, prioritising, and tracking threats across the organisation
- Integrate intelligence from internal telemetry, SOC outputs, CTI, red/purple teaming, suppliers, and industry sources into the threat framework
- Ensure the framework aligns with relevant standards (e.g., MITRE ATT&CK ATLAS, NIST 800-53/800-30, ISO 27005)
- Drive continuous improvement by refining threat models based on real incidents, trend analysis, and threat landscape shifts
- Design and define and implement governance processes for vulnerability management across all hardware, software, cloud, and operational technology assets
- Analyze scan results, prioritise vulnerabilities based on threat context and business impact, and track remediation progress
- Design and develop clear accountability models (RACI) across Security, IT Operations, Engineering, and Product teams
- Own and lead governance forums to monitor vulnerability status, risk posture, and remediation performance
- Maintain a scalable, intelligence‑led triage process to assess new vulnerabilities (CVEs, zero days, vendor advisories, threat intel alerts). Introduce prioritisation logic based on factors such as‐exploitability, asset criticality, exposure (internal vs external), compensating controls and business impact
- Lead identification and assessment of risks associated with frontier AI technologies (e.g. large language models, autonomous agents, multimodal systems), ensuring emerging threat scenarios such as prompt injection, model exploitation, data leakage, and AI‑enabled cyber attacks are proactively understood and documented
What you will need:
- A minimum of 8 years of experience in cybersecurity, threat analysis, or intelligence operations
- Strong understanding of regulatory compliance (e.g. FCA/PRA rules)
- Strong understanding of threat actor behaviours, MITRE ATT&CK & D3FEND frameworks, and threat intelligence platforms
- Knowledge of Windows, Linux, Active Directory, and cloud environments (Azure, AWS)
- Strong knowledge of vulnerability scanning tools, threat analysis methodologies, and remediation processes
- Knowledge of AI‑specific attack vectors and experience with secure AI lifecycle practices
- Recognised industry qualification e.g. CISSP, CISMP, CCSP, CISM
- Experience with OSINT tools, and reporting for both technical and executive audiences is highly desirable
- Excellent analytical and problem‑solving skills
- Strong stakeholder management skills and the ability to work within cross‑functional teams and influence remediation priorities
- Proven experience in proactive threat hunting within SIEM platforms and enterprise environments, leveraging advanced analytics and detection methodologies to identify and mitigate potential security threats before they escalated
Our promise to you:
- Competitive salary, discretionary annual bonus, generous holiday allowance, attractive pension scheme, healthcare, life assurance and numerous colleague discounts
- Training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions)
