Senior Cyber Resilience Technical Specialist

Job Details

The Central Bank of Ireland serves the public interest by safeguarding monetary and financial stability and by working to ensure that the financial system operates in the best interests of consumers and the wider economy.

We currently have a vacancy for a Senior Cyber Resilience Technical (TLPT) Specialist on a contract of indefinite duration in the Governance, Operational Resilience and Risk Management (GORM) Division. This role is aligned with the Bank Professional 2 grade and the BP2 salary scale, between €89,052 and €112,260 applies.  Please click here for further information on our salary scales.

‍The purpose of the role is to work with the Cyber Resilience Centre management to enhance and implement the strategy and approach for cyber resilience and financial services sector engagement. The role requires the provision of advanced technical support to the existing Cyber Resilience Centre Team as they deliver on their work mandates.

The role holder will possess hands-on advanced red-teaming/pentesting skillsets and will provide technical expertise to support the Bank’s externally facing cyber resilience programmes. In particular, the role holder will act as a TLPT Test Manager for the threat-led penetration testing (TLPT) programme (TIBER-IE) as well as supporting other Cyber Resilience Centre initiatives such as the cyber threat intelligence (CTIOC) programme and the financial services sector cyber threat intelligence and information sharing initiatives (CIISI-IE).

‍Responsibilities:

• Work with the Cyber Resilience Centre management to enhance and implement the strategy for cyber risk and resilience, providing specific technical expertise to enhance the cyber resilience of the financial services sector as a whole and innovate for the future state.
• Take a lead role as TLPT Test Manager for TIBER-IE, ensuring all assessments take into account the relevant legislative requirements (e.g., DORA), guidelines (e.g. TIBER), and industry good practice, so the tests are threat-led and effective. Oversee TLPT engagements with senior management of relevant entities to ensure maximum value and learnings are obtained from the assessments for the tested entity.
• Facilitate sectoral engagement, awareness and education sessions and service provider meetings for the TLPT programmes.
• Ensure the tests are conducted to a high standard and creatively emulate relevant threat actors using their latest TTPs and innovative attack-paths.
• Provide thought leadership on the latest advanced digital operational resilience testing frameworks, practices, use of TTPs and attack vectors in scenarios and campaigns.
• Support the Cyber Resilience Centre in monitoring the evolving cyber threat landscape and evolving threat actor TTPs in order to inform high quality threat-led assessments.
• Manage and foster good working relationships with internal and external stakeholders to help deliver the Bank’s mandate.
• Represent Ireland on relevant domestic and EU fora as required, delivering strong influence for the Central Bank on such bodies and developing strong working relationships with peers in this risk area. Provide briefings to Central Bank representatives on national and international fora as and when required to ensure Central Bank interests are appropriately represented and relevant stakeholders are informed.
• Mature team capabilities and skillsets by providing effective cross-team training ensure all team members can achieve the required performance standards.

Requirements:

• A high level of relevant academic achievement e.g. a third-level honours degree in information systems, computer science or similar and a professional ethical hacking/red teaming/pen-testing qualification with accreditation from a relevant professional organisation.
• Detailed understanding of financial ecosystems including the practical operation of companies within financial services sectors, their evolving operating models and the cyber threat landscape they operate in.
• Hands-on experience in conducting red-teaming/pen-testing exercises.
• Up-to-date knowledge of the current cyber threat landscape, threat actors/activity groups and associated TTPs, latest vulnerabilities and hands-on experience with a variety of attack vectors. Ability to think creatively on ways to use attack vectors through the kill-chain and for Scenario X.
• Experience in conduct or management of digital operational resilience testing, including threat-led penetration tests (TLPT) and relevant frameworks, such as TIBER-EU/CBEST/iCASTs would be advantageous.
• Strong knowledge of and experience using the relevant frameworks such as MITRE ATT&CK and the Extended Cyber Kill Chain.
• Hands-on offensive experience in areas such as Web, Mobile(Android & IOS), Cloud, Kubernetes & Mainframe would be advantageous.
• Hands-on OSINT collection/analysis experience.
• Public recognitions like Responsible Disclosure/CVE would be advantageous.
• Robust analytical, problem solving, decision making, planning and organisational skills.
• Excellent verbal and written communication and experience presenting to large technical audiences.
• Proven capability in establishing relationships and liaising with regulated entities and domestic/international authorities and peers on cyber topics, including having an ability to foster trust and engage senior management and the c-suite level.
• Strong influencing, negotiation and leadership skills.
• Acting professionally, ethically and with integrity.

We know it's our people who make the Central Bank special and we are focused on creating a diverse, inclusive, fulfilling and progressive work environment. We encourage applications from candidates with different backgrounds, experiences and perspectives as it strengthens us, as individuals and as an organisation. We are committed to positively supporting candidates with disabilities. If we can make any reasonable accommodations for you in the recruitment process in order to give you the opportunity to perform to your best, please email our Disability Inclusion Partner, Rebecca Daly at Rebecca.daly@centralbank.ie or 01 224 6711. Any information that you provide will be used only for the purposes of providing relevant support and will have no bearing on how your application will be viewed.

‍We have recently implemented a hybrid working model to balance the flexibility working from home provides with the value our office environments bring to support collaboration and connection with colleagues. Our approach to hybrid working enables colleagues to work from home up to 50% of working days, building on an existing broad range of flexible working policies and practices already in place to support our people achieve the right balance.

‍Our policies also provide insight into our organisational culture, work environment and working arrangements. Here are some of the key policies (subject to ongoing review and amendment) which may be of interest as you consider a career with us.

‍The Central Bank pension scheme mirrors the rules of the civil service pension scheme. Therefore if you are in receipt of civil/public service pension, abatement may apply to your current pension. Details of the appropriate pension scheme will be provided upon determination of the appointee’s status.

Application Details: Closing Date: 18th March 2025

To apply, please complete the application form attached (via the “apply” link).

Before starting your application you will be asked to create a profile with us, this will allow you to track and review your application throughout the process. Click "register" to create a profile and complete the application process.

‍Once your application has been successfully submitted you will receive an automatic email from us acknowledging receipt. If you do not receive this auto-acknowledgement, please contact recruitment@centralbank.ie.

‍