Crown Agents Bank

Financial Services

CyberSecurityManager

London, United Kingdom FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for mid candidates.

The Brief

“Cyber Security Manager at Crown Agents Bank. Skills: Security in Change, Security Assurance, Vulnerability Management, Secure SDLC, Penetration Testing, Risk Assessment, Attack Surface Management. Own and maintain the Secure SDLC framework. Conduct security risk assessments”

Industry & Context.

Financial Services

Problems you'll solve

Conducting risk assessments; Providing formal security sign-off; Running the Bank’s security testing and vulnerability management programme; Managing attack surface visibility; Technical analysis of vulnerability and assessment data to produce actionable prioritisation recommendations, distinguishing between critical risk and noise

What They're Looking For.

Must Have

Demonstrable experience owning or managing a vulnerability management programme, including use of Tenable, Qualys, or equivalent scanning platforms., Experience commissioning, scoping, and managing penetration tests and tracking remediation to closure., understanding of Secure SDLC frameworks (OWASP SAMM, BSIMM, or equivalent) and practical application security knowledge (OWASP Top 10, secure coding, security requirements)., Experience conducting security risk assessments on projects, changes, or third-party integrations., Excellent communication skills — able to engage technical teams, project managers, and senior stakeholders with equal clarity.

Nice to Have

Experience in or with a PRA/FCA dual-regulated financial institution., Working knowledge of ISO 27001, SWIFT CSP, DORA, NYDFS Part 500, or Cyber Essentials., Familiarity with attack surface management tooling or methodology., Hands-on experience with Microsoft Defender for Endpoint, Sentinel, or equivalent security tooling., Innovative mindset with a genuine interest in the evolving threat landscape, including AI-driven threats and offensive tooling developments.

What You'll Do.

Own and maintain the Secure SDLC framework

Conduct security risk assessments

Provide architecture review and formal security sign-off

Define and maintain application security standards

Act as the embedded security adviser to project and engineering teams

Contribute to third-party and vendor risk assessments

Own the vulnerability management programme end-to-end

and manage penetration tests

Own attack surface management

Conduct technical analysis of vulnerability and assessment data

Work collaboratively with Production Services

and infrastructure teams to promote and track remediation

Maintain and continuously improve vulnerability management tooling

and NYDFS Part 500 compliance activities

Contribute to security incident response

Support security awareness activities

How You'll Work.

Team & Collaboration

Acting as the security voice in project delivery; Working collaboratively across the business to drive remediation; Engage technical teams, project managers, and senior stakeholders; Act as the embedded security adviser to project and engineering teams; Work collaboratively with Production Services, engineering, and infrastructure teams

Communication Scope

Clear and persuasive enough to land risk decisions with senior stakeholders; Able to engage technical teams, project managers, and senior stakeholders with equal clarity

Process & Methodology

Own security throughout the project and change lifecycle, Manage penetration tests, Track findings through to remediation closure, Manage attack surface visibility, Own the reporting and assurance of remediation progress

Full Job Description

Crown Agents Bank is a vastly growing and regulated UK bank that connects emerging and frontier markets to the rest of the world, using FX and payments technology. We are transforming the way payments and FX move through emerging markets, reducing friction so that more money gets to those who need it. Emerging markets payments are usually challenging, expensive, unreliable and opaque. Our solutions help fix these pain points. Ultimately, we connect traditionally hard-to-reach regions to global financial infrastructure, giving access to the best prices and the fastest, most reliable settlement. FX and cross-border payments are often complex and expensive, especially when operating in emerging markets. Crown Agents Bank (CAB) wraps its deep and trusted relationships and strength of network around innovative digital capabilities, and cross-border transaction banking solutions to enable fintech, corporates, governments, development organisations and banks to move money to, from, and across often hard-to-reach markets. Role Purpose This is a specialist dual-focus role at the intersection of secure delivery and security assurance. You will own two primary programmes of work for Crown Agents Bank: • Security in Change: Acting as the security voice in project delivery — conducting risk assessments, reviewing architecture, maintaining the Secure SDLC framework, and providing formal security sign-off on material changes. • Security Assurance: Running the Bank’s security testing and vulnerability management programme — commissioning and managing penetration tests, owning vulnerability reporting and trend analysis, managing attack surface visibility, and working collaboratively across the business to drive remediation. You will be technically credible enough to challenge architects and developers, and clear and persuasive enough to land risk decisions with senior stakeholders. As part of a small, high-trust CISO team, you will also flex across the wider service catalogue beyond

Free ATS check

Applying for this Cyber Security Manager role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 65 detected · ranked by frequency

Security in Change ×5

Security Assurance ×5

Vulnerability Management ×5

Security incident response ×4

Attack Surface Management ×3

Risk assessments ×3

Architecture review ×3

Secure SDLC framework maintenance ×3

Security sign-off ×3

Security testing ×3

Penetration test management ×3

Vulnerability reporting ×3

Trend analysis ×3

Attack surface visibility ×3

Remediation driving ×3

Technical analysis of vulnerability data ×3

Actionable prioritisation recommendations ×3

Reporting and assurance of remediation progress ×3

Continuous improvement of tooling and processes ×3

Evidence collection ×3

Control testing ×3

AI-driven threats ×3

Offensive tooling developments ×3

Secure SDLC ×2

Penetration Testing ×2

Risk Assessment ×2

Tenable ×2

Qualys ×2

Microsoft Defender for Endpoint ×2

Sentinel ×2

OWASP Top 10

OWASP SAMM

BEHAVIOURAL

Technically credibleClear and persuasiveHigh-trust team playerCollaborativeInnovative mindsetGenuine interest in evolving threat landscape

Role Details

Experience 5–10 yrs

Level mid

Work Mode Hybrid working arrangements

Type FULL TIME

Category Technology

AI-Extracted Insights

Domain Areas

financial-servicesemerging-and-frontier-marketsfx-and-payments-technologycross-border-transaction-bankingpra-fca-dual-regulated-financial-institutionswift-cspdoranydfs-part-500

Certifications

CISSPCISMOSCPCEHGPENGWAPT

How to Apply on SmartRecruiters

SmartRecruiters often includes a video screening step — check camera and mic permissions.
Link your GitHub or portfolio directly in the profile section for technical roles.
Applications may be reviewed by AI scoring before reaching a recruiter — use keywords from the job description.

ANONYMOUS · UNFILTERED

What do employees actually say about Crown Agents Bank?

Real rants from real employees. Read before you apply.

Read Company Rants →