Metro Bank Plc in Greater London is seeking an Information Security professional to provide oversight services for various initiatives. The role involves ensuring compliance with security standards and managing risks effectively within diverse projects. The ideal candidate will possess experience with secure design methodologies, strong communication skills, and a solid understanding of the regulatory landscape in financial institutions. This position also offers competitive benefits and opportunities for career progression.
06/06/2026
Full time
Metro Bank Plc in Greater London is seeking an Information Security professional to provide oversight services for various initiatives. The role involves ensuring compliance with security standards and managing risks effectively within diverse projects. The ideal candidate will possess experience with secure design methodologies, strong communication skills, and a solid understanding of the regulatory landscape in financial institutions. This position also offers competitive benefits and opportunities for career progression.
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. What you will do: Provide an Information Security support and oversight service to change initiatives (from Small Change to enterprise level Programmes), to ensure that Information Security risk is managed in accordance with the Bank's Risk Management and Information Security policy frameworks, to inform and direct both tactical and strategic decision making. Work with various first line of defence teams to ensure alignment of technology controls to relevant information security standards. Support and challenge Information Security control design across IT and the wider business to be as efficient and effective as possible given the dynamic nature of risk and threat within the banking industry. Ensure transparency in Information Security decisions made across all programmes and projects that you are supporting. Support a varied and demanding programme of bank-wide change working with project teams to advise and guide on information security best practice. You will help ensure that final outputs comply with external best practice, regulation and internal governance, whilst balancing the specific delivery needs and challenges of the project. Identify security testing requirements, collaborate with appropriate stakeholders to scope these tests and to ensure that the business risk associated with any issues identified is incorporated into project risk management and treated in accordance with the Bank's risk management policies and processes. And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need: Specific experience in secure design, build and control methodologies aligned to relevant security standards, e.g. ISO27001, PCI DSS, NIST. Understand the regulatory landscape facing financial institutions. Demonstrable experience of Agile, DevSecOps, Cloud, containerization, microservices and similar technologies is desirable. Detailed technical knowledge of Application Security and Network Security is beneficial but not essential for the role. Good understanding of information security within the project management lifecycle, alongside a solid working knowledge of enterprise technology. Strong risk management background and experience in conducting security risk assessments on projects and developing security controls. Ability to distil complex conversations into information that can be consumed by a non-technical audience from which to make decisions is a core requirement of the role. Prior experience working in an environment that requires applying an adaptable approach across varied stakeholders is essential. Ability to critically assess regulatory risks applicable to systems and projects within the financial industry against the wider business and information security risks. Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders. Benefits: Competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts. Training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions).
06/06/2026
Full time
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. What you will do: Provide an Information Security support and oversight service to change initiatives (from Small Change to enterprise level Programmes), to ensure that Information Security risk is managed in accordance with the Bank's Risk Management and Information Security policy frameworks, to inform and direct both tactical and strategic decision making. Work with various first line of defence teams to ensure alignment of technology controls to relevant information security standards. Support and challenge Information Security control design across IT and the wider business to be as efficient and effective as possible given the dynamic nature of risk and threat within the banking industry. Ensure transparency in Information Security decisions made across all programmes and projects that you are supporting. Support a varied and demanding programme of bank-wide change working with project teams to advise and guide on information security best practice. You will help ensure that final outputs comply with external best practice, regulation and internal governance, whilst balancing the specific delivery needs and challenges of the project. Identify security testing requirements, collaborate with appropriate stakeholders to scope these tests and to ensure that the business risk associated with any issues identified is incorporated into project risk management and treated in accordance with the Bank's risk management policies and processes. And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need: Specific experience in secure design, build and control methodologies aligned to relevant security standards, e.g. ISO27001, PCI DSS, NIST. Understand the regulatory landscape facing financial institutions. Demonstrable experience of Agile, DevSecOps, Cloud, containerization, microservices and similar technologies is desirable. Detailed technical knowledge of Application Security and Network Security is beneficial but not essential for the role. Good understanding of information security within the project management lifecycle, alongside a solid working knowledge of enterprise technology. Strong risk management background and experience in conducting security risk assessments on projects and developing security controls. Ability to distil complex conversations into information that can be consumed by a non-technical audience from which to make decisions is a core requirement of the role. Prior experience working in an environment that requires applying an adaptable approach across varied stakeholders is essential. Ability to critically assess regulatory risks applicable to systems and projects within the financial industry against the wider business and information security risks. Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders. Benefits: Competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts. Training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions).
Metro Bank Plc seeks an IT Security professional in Greater London. This role involves monitoring vulnerabilities, managing Microsoft applications, and mentoring colleagues in IT Operations. The ideal candidate will have hands-on experience in IT security with a strong understanding of Microsoft technologies and vulnerability management. At Metro Bank, we prioritize balance, offering a hybrid work model as well as competitive salary and benefits. We encourage diverse candidates to apply.
04/06/2026
Full time
Metro Bank Plc seeks an IT Security professional in Greater London. This role involves monitoring vulnerabilities, managing Microsoft applications, and mentoring colleagues in IT Operations. The ideal candidate will have hands-on experience in IT security with a strong understanding of Microsoft technologies and vulnerability management. At Metro Bank, we prioritize balance, offering a hybrid work model as well as competitive salary and benefits. We encourage diverse candidates to apply.
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. This role requires to be office based (Holborn) once per week. What you will do: Monitor, analyse and remediate vulnerabilities in Microsoft platforms, applications and services Work closely with stakeholders to ensure effective patching, vulnerability remediation and threat mitigation Support audits, security assessments, and penetration testing remediation Provide knowledge transfer and mentoring to colleagues across IT Operations Manage and maintain the Microsoft and Windows based Applications on a day to day basis Fault finding and diagnosis of issues within Microsoft/Windows Applications Provide out of hours support for security remediation work and maintenances Ensure the Microsoft platform can support the Bank's growth Implement the best practices for security and operational management Review and challenge design documentation to improve efficiencies within the Bank Find innovative ways to automate and improve current processes Document procedures and ensure current procedures are up to date Build a better experience for colleagues and customers alike And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need: In depth experience in a hands on IT Security or IT Operations role (ideally in a financial services environment) with strong knowledge on Microsoft and different cloud technologies and platforms such as Azure, O365 Deep understanding of Microsoft vulnerability management and patching cycles Experience with registry hardening, system configuration, and security baselines Strong troubleshooting skills, especially with escalated 3rd level issues Familiarity with threat detection, incident response, and SIEM tools Advanced knowledge and significant experience on Microsoft Operating Systems (Windows Server 2012 R2/2016/2019/2022 & Client) Advanced knowledge and significant experience on the following Microsoft Technologies Active Directory & Group Policy Management PKI (Certificate Authority, NDES/SCEP, Certificate lifecycle management) Entra ID, Conditional Access, MFA and identity security Microsoft SQL 2012/2016 Linux knowledge would be beneficial Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders Our promise to you We will make sure that you are well rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts. We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!). Diverse teams really are the best teams. We know that candidates (especially women, research tells us) may be put off applying for a job unless they can tick every box. We also know that 'normal' office hours aren't always doable, and while we can't accommodate every flexible working request we are happy to be asked. So if you are excited about working with us and think you can do much of what we are looking for but aren't sure if you are 100% there yet why not give it a whirl? Please note that sometimes we may close a job earlier for applications if we are inundated with amazing candidates. Good luck!
04/06/2026
Full time
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. This role requires to be office based (Holborn) once per week. What you will do: Monitor, analyse and remediate vulnerabilities in Microsoft platforms, applications and services Work closely with stakeholders to ensure effective patching, vulnerability remediation and threat mitigation Support audits, security assessments, and penetration testing remediation Provide knowledge transfer and mentoring to colleagues across IT Operations Manage and maintain the Microsoft and Windows based Applications on a day to day basis Fault finding and diagnosis of issues within Microsoft/Windows Applications Provide out of hours support for security remediation work and maintenances Ensure the Microsoft platform can support the Bank's growth Implement the best practices for security and operational management Review and challenge design documentation to improve efficiencies within the Bank Find innovative ways to automate and improve current processes Document procedures and ensure current procedures are up to date Build a better experience for colleagues and customers alike And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need: In depth experience in a hands on IT Security or IT Operations role (ideally in a financial services environment) with strong knowledge on Microsoft and different cloud technologies and platforms such as Azure, O365 Deep understanding of Microsoft vulnerability management and patching cycles Experience with registry hardening, system configuration, and security baselines Strong troubleshooting skills, especially with escalated 3rd level issues Familiarity with threat detection, incident response, and SIEM tools Advanced knowledge and significant experience on Microsoft Operating Systems (Windows Server 2012 R2/2016/2019/2022 & Client) Advanced knowledge and significant experience on the following Microsoft Technologies Active Directory & Group Policy Management PKI (Certificate Authority, NDES/SCEP, Certificate lifecycle management) Entra ID, Conditional Access, MFA and identity security Microsoft SQL 2012/2016 Linux knowledge would be beneficial Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders Our promise to you We will make sure that you are well rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts. We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!). Diverse teams really are the best teams. We know that candidates (especially women, research tells us) may be put off applying for a job unless they can tick every box. We also know that 'normal' office hours aren't always doable, and while we can't accommodate every flexible working request we are happy to be asked. So if you are excited about working with us and think you can do much of what we are looking for but aren't sure if you are 100% there yet why not give it a whirl? Please note that sometimes we may close a job earlier for applications if we are inundated with amazing candidates. Good luck!
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. Please note that this role will be covering the Northern Region. What you will do Deal with daily queries from intermediaries on new and existing cases Develop, maximise and nurture intermediary relationships within a specific post coded area Work collaboratively with a Telephony BDM to ensure all SLAs are delivered to your intermediary contacts, via an effective and well thought through contact strategy Attend, plan and deliver intermediary events alongside roundtable and platform presentations. Maintain a strong knowledge and awareness of Metro Bank mortgage products, lending policy and services, alongside that of the wider UK mortgage market Plan and organise intermediary panel and diary management, whilst providing amazing service to our customer base. And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need Business to Business Sales experience preferably within the Intermediary Mortgage Market, either as a BDM or Telephone BDM. Excellent mortgage product and policy insight. Up to date knowledge of compliance and mortgage regulation. Relationship and account management skills. High standards of personal performance in day to day execution of tasks. Proven advanced communication skills across a range of stakeholders. Previous experience of managing a defined panel of Intermediaries within the financial services sector, demonstrating a track record of success. CeMAP Qualification desirable
01/06/2026
Full time
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. Please note that this role will be covering the Northern Region. What you will do Deal with daily queries from intermediaries on new and existing cases Develop, maximise and nurture intermediary relationships within a specific post coded area Work collaboratively with a Telephony BDM to ensure all SLAs are delivered to your intermediary contacts, via an effective and well thought through contact strategy Attend, plan and deliver intermediary events alongside roundtable and platform presentations. Maintain a strong knowledge and awareness of Metro Bank mortgage products, lending policy and services, alongside that of the wider UK mortgage market Plan and organise intermediary panel and diary management, whilst providing amazing service to our customer base. And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need Business to Business Sales experience preferably within the Intermediary Mortgage Market, either as a BDM or Telephone BDM. Excellent mortgage product and policy insight. Up to date knowledge of compliance and mortgage regulation. Relationship and account management skills. High standards of personal performance in day to day execution of tasks. Proven advanced communication skills across a range of stakeholders. Previous experience of managing a defined panel of Intermediaries within the financial services sector, demonstrating a track record of success. CeMAP Qualification desirable
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. What you will do Lead Risk input into the Cyber Risk Improvement Programme, providing updates to SteerCo, Board, and regulators. Offer informed perspectives on risk reduction strategy and oversee third-party co-source arrangements. While the 1LOD programme will drive delivery, take ownership of building and enhancing the 2LOD cyber risk oversight capability, including leveraging external partners. Provide ongoing oversight and assurance of the Information Security (Infosec) and Cyber risk and control environment. Deliver independent review and challenge across Infosec improvement programmes, including validation of risk position, prioritisation, target operating model, service design, and overall feasibility. Ensure identified control gaps are effectively addressed within solution design, and assess the maturity, sustainability, and practicality of proposed controls. Act as the key liaison between third-party assurance providers and internal stakeholders at Metro Bank. Conduct robust review and challenge of policies, standards, metrics, risks, and controls to ensure effectiveness and alignment with regulatory expectations. Ensure testing and assurance activities are completed to high standards and provide reliable outcomes. Support senior risk reporting by contributing clear, accurate updates on the Bank's Infosec and Cyber risk posture to executive committees. Review and challenge the 1LOD approach to identifying and managing emerging risks. Provide input and challenge on regulatory updates and notifications to ensure appropriate response and compliance. Influence and challenge the design of Information Security controls across IT and the wider business to ensure they are efficient, effective, and aligned with the evolving threat landscape. Promote transparency and accountability in Information Security decisions across all supported programmes and projects. Build and maintain strong relationships with senior stakeholders across Information & Cyber Security, Audit, and Risk functions. Any other duties as required that reasonably fall within the job. And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need Extensive experience (7+ years) in Information Security, Cyber, Technology Risk, or 2nd Line Risk, operating at Manager, Lead, or Head level. Demonstrated experience within a regulated UK financial services environment, with strong understanding of regulatory expectations and industry standards. Proven track record of designing, implementing, or enhancing risk management and resilience frameworks. Confident presenting to senior stakeholders, including Executive Committees and Board Risk Committees, with the ability to influence decision-making. Relevant professional certifications are desirable (e.g. CISSP, CISM, CISA, CRISC, ISO 27001), reflecting expertise across both Information Security and Risk disciplines. Strong experience in risk assessment methodologies, including RCSAs, control testing, and scenario analysis. Practical knowledge of secure design, build, and control frameworks aligned to recognised standards such as ISO 27001, PCI DSS, and NIST. Solid understanding of the regulatory landscape impacting financial institutions and the ability to interpret and apply regulatory requirements effectively. Good understanding of Information Security within the project lifecycle, combined with strong working knowledge of enterprise technology environments. Demonstrated experience in conducting security risk assessments for projects and designing effective, proportionate security controls. Strong communication skills, with the ability to translate complex technical and risk concepts into clear, actionable insights for non-technical stakeholders. Ability to critically assess regulatory and cyber risks across systems and projects, considering the broader business and Information Security context. Clear understanding of operational and enterprise risk, with accountability for managing the impact of risk decisions on the organisation and its stakeholders. Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders. Our promise to you We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts! We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).
25/05/2026
Full time
At Metro Bank, we believe the best banking experience starts with people who genuinely care. We're not just delivering banking services - we're building trust through authentic connections. Here, our people come first; our colleagues are part of a team that values individuality, collaboration, and long-standing relationships. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible. What you will do Lead Risk input into the Cyber Risk Improvement Programme, providing updates to SteerCo, Board, and regulators. Offer informed perspectives on risk reduction strategy and oversee third-party co-source arrangements. While the 1LOD programme will drive delivery, take ownership of building and enhancing the 2LOD cyber risk oversight capability, including leveraging external partners. Provide ongoing oversight and assurance of the Information Security (Infosec) and Cyber risk and control environment. Deliver independent review and challenge across Infosec improvement programmes, including validation of risk position, prioritisation, target operating model, service design, and overall feasibility. Ensure identified control gaps are effectively addressed within solution design, and assess the maturity, sustainability, and practicality of proposed controls. Act as the key liaison between third-party assurance providers and internal stakeholders at Metro Bank. Conduct robust review and challenge of policies, standards, metrics, risks, and controls to ensure effectiveness and alignment with regulatory expectations. Ensure testing and assurance activities are completed to high standards and provide reliable outcomes. Support senior risk reporting by contributing clear, accurate updates on the Bank's Infosec and Cyber risk posture to executive committees. Review and challenge the 1LOD approach to identifying and managing emerging risks. Provide input and challenge on regulatory updates and notifications to ensure appropriate response and compliance. Influence and challenge the design of Information Security controls across IT and the wider business to ensure they are efficient, effective, and aligned with the evolving threat landscape. Promote transparency and accountability in Information Security decisions across all supported programmes and projects. Build and maintain strong relationships with senior stakeholders across Information & Cyber Security, Audit, and Risk functions. Any other duties as required that reasonably fall within the job. And we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the ability to call out any concerns. What you will need Extensive experience (7+ years) in Information Security, Cyber, Technology Risk, or 2nd Line Risk, operating at Manager, Lead, or Head level. Demonstrated experience within a regulated UK financial services environment, with strong understanding of regulatory expectations and industry standards. Proven track record of designing, implementing, or enhancing risk management and resilience frameworks. Confident presenting to senior stakeholders, including Executive Committees and Board Risk Committees, with the ability to influence decision-making. Relevant professional certifications are desirable (e.g. CISSP, CISM, CISA, CRISC, ISO 27001), reflecting expertise across both Information Security and Risk disciplines. Strong experience in risk assessment methodologies, including RCSAs, control testing, and scenario analysis. Practical knowledge of secure design, build, and control frameworks aligned to recognised standards such as ISO 27001, PCI DSS, and NIST. Solid understanding of the regulatory landscape impacting financial institutions and the ability to interpret and apply regulatory requirements effectively. Good understanding of Information Security within the project lifecycle, combined with strong working knowledge of enterprise technology environments. Demonstrated experience in conducting security risk assessments for projects and designing effective, proportionate security controls. Strong communication skills, with the ability to translate complex technical and risk concepts into clear, actionable insights for non-technical stakeholders. Ability to critically assess regulatory and cyber risks across systems and projects, considering the broader business and Information Security context. Clear understanding of operational and enterprise risk, with accountability for managing the impact of risk decisions on the organisation and its stakeholders. Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders. Our promise to you We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts! We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).
