Cybersecurity Analyst – UK & CE

BBVA is a global company with more than 160 years of history that operates in more than 25 countries where we serve more than 80 million customers. We are more than 121,000 professionals working in multidisciplinary teams with profiles as diverse as financiers, legal experts, data scientists, developers, engineers and designers.

The Cybersecurity UK & CE team is responsible for the implementation and continuous improvement of the CIB Corporate Security programme across the region, working closely with technology, risk, and business stakeholders to deliver practical and proportionate security outcomes. ​

About the job:

Key Responsibilities:

Security Operations & Incident Support:

• Support first-line security operations, including alert triage, initial analysis, and escalation in coordination with CERT CIB.

• Assist with incident response activities, evidence collection, and follow-up actions.

• Validate the operation of endpoint, infrastructure, and workplace security controls.

• Support monitoring, logging, and alerting assurance, identifying gaps for remediation.
   

Project Coordination & Security Change:

• Support regional delivery of global cybersecurity initiatives and tooling.

• Track actions, risks, dependencies, and delivery milestones across UK & CE.

• Produce clear status updates, metrics, and reporting.

• Coordinate with local IT teams, vendors, and Head Office security functions.
   

Compliance, Governance & Technology Exposure:

• Support the application of global security policies and control requirements.

• Assist with audit preparation, control validation, and documentation.

• Contribute to KPIs, KRIs, and regional reporting.

• Participate in security reviews of infrastructure and workplace technology changes, gaining exposure to architecture and risk assessment activities.
   

Security Awareness & Engagement:

• Support and promote the CyberWatch security champions programme across CE offices.

• Act as a coordination point for security-related queries from offices without local cybersecurity representation.

• Assist with targeted security awareness activities in collaboration with Corporate Security.

What are we looking for?

Experience & Knowledge:

• Approximately 2–3 years’ experience in cybersecurity, IT operations, IT risk, or a related technical role.
  Foundational understanding of security operations, incident handling, and control assurance.

• Familiarity with endpoint, infrastructure, and workplace security concepts.
  Basic awareness of regulatory and resilience topics (e.g. UK Operational Resilience, GDPR, DORA).

Professional Skills:

• Able to work independently on assigned activities with appropriate escalation.

• Strong organisational and coordination skills across distributed teams.

• Clear written and verbal communication skills.

• Comfortable working cross-functionally with IT, business, and security stakeholders.

• Curious, proactive, and motivated to develop across multiple cybersecurity domains.

Qualifications:

• Degree-level education or equivalent professional experience.

• Relevant certifications are advantageous but not required.

• English proficiency required; Spanish is a plus.

Please note that priority will be given to candidates who are elegible to work in the UK.

Skills: