Threat-led Penetration Test Expert

**General Information**

**Who can apply?** EU nationals

**Salary** F/G (bracket 1 - step 1) full time monthly net salary: €5,743 plus benefits, for further information see what we offer.

**Working time** Full time

**Place of work** Frankfurt am Main, Germany

**Closing date** 15.10.2025

**Your team**
- The ECB supervises significant banks in Europe as part of the Single Supervisory Mechanism (SSM), which comprises the ECB and the 21 national supervisory authorities of the participating countries.
- You will join a new Threat-Led Penetration Testing (TLPT) team in the ECB’s IT, Operational Risk and Resilience Section which is part of the Directorate General On-Site and Internal Model Inspections, that consists of approximately 300 staff dedicated to the SSM’s on-site banking supervision.

The Directorate General carries out on-site inspections and internal model investigations, partly on the premises of the supervised banks. It also coordinates the planning and execution of the on-site supervisory programme. It develops and maintains comprehensive methodologies for on-site inspections and internal model investigations, ensures harmonised on-site approaches for the SSM and contributes to identifying risks and supervisory priorities.

The ECB has recently been given responsibility for TLPT under the EU’s Digital Operational Resilience Act (DORA). In your role as a TLPT expert, you will be part of a team of ten TLPT experts managing advanced cyber tests conducted by banks using the TLPT model. This will involve working closely with teams from national supervisory authorities/central banks. You will be responsible for planning and overseeing tests and contributing to other TLPT-related activities such as coordination and follow-up.

First-line banking supervision under the SSM is composed of three main complementary and coordinated activities organised under several directorates general at the ECB: (i) the vertical line (the joint supervisory teams carrying out off-site supervision on portfolios of banks), (ii) the horizontal line providing transversal assessments and benchmarks across the banking sector and (iii) the on-site inspections and internal model investigations, providing in-depth and focused assessments of specific risks or issues at individual banks.

**Your role**

As a TLPT test manager, you will:

- take an active part in overseeing tests, working in close contact with the supervised financial institutions, the red team and all other stakeholders;
- contribute to the various stages of the TLPT process, such as identifying institutions to be tested, planning tests, liaising with the TLPT cyber teams, assisting with attestations and providing guidance to the Joint Supervisory Teams for specific tests;
- contribute to the SSM TLPT community and overall TIBER community;
- help to ensure banks conduct TLPT as safely as possible while increasing their resilience to cyberattacks.

The position of TLPT expert offers you excellent opportunities to work as part of a results-focused team in an exciting and demanding environment. Your role will involve constructively challenging senior management of banks on complex issues, engaging with others in a collaborative and effective manner, and anticipating stakeholders’ needs in the increasingly important area of cyber/IT risk. The organisational combination of TLPT testing and on-site inspections also offers opportunities in the future to join IT risk inspections to see the other side of IT infrastructure at banks. You will be part of a multicultural team that strives for continuous innovation to make a positive impact on the lives of European citizens.

**Qualifications, experience and skills**

Essential:

- a master’s degree or equivalent, preferably in computer science or natural sciences (see How you can join us for details on degree equivalences);
- in addition to the above, at least three years of relevant professional experience and, as a result, an excellent knowledge of IT security testing;
- good knowledge of the organisation and structure of banks, financial sector processes and service providers in the sector;
- experience in project management, especially in IT;
- a high level of commitment and flexibility, as well as the ability to work efficiently and effectively under pressure;
- an ability to familiarise yourself quickly with new topics and a willingness to continue learning;
- very good IT user skills (MS Office);
- an advanced (C1) command of English and an intermediate (B1) command of at least one other official language of the EU, according to the Common European Framework of Reference for Languages.

Desired:

- experience of penetration testing, red teaming or threat intelligence;
- knowledge of regulatory frameworks and standards regarding the control and management of operational risks, such as DORA, TIBER-EU and the NIS2 Directive;
- professional qualifications such as CISSP, CISM or CRISC.

You engage collaboratively with others.