A king's ransom-ware: Buckingham Palace is on the hunt for two cyber security pros to join the Royal Household

A photo of the Queen Victoria Memorial with Buckingham Palace in the background on a bright sunny day
(Image credit: Getty Images)

Two security jobs are up for grabs in possibly the poshest workplace in the UK - Buckingham Palace.

The Royal Household is advertising for a cyber security manager and an information security, privacy and records manager, working to reduce cyber risk and build resilience against cyber attacks.

Both jobs are based in the Privy Purse and Treasurer’s Office, and come with a good range of perks and benefits – including employee discounts at the royal shops.

"It’s developing your skills whilst pushing our systems forward," reads the cyber security manager ad. "And it's being a part of the professional business behind the Monarchy. This is what makes working for the Royal Household exceptional."

The job pays a relatively modest £75,000 for a 37.5-hour week, and involves heading up the royal household's cyber risk management strategy and cyber security framework delivery.

This means leading in-house teams working to reduce cyber risk and build resilience against cyber-attacks, as well as working with the enterprise architecture team to mature a secure by design culture.

Working with the National Cyber Security Centre (NCSC), the successful applicant will also work to upskill the wider digital services team and keep all employees on their toes in terms of security best practice.

The royal household is looking for a strong track record, with "significant experience in a cyber security role, with an understanding of information security frameworks and a proven ability to lead a cyber function and execute an enterprise-level security strategy, preferably within UK HMG."

Candidates will also need to be "able to review complex information systems and web applications, identify risks and recommend appropriate, pragmatic (and cost effective) solutions to mitigate those risks, as well as provide clear and concise advice to senior management".

Meanwhile, the information security, privacy and records manager will pull a slightly smaller salary – £70,000. They'll be responsible for developing and enhancing strategy, policies, and practices for data protection, records management and information security.


An eBook from SecurityScorecard on how to measure your business' cyber resilience

(Image credit: SecurityScorecard)

Enhance your financial services firm's cyber resilience


"With a relevant qualification in Information Security and Data/Records Management you’ll also have experience of managing a complex and varied portfolio of digital and physical records," reads the ad.

"Experience of team leadership, strategy development, risk and business analysis, and a deep understanding of relevant technical best practice. Knowledge of ISO 27001 would be an advantage."

The Royal Household is, of course, a rather high profile target, and any breaches could be dangerous as well as embarrassing.

Last October, the Royal Family website went down for an hour and a half, thanks to a denial of service (DoS) attack. No systems were compromised, nor any data breached, said the palace. The pro-Russian hacktivist group KillNet took responsibility for the attack on its Telegram channel.

Emma Woollacott

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.