Cyber Assurance Specialist

Cyber Assurance Specialist

Division – Cyber and Information Resilience

Salary – National (Edinburgh and Leeds) ranging from £52,400 to £80,600 and London £57,700 to £88,600 per annum (Salary offered will be based on skills and experience)

About the FCA

The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA.

The Cyber and Information Resilience division was established in response to the growing threat of cyber security risks and the FCAs increasing reliance on data to effectively regulate the financial sector and ensure markets function well. This team integrates the key disciplines of cyber and information security, information management, and data privacy, providing a cohesive approach to safeguarding information and supporting regulatory objectives.

The team is primarily focused on the following key objectives:

• Assuring services to ensure our systems, infrastructure, suppliers, and business processes are compliant with our policies and the FCA’s risk appetite

• Validating that operational decisions are made in accordance with our security policies and standards, and do not increase the FCA’s overall risk exposure

• Analysing compliance with the fundamental processes and plans required to manage risk and safeguard our most important assets

• Determining that appropriate governance measures and controls are in place to ensure identified cyber risks and vulnerabilities are properly prioritised

What will you be doing?

• Conduct cyber security assessments and evaluate the effectiveness of the FCA’s defence strategies, incident response plans, and control measures

• Analyse existing cyber security policies, procedures, and frameworks to ensure compliance with applicable regulations, best practices, and industry standards

• Scope and manage penetration testing engagements, identifying vulnerabilities, threats, and risk exposures that could impact FCA data security and operational stability

• Collaborate with Internal Audit, Risk, Policy, Governance, and Compliance teams to establish effective guidelines, ensure compliance, and promote best practices to strengthen the FCA’s cyber security posture

What will you get from the role?

• Working at theFCAoffers the opportunity to specialise in the unique cyber security challenges faced by the financial services industry

• As acyber assurance professional, you will develop a comprehensive understanding of cybersecurity principles and practices, applicable across various environments and emerging security technologies

• The FCA provides valuablenetworking opportunitieswith professionals across the financial services sector, as well as with world-leading cyber security vendors

• You’ll have the chance to collaborate with industry leaders, attend conferences, and participate in working groups and forums – contributing to your professional development and expanding your network

• Career progressionis a key focus at the FCA, with opportunities to advance into more senior roles as you grow and develop in your career

• Overall, a role in cyber assurance at the FCA offers a unique blend ofindustry-specific expertise,regulatory insight, andprofessional growth opportunities –making it a strong foundation for a successful cyber security career

Which skills are required?

We are a Disability Confident Employer; therefore, disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. (To learn more about the Disability Confident Scheme Click Here )

Minimum

• Minimum qualification ofCompTIA Security+or(ISC)² SSCP

• Previous experience working withAzureorAWSin a professional setting

• Proven experience in developing and implementingsecurity policies, processes, and guidelinesto protect information systems, networks, and data

Essential

• Solid understanding ofcybersecurity frameworks and regulations(e.g., NIST Cybersecurity Framework, ISO27001, PCI-DSS, CIS, etc.)

• Proficient in conductingcybersecurity risk assessments, vulnerability assessments, scoping and managing end-to-endpenetration testing engagementswith key stakeholders, performing post-incident analysis, and interpreting penetration testing reports

• Strong knowledge ofnetwork and system architecture, cybersecurity technologies, and best practices for securing sensitive financial data

• Excellentanalytical skills, with the ability to identify vulnerabilities, analyse complex threats, and recommend effective mitigation strategies

• Demonstrable experience in preparingconcise cyber reports, delivering impactful presentations, and producing well-structuredsecurity procedures and standards

• Stronginfluencing and communication skills, with the ability to collaborate effectively with internal and external stakeholders and build strong working relationships

Our Values & Diversity

We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation.

Within the workplace you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions.

Did you know? 50% of our Executive Committee were the first in their family to attend university.

Benefits of working at the FCA

• 25 days holiday per year plus bank holidays (amend based on grade)

• Hybrid working (work from home up to 60% of your time)

• Private healthcare with Bupa

• A non-contributory Pension of at least 8%

• Life assurance

• Income protection

We also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle.

We welcome applications from candidates who are looking for flexible arrangements. Many of our staff work flexibly including working part-time, staggered hours, and job shares. We can’t promise to give you exactly what you want but we can explore what might work best for both sides.

Follow this link to see what life is like at the FCA - Life at the FCA

Application Support

We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible.

If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below and they will be happy to discuss this further with you.

Useful Information and Timeline

This role is graded as Senior Associate – Regulatory

Security Clearance (SC) is required for this role – SC Guidance

The successful candidate will hold or will be required to obtain SC level vetting

• Advert Closing Date: 25th May

• CV Review/Shortlist: 19th & 27th May

• First Round Screening Interviews: 23rd May & 2nd June

• Competency Based Interview: 29th-30th May & 6th-9th June

Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.

Got a question?

If you are interested in learning more about the role, please contact:

Steve.Christopher@fca.org.uk

Applications must be submitted through our online portal. Applications sent via email will not be accepted.