Cyber Security Specialist

The Vacancy

We have a new permanent opportunity for a Cyber Security Specialist to join the Information & Cyber Security Team, reporting into the Information Security Manager. The successful role holder will act as the security Subject Matter Expert (SME) on various projects, working independently with the support of the wider team. Your primary focus will be on providing expert advice and guidance on security solutions. This is an exciting opportunity to work in a small team with a wide remit, heavily based in the cloud (Azure), with a smaller on-premise footprint.

• Provide expert security advice and guidance on various projects.
• Act as the security SME, ensuring that security considerations are integrated into project plans and deliverables.
• Collaborate with project teams to identify and mitigate security risks.

• Conduct security assessments and reviews of systems, applications and processes.
• Identify vulnerabilities and recommend appropriate security measures.
• Ensure compliance with security policies, standards, and regulations.

• Promote security awareness within the organisation.
• Develop and deliver security training and awareness programmes.
• Stay up-to-date with the latest security trends, threats, and technologies.

• Advise on securing cloud-based solutions, with a focus on Azure security tooling (e.g. configuring Azure Policy).
• Provide guidance on best practices for cloud security architecture and design.
• Assist in the development and implementation of cloud security policies and procedures.

We have identified the following skills, knowledge, and experience as essential for success in this role however we understand that everyone's learning journey is different and there is no one size fits all. If you feel you have many of the below strengths but don’t tick all the boxes, we'd still love to hear from you.

• Strong understanding of information and cyber security principles and practices.
• Experience with security assessment and risk management methodologies.
• Proficiency in cloud security, particularly with Azure security tools and services.
• Knowledge of security standards and frameworks (e.g., ISO 27001, NIST, CIS).
• Familiarity with security technologies such as firewalls, web proxies/remote access solutions.
• Experience with ZTNA, CTI, threat modelling is beneficial.

• Excellent communication and interpersonal skills.
• Ability to work effectively in a team-oriented environment.
• Strong problem-solving and analytical skills.
• Ability to align security outcomes with business objectives.
• Proactive and self-motivated with a keen attention to detail.

• Bachelor's degree in Information Security, Computer Science or a related field, or relevant industry experience.
• Relevant security certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• Proven experience in an information security role, preferably in a cloud-based environment.

At FSCS we are purpose driven and committed to delivering an exceptional service and results for our customers.

We have invested greatly in a flexible people offering that we're proud of, that our employees love and that supports and promotes diversity, inclusion, and overall wellbeing. Key benefits include:

• Employer pension contributions from 9% - 15% dependant on your contributions and length of service
• Life assurance, income and critical illness protection
• Private medical and dental insurance
• EAP and Virtual GP
• 26 days annual leave + bank holidays and the option to sell 5 or buy up to 9 additional days per annum to suit your lifestyle
• Enhanced Maternity, Paternity and Adoption leave - 6 months full pay
• Additional discounts and options to earn rewards to spend at your choice of retailer

For the past 21 years, FSCS has been getting customers of failed authorised financial services firms back on track.

Our strength is in our numbers. Since 2001, we have helped 6.5m customers and paid back £26bn in compensation. Over the years we have continually strived to be better, faster, and more empathetic to our customers' needs in an ever more complex financial world. FSCS is an organisation that makes a difference, and in which our people truly make a difference.

We have grown from modest beginnings in 2001 to helping customers during historic events such as the 2008 banking crisis and supporting vulnerable customers during the pandemic. As a result of this success, FSCS has become increasingly respected, insightful, and influential in the regulatory eco-system. It is an exciting time in our journey as we now have an opportunity to play a bigger role in breaking the cycle of rising consumer harm and costs; by being part of a system that is about prevention rather than cure.

Prepare

What we are aiming for

We shall respond to large and complex firm failures, whilst maintaining our seven-day pay-out for savers in banks, building societies and credit unions. We will actively contribute to increasingly effective resolution when firms fail.

Why this matters

FSCS needs to contribute to public confidence and financial stability by being ready to respond when called upon across the full range of protected products.

Our approach

• Maintain well-tested contingency plans, backed by necessary capabilities and robust customer information.
• Collaborate with industry to improve the customer information we rely on for payouts.
• Improve our ability to respond quickly to investment and insurance failures.
• Work with industry and regulators to improve resolution arrangements.

Protect

What we are aiming for

FSCS is known and trusted for protection that puts people back on track through outstanding customer experience.

Why this matters

Customer expectations are rising. The service our customers receive must meet their expectations in terms of speed, accessibility and ease of use, in order to maintain consumer trust and confidence.

Our approach

• Exploit digital technology to create the service our customers expect, at lower cost to our levy payers.
• Improve the speed of our service by eliminating time and process inefficiencies, particularly with third parties.
• Exploit our new strategic partnership - by drawing on our partner's expertise, scale and experience.
• Provide continuity of cover for policyholders in failed insurance companies.

Promote

What we are aiming for

We shall raise awareness of FSCS protection across all of the products and services we protect, particularly retirement savings products.

Why this matters

Awareness of, and trust in, FSCS protection maintains confidence in a crisis. Awareness also helps to inform people's choices by increasing their confidence in buying protected services and understanding the risks of unprotected products.

Our approach

• Partner with the industry to raise awareness of FSCS protection across all protected products and services, focusing on retirement savings initially.
• Engage with consumers and provide information to help people understand protection and make informed decisions.
• Encourage customers of failed firms to come directly to FSCS with their claim.
• Work with our stakeholders to provide joined-up and easy to access information about FSCS protection.

Prevent

What we are aiming for

We shall collaborate with the regulators and industry to prevent future failure and to reduce future compensation costs.

Why this matters

FSCS compensation costs are rising fast - we project that compensation may rise from £405 million in 2017/18, mainly driven by escalating pensions claims. These costs put pressure on firms\' finances and are passed on to consumers.

Our approach

• Commit to joint action with the regulators and industry to identify and address the root causes of mis-selling and other conduct issues which drive failure and compensation costs.
• Ensure consumers are alerted more quickly to vulnerabilities and risks as they emerge.
• Work with our partners to improve co-ordination across government, industry and regulators, ensuring insights and intelligence are generated and acted on.
• Feed back lessons learnt as a creditor and from recoveries activity, including working with the insolvency and insurance markets.
• Develop FSCS' own capability to provide actionable intelligence.