Lead Software Security Engineer @ Financial Conduct Authority

The FCA enables a fair and thriving financial services market, for the good of consumers and the economy.

View all jobs at Financial Conduct Authority

Division – Data, Technology & Innovation

Department - Digital Systems

Salary - National (Edinburgh and Leeds) ranging from £59,100 to £82,500 and London from £64,900 to £90,000 per annum (salary offered will be based on skills and experience)

About the FCA

The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA .

What will you be doing?

The Lead Security Engineer role is responsible for technical oversight of secure product development, security testing and security operations. You will work closely with FCA product owners, architects, service managers, and third-party suppliers who provide the development resources to the FCA to:

Embed secure engineering practices in development workflows, ensuring compliance with Secure by Design principles

Conduct structured and ad hoc security reviews of code, infrastructure and CI/CD pipelines

Define and document secure development lifecycle (SDLC) processes aligned with product needs

Lead security education initiatives for development teams and product stakeholders

Establish and enforce security requirements for new features, APIs and system enhancements

Assess and improve security maturity, advocating risk-based methodologies, tooling and automation

What will you get from the role?

Opportunity to grow in a technology-focused career with meaningful skill development

Supportive and collaborative team culture, fostering strong internal and cross-team connections

Purpose-driven environment, united by a shared commitment to public service and impact

Emphasis on work-life balance, prioritising smart working over excessive hours

Empowering workplace that values autonomy, trust and effective decision-making

Genuine commitment to diversity, inclusion and leadership with strong interpersonal skills

Which skills are required?

We are a Disability Confident Employer; therefore, disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. (To learn more about the Disability Confident Scheme Click Here )

Minimum

Experience in commercial software development, secure coding practices and cloud security services (ideally AWS)

Experience in reviewing code security, leading cyber incident resolution and improving security processes in development teams

Experience working with microservices architecture and implementing security tooling in a development context

Strong commercial awareness, assessing supplier proposals and driving cost-effective security solutions

Ability to integrate security with software innovation while ensuring adherence to organisational standards

Expertise in security methodologies, including threat modelling and risk assessment

Deep understanding of technology trends and industry standards in information security

Proven track record of delivering security-focused assets, including incident reports, secure coding templates and training programmes

Familiarity with the FCA, its remit, and strategic priorities

Relevant security certifications, including CompTIA Security+, GSEC, CySA+, CCSP, OSCP or CISSP

Our Values & Diversity

We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation.

Within the workplace you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions.

Did you know? 50% of our Executive Committee were the first in their family to attend university.

Benefits of working at the FCA

25 days holiday per year plus bank holidays

Hybrid working (work from home up to 60% of your time)

Private healthcare with Bupa

A non-contributory Pension of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach age 35)

Life assurance of eight times your basic salary

Income protection

We also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle.

We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible.

If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below and they will be happy to discuss this further with you.

Useful Information and Timeline

This role is graded as: Lead Associate - Regulatory

Advert Closing Date:Midnight 07 July (please submit your application by 11.59pm 06 July)

CV Review/Shortlist: w/c 07 July

First Round Case Study Assessment: w/c 14 July

Competency Based Interview: w/c 28 July

Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.

Applications must be submitted through our online portal. Applications sent via email will not be accepted.

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.