Senior Operational & Cyber Resilience Associate

Job Title: Senior Operational & Cyber Resilience Associate

Division: Supervision, Policy & Competition

Department: Technology, Resilience & Cyber

• Salary: National (Edinburgh and Leeds) ranging from £52,400 to £71,000 and London from £57,700 to £78,000 (salary offered will be based on skills and experience)

• This role is graded as: Senior Associate - Regulatory

• Your recruitment contact is Tahir Khan via tahir.khan1@fca.org.uk. Applications must be submitted through our online portal. Applications sent via social media or email will not be accepted.

We regulate financial services firms in the UK, to keep financial markets fair, thriving and effective. By joining us, you’ll play a key part in protecting consumers, driving economic growth, and shaping the future of UK finance services.

SPC oversees firms and individuals (supervision), creates and reviews the rules by which they operate (policy) and identifies and remedies ineffective competition in markets (competition). Sitting within the Specialist Directorate, our Technology, Resilience and Cyber (TRC) department works with financial firms to strengthen the resilience of their systems against cyber threats and operational disruptions - helping protect consumers, safeguard markets, and build trust in the technology that powers financial services.

• Act as a Subject Matter Expert (SME) in Operational Resilience, providing expert guidance across the department, the FCA, and external stakeholders

• Guide the delivery of firm assessments for prioritised high-impact firms, producing evidence-based evaluations of technology, resilience, and cyber capabilities. Your work will give supervisors forward-looking insights and clear judgments, helping them identify whether firms require further mitigating actions to remain secure

• You will head the strategic analysis of incidents arising from cyber-attacks or technology disruptions within your allocation of prioritised firms

• Take part in technical engagement with external stakeholders, including other authorities and senior firm representatives

• Provide thought on emerging and ongoing cyber and technology trends, sharing insights that position the FCA as a proactive leader in resilience and innovation

• Undertake peer comparison and analysis of the maturity of firms’ technology and cyber environments, benchmarking them against sector norms and the wider market.

Minimum:

• Understanding of FCA’s approach to operational resilience, including an appreciation for the FCA’s operational resilience policy

• Prior experience analysing complex information and identifying and presenting recommendations relating to technology and/or cyber resilience capabilities to senior stakeholders, using proven verbal/written communication and stakeholder management skills

• Proven experience in an Operational Resilience, Cyber or Technology Risk and Governance role

Essential:

• Relevant industry qualifications e.g., CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), IS027001 / 2, Lead Auditor / Implementer, or alternatives

• Strong analytical and problem‑solving capabilities with appropriate application of judgement and diligence

• Good interpersonal skills with evidence of team working, and delivery through others

• Knowledge or experience of Financial Services markets

• Exposure to leading practice technology and cyber standards and guidance

• 25 days annual leave plus bank holidays

• Hybrid model with up to 60% remote work

• Non-contributory pension (8–12% depending on age) and life assurance at eight times your salary

• Private healthcare with Bupa, income protection, and 24/7 Employee Assistance

• 35 hours of paid volunteering annually

• A flexible benefits scheme designed around your lifestyle

For a full list of our benefits, and our recruitment process as a whole visit our benefits page.

Our colleagues are the key to our success as a regulator. We are committed to fostering a diverse and inclusive culture: one that’s free from discrimination and bias, celebrates difference, and supports colleagues to deliver at their best. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation.

If you require any adjustments due to a disability or condition, your recruiter is here to help - reach out for tailored support.

We welcome diverse working styles and aim to find flexible solutions that suit both the role and individual needs, including options like part-time and job sharing where applicable.

We’re proud to be a Disability Confident Employer, and therefore, people or individuals with disabilities and long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. In cases of high application volumes, we may progress applicants whose experience most closely matches the role’s key requirements.

• Job advert close: 30th November at 23:59pm

• CV Review/Shortlist: 2nd December

• First Interview: w/c 8th December

• Second Interview: w/c 15th December

Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.

(SC Guidance) - you will hold or will be required to obtain Security Check (SC) level vetting.