Financial Conduct Authority
Regulating financial services firms and financial markets in the UK, https://www.fca.org.uk/careers
Requirements of the role
Are you interested in joining a team where you can act as a cyber security and data protection subject matter expert providing advice, guidance, and policy interpretation?
The team/department
The Security Expertise and Advisory (SE&A) team, based within the Cyber & Information Resilience (C&IR) Department of the COO’s Office, is a cross-functional team responsible for advising the business on cyber security and data protection matters. The SE&A team plays a key role in supporting business and IT change programmes across the organisation.
What will you be doing (the role)
This role will support the wider organisation to ensure that it has appropriate cyber security and data protection measures to meet the requirements of relevant legislation such as the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA), and the Financial Services & Markets Act 2000 (FMSA2000).
- Advise on C&IR’s policies and standards to ensure cyber security and data protection are embedded throughout the lifecycle of all processing within the FCA, and that the policies remain effective and update and provide pragmatic, quality, and timely ad-hoc advice to all areas of the organisation to ensure all new regulatory initiatives comply with the DPA and GDPR, as well as all C&IR’s policies
- This includes advising on new technology and cloud-based products to ensure these developing areas remain secure and in compliance with our policies and standards
- Help to define and embed a Privacy by Design and Security by Default culture to ensure correct processing and security is in place from the start of any new processing in the form of DPIA assessment and provide expert technical advice to reduce the risk of a cyber incident or data breach happening at the FCA, as well as assisting with cyber incidents
- Lead on DPIA processes by working closely with teams across the organisation to provide expert technical advice and guidance
- Ensure personal data processing activities undertaken by these teams are proportionate and that any associated cyber or data protection risks are being effectively identified, managed and mitigated
- Review and advice on contracts, data sharing agreements and Memorandum of Understanding (MoU) from a security and data protection input
View on member website
ViewLocation
Edinburgh, Leeds, London
Contract type
Full time, Permanent
Profession
Consultant, Cyber, Data Protection, Security
Working pattern
Flexible working, Hybrid
Closing Date
02/11/2024