Data Protection and Cyber Security Consultant

< back to all jobs

Financial Conduct Authority

Regulating financial services firms and financial markets in the UK, https://www.fca.org.uk/careers

Requirements of the role

Are you interested in joining a team where you can act as a cyber security and data protection subject matter expert providing advice, guidance, and policy interpretation?

 

The team/department

The Security Expertise and Advisory (SE&A) team, based within the Cyber & Information Resilience (C&IR) Department of the COO’s Office, is a cross-functional team responsible for advising the business on cyber security and data protection matters. The SE&A team plays a key role in supporting business and IT change programmes across the organisation.

 

What will you be doing (the role)

This role will support the wider organisation to ensure that it has appropriate cyber security and data protection measures to meet the requirements of relevant legislation such as the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA), and the Financial Services & Markets Act 2000 (FMSA2000).

  • Advise on C&IR’s policies and standards to ensure cyber security and data protection are embedded throughout the lifecycle of all processing within the FCA, and that the policies remain effective and update and provide pragmatic, quality, and timely ad-hoc advice to all areas of the organisation to ensure all new regulatory initiatives comply with the DPA and GDPR, as well as all C&IR’s policies
  • This includes advising on new technology and cloud-based products to ensure these developing areas remain secure and in compliance with our policies and standards
  • Help to define and embed a Privacy by Design and Security by Default culture to ensure correct processing and security is in place from the start of any new processing in the form of DPIA assessment and provide expert technical advice to reduce the risk of a cyber incident or data breach happening at the FCA, as well as assisting with cyber incidents
  • Lead on DPIA processes by working closely with teams across the organisation to provide expert technical advice and guidance
  • Ensure personal data processing activities undertaken by these teams are proportionate and that any associated cyber or data protection risks are being effectively identified, managed and mitigated
  • Review and advice on contracts, data sharing agreements and Memorandum of Understanding (MoU) from a security and data protection input

View on member website

View

 Location

Edinburgh, Leeds, London

 Contract type

Full time, Permanent

 Profession

Consultant, Cyber, Data Protection, Security

 Working pattern

Flexible working, Hybrid

 Closing Date

02/11/2024