Information Assurance Lead

< back to all jobs

Financial Conduct Authority

Regulating financial services firms and financial markets in the UK, https://www.fca.org.uk/careers

Requirements of the role

The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA.

 

The Information Assurance Lead role sits within the wider Assurance team of the Cyber and Information Resilience (C&IR) department.

 

Cyber and Information Resilience is responsible for the management of cyber security at the FCA. ‘Cyber security’ means the protection of the FCA’s data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions.  C&IR is now part of a new formed Directorate lead by our CISO, Director of Cyber & Operational Resilience Division.
The team conducts thorough reviews, analysis and testing to confirm the appropriate application (whether through technology, process, or behaviour) of the policies and the secure operation of the FCA/PSR’s systems and the information and data thereon.

 

What you will be doing

  • Defining the technical and managerial measures to ensure the privacy, control, integrity, authenticity, availability and utility of the FCAs corporate repositories and information systems, in particular the M365 suite
  • Information risk analysis – conduct scheduled information assurance risk reviews and assessments to identify, evaluate, test and prioritise potential security and data risks across our key applications and processes
  • Perform security and information assurance assessments against FCA information and data controls and regulatory control frameworks to our cyber and information security policies, standards and procedures
  • Ensure compliance with relevant regulatory and legislative requirements, support information related audits relating to information security and implement intelligence led attestations and reports related to information security and implement corrective actions where necessary
  • Ensure compliance with security best practices and policies within the M365 suite, utilising tools such as MS Purview and other e5 tools by Prioritising and Influencing key stakeholders in building core functionality within Microsoft 365 through a risk based approach
  • Detect, Assess, measure and report findings of our key applications and security and information assurance controls, including assurance oversight with security solutions to protect against malware, ransomware and other other cyber and data threats, such as endpoint security, data leakage, data breaches, post incident response

View on member website

View

 Location

London, Leeds, Edinburgh

 Contract type

Full time, Permanent

 Profession

Assurance, Senior

 Working pattern

Flexible working, Hybrid

 Closing Date

04/02/2025