Financial Conduct Authority
Regulating financial services firms and financial markets in the UK, https://www.fca.org.uk/careers
Requirements of the role
The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA.
Cyber and Information Resilience (C&IR) is responsible for the management of cyber security at the FCA. ‘Cyber security’ means the protection of the FCA’s data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions. C&IR is now part of a new formed Directorate lead by our CISO, Director of Cyber & Operational Resilience Division.
The role is based in Operational Assurance team, who leads on the FCA & PSR cyber assurance activities working to determine that correct cyber governance and control measures are in place.
The team conducts thorough reviews, analysis and testing to confirm the appropriate application (whether through technology, process, or behaviour) of the policies and the secure operation of the FCA/PSR’s systems and the information and data there on.
What you will be doing
- Assist the Operational Assurance Manager in developing cyber assurance strategy, defining goals to align with C&IR Strategy and framework
- Oversight and monitoring C&IR’s security strategy, implement preventive measures to protect sensitive data, and ensuring compliance with regulation
- Manage the end-to-end delivery of key workstreams mainly, third party risk assessment, post incident review, threat and vulnerability assessments, security assessment (red teaming) and penetration testing
- Enhance third-party cyber risk monitoring (using a tool) and service driven assessments with analytical/ qualitative/ quantitative methods to simplify processes amidst cloud vendor changes and evolving cybersecurity needs
- Ensure adequate monitoring capabilities for FCA/PSR supply chain are delivered via the new tooling and aligning to cyber risk metrics (and the Cyber Risk Management Framework) and key risk indicators
- Assure and report on cyber threats and security vulnerabilities that impact supply chain performance by implementing security by design capabilities and compliance automation
- Guiding and managing an operational team with technical expertise, fostering Agile practices to build high performing cross functional team
View on member website
ViewLocation
London, Leeds, EdinburghContract type
Full time, Permanent
Profession
Assurance, Information security, Senior
Working pattern
Flexible working, Hybrid
Closing Date
04/02/2025