Information Security Assurance Lead  Division - Operations Department - Cyber and Information Resilience Salary: National (Leeds and Edinburgh) ranging from £57,600 to £81,000 and London from £63,300 to £90,000 The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA.     Cyber and Information Resilience (C&IR) is responsible for the management of cyber security at the FCA. 'Cyber security' means the protection of the FCA's data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions. C&IR is now part of a new formed Directorate lead by our CISO, Director of Cyber & Operational Resilience Division. ​​​​​​The role is based in Operational Assurance team, who leads on the FCA & PSR cyber assurance activities working to determine that correct cyber governance and control measures are in place. The team conducts thorough reviews, analysis and testing to confirm the appropriate application (whether through technology, process, or behaviour) of the policies and the secure operation of the FCA/PSR’s systems and the information and data there on. What you will be doing Assist the Operational Assurance Manager in developing cyber assurance strategy, defining goals to align with C&IR Strategy and framework Oversight and monitoring C&IR’s security strategy, implement preventive measures to protect sensitive data, and ensuring compliance with regulation Manage the end-to-end delivery of key workstreams mainly, third party risk assessment, post incident review, threat and vulnerability assessments, security assessment (red teaming) and penetration testing Enhance third-party cyber risk monitoring (using a tool) and service driven assessments with analytical/ qualitative/ quantitative methods to simplify processes amidst cloud vendor changes and evolving cybersecurity needs Ensure adequate monitoring capabilities for FCA/PSR supply chain are delivered via the new tooling and aligning to cyber risk metrics (and the Cyber Risk Management Framework) and key risk indicators Assure and report on cyber threats and security vulnerabilities that impact supply chain performance by implementing security by design capabilities and compliance automation Guiding and managing an operational team with technical expertise, fostering Agile practices to build high performing cross functional team What you will get from the role  Experience of acting as a mentor to a multi-disciplinary team that is strategically important to the mission of the FCA Influence the strategic direction of cyber security and information resilience Act as a subject matter expert for various steering groups, forums and projects supporting the Operational Assurance Manager Which skills are ? We are a Disability Confident Employer; therefore, disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. (To learn more about the Disability Confident Scheme Click Here) Minimum Direct experience of leading security or assurance teams, and operating Information Security/Assurance Frameworks and Services Proven experience of translating technical issues for clear recommendations, bridging technical and leadership teams in security reporting Direct experience of Risk Management practices, and application in a global organisation Essential Experience of a hands-on role involving pen testing, 3rd party security assessment and vulnerability assessment activities of complex suppliers, applications and operating systems Strong hands-on involvement in the delivery and execution of more than one of the areas listed in the job description key responsibilities Demonstrate strong operating knowledge NIST 800, OWASP, ISO27001 and data protection Ability to plan strategically, arrange and consolidate resources in order to deliver assurance services to achieve CIR assurance objectives A technical qualification/professional certification in Information Security & Privacy Stakeholder management experience at all levels Solid Experience working with external and internal auditors in the provision of evidence and remediation of findings Current understanding of Industry trends and emerging threats We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation. Within the workplace you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions. Did you know? 50% of our Executive Committee were the first in their family to attend university The FCA is committed to achieving greater diversity across all levels of the organisation. Given this, we particularly welcome applications from women, minority ethnic, disabled, and neurodivergent candidates for our Lead Associate role. Benefits of working at the FCA 25 days holiday per year plus bank holidays Hybrid working (work from home up to 60% of your time) Private healthcare with Bupa  A non-contributory Pension of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach age 35)  Life assurance of eight times your basic salary  Income protection  We also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle. We welcome applications from candidates who are looking for flexible arrangements.  Many of our staff work flexibly including working part-time, staggered hours, and job shares.  We can’t promise to give you exactly what you want but we can explore what might work best for both sides. Follow this link to see what life is like at the FCA - Life at the FCA Application Support We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible. If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below and they will be happy to discuss this further with you. Useful information  This role is graded as Lead Associate – Regulatory SC Clearance is required for this role - SC Guidance The successful candidate will hold or will be required to obtain Security Clearance (SC) level vetting. Advert closing date: 3rd February CV Review/Shortlist: 5th/6th February ​ Screening calls: w/c 10th Feb Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.  Got a question?    If you are interested in learning more about the role please contact: For internal applicants, please contact Katie Ayling at Katie.Ayling@fca.org.uk For external applicants, please contact Asha Gladis at Asha.Gladis@fca.org.uk Applications must be submitted through our online portal. Applications sent via email will not be accepted.