Information Assurance Lead
Division - Operations
Department - Cyber and Information Resilience (C&IR)
Salary: National (Edinburgh and Leeds) ranging from £65,000 to £80,000 and London from £75,000 to £90,000
About the FCA
The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA.
The Information Assurance Lead role sits within the wider Assurance team of the Cyber and Information Resilience (C&IR) department.
Cyber and Information Resilience is responsible for the management of cyber security at the FCA. 'Cyber security' means the protection of the FCA's data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions. C&IR is now part of a new formed Directorate lead by our CISO, Director of Cyber & Operational Resilience Division.
The team conducts thorough reviews, analysis and testing to confirm the appropriate application (whether through technology, process, or behaviour) of the policies and the secure operation of the FCA/PSR’s systems and the information and data thereon.
What you will be doing
-
Defining the technical and managerial measures to ensure the privacy, control, integrity, authenticity, availability and utility of the FCAs corporate repositories and information systems, in particular the M365 suite
-
Information risk analysis – conduct scheduled information assurance risk reviews and assessments to identify, evaluate, test and prioritise potential security and data risks across our key applications and processes
-
Perform security and information assurance assessments against FCA information and data controls and regulatory control frameworks to our cyber and information security policies, standards and procedures
-
Ensure compliance with relevant regulatory and legislative requirements, support information related audits relating to information security and implement intelligence led attestations and reports related to information security and implement corrective actions where necessary
-
Ensure compliance with security best practices and policies within the M365 suite, utilising tools such as MS Purview and other e5 tools by Prioritising and Influencing key stakeholders in building core functionality within Microsoft 365 through a risk based approach
-
Detect, Assess, measure and report findings of our key applications and security and information assurance controls, including assurance oversight with security solutions to protect against malware, ransomware and other other cyber and data threats, such as endpoint security, data leakage, data breaches, post incident response
What you will get from the role
-
Work within a high performing team of individuals continuing to shape and enhance information compliance within the FCA
-
Work in an environment that encourages learning and collaboration within all areas of Cyber and Information Security
-
Given the opportunity to develop and mature the information assurance control framework through leadership and direction, driving values and behaviours to ensure alignment and commitment between key stakeholders and the wider business
Which skills are required?
We are a Disability Confident Employer; therefore, disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. (To learn more about the Disability Confident Scheme Click Here)
Minimum
-
Direct experience of delivering solutions across SAAS based information applications in particular Microsoft 365 security tools, monitoring, alerting, and reporting
-
Demonstrable experience of managing a Data or Information Assurance team
-
Proven experience with agile working including agile tools such as JIRA
Essential
-
Demonstrating ability of building an Information Management Assurance or Information Compliance Framework
-
Working knowledge of information management and security concepts, aims, and industry standards like NIST CSF, ISO15489, GDPR and ISO27001
-
Experience implementing policy modules for automation across industry standards including ISO27001 and GDPR
-
Experience of delivering solutions in Microsoft 365 security and information compliance tools, including working knowledge of Microsoft Purview capabilities to deliver the best security and data solutions to drive compliance across the Microsoft Office Suite
-
Skilled manager to lead a technical and non-technical team to drive the information assurance agenda
We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation.
Within the workplace you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions.
The FCA is committed to achieving greater diversity across all levels of the organisation. Given this, we particularly welcome applications from men women, minority ethnic, disabled, and neurodivergent candidates for our Lead Associate role.
Did you know? 50% of our Executive Committee were the first in their family to attend university
Our competitive flexible benefits scheme gives you the opportunity to create a personalised benefits package, tailored to suit your lifecycle. You can use this allowance to purchase additional benefits such as dental or cycle to work or you have the option top up your base salary by taking this as cash.
Benefits of working at the FCA
-
25 days holiday per year plus bank holidays
-
Hybrid working (work from home up to 60% of your time)
-
Private healthcare with Bupa
-
A non-contributory Pension of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach age 35)
-
Life assurance of eight times your basic salary
-
Income protection
We also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle.
We welcome applications from candidates who are looking for flexible arrangements. Many of our staff work flexibly including working part-time, staggered hours, and job shares. We can’t promise to give you exactly what you want but we can explore what might work best for both sides.
Follow this link to see what life is like at the FCA - Life at the FCA
Application Support
We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible.
If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below and they will be happy to discuss this further with you.
Useful information
-
This role is graded as Lead Associate – Regulatory
-
SC Clearance is required for this role - SC Guidance The successful candidate will hold or will be required to obtain Security Clearance (SC) level vetting.
-
Advert closing date: 3rd February
-
CV Review/Shortlist: 5th/6th February
-
Screening calls: w/c 10th Feb
Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.
Got a question?
If you are interested in learning more about the role please contact:
-
For internal applicants, please contact Katie Ayling at [email protected]
-
For external applicants, please contact Asha Gladis at [email protected]
Applications must be submitted through our online portal. Applications sent via email will not be accepted.
What We Do
We work to ensure financial markets work well for individuals, for businesses and for the economy as a whole.
We do this by:
- regulating the conduct of approximately 50,000 businesses
- prudentially supervising 48,000 firms
- setting specific standards for around 18,000 firms
We were set up on 1 April 2013, taking over conduct and relevant prudential regulation from the Financial Services Authority (FSA).
Our Head Office is based in London, and we work across the UK, from our office in Edinburgh and via colleagues in Belfast and Cardiff.
Firms and individuals must be authorised or registered by us to carry out certain activities. Before we grant authorisation, firms must demonstrate that they meet a range of requirements. We then supervise these firms to make sure they continue to meet our standards and rules after they’re authorised. If firms and individuals fail to meet these standards, we have a range of enforcement powers we can use.
We work alongside the Prudential Regulation Authority (PRA), the prudential regulator of around 1,500 banks, building societies, credit unions, insurers and major investment firms.
 (1).png)
