Cyber Assurance Analyst

Cyber Assurance Analyst London, England

Financial Conduct Authority
Full Time London, England 70000 GBP ANNUAL Today
Job description

Salary: National up to £62,000 and London up to £70,000 per annum – Salary offered will be based on skills and experience
Are you interested in joining a team that will help shape and deliver the future of Cyber Security at the FCA?
The Role
We are recruiting for a Cyber Assurance Analyst position. This role sits within the wider Assurance team of the Cyber and Information Resilience (C&IR) department.
C&IR is responsible for the management of cyber security at the FCA. 'Cyber security' means the protection of the FCA's data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions.
Operational Assurance
C&IR will conduct security and data reviews, analysis and testing to confirm the appropriate application (whether through technology, process or behaviour) of the policies and the secure operation of the FCA's systems and the information and data thereon – such as:
  • Determining that correct measures of governance and controls are in place to validate identified cyber risks and vulnerabilities are prioritised correctly and remediated based on agreed C&IR SLAs
  • Validate operational decisions with stakeholders (such as BTS Product Groups) are made in accordance with our policies and standards and do not increase the overall risk exposure of the FCA
  • Assess, measure and report findings of our key applications and security and information assurance controls
  • Facilitate the identification and proportionate management of risk to our suppliers
What you will be doing
  • Directly support the development and operation of the systems and infrastructure assurance frameworks, helping ensure they remain aligned to the C&IR strategy
  • Represent the C&IR assurance framework where required to promote clear and measurable security assurance requirements and decisions
  • Drive secure testing and remediation of our critical applications with key stakeholders such as IT product groups, including red team testing
  • Supporting the development of the cloud assurance regime, within our cloud environments (i.e. AWS)
  • Tracking and planning of vulnerability prioritisation and remediation
  • Operating the running & development of security assessments & assurance testing activities
  • Operation of the pen testing process, including threat assessments and breach attacking simulations in conjunction with our third-party security testers
  • Ensure adequate monitoring capability is incorporated into solutions and feed into information and cyber risk metrics and key risk and performance indicators
  • Solid awareness of cyber and information security threats and their mitigations
  • Monitoring compliance with cyber policies, standards and frameworks, in particularly ISO 27001 and NIST 800, OWASP and MITRE
  • Build strong working relationships with key contacts, stakeholders and business colleagues
  • Assist in setting the scope for assurance activities and setting risk tolerance with regards to identified issues
  • Collate and produce (and automate where possible) assurance reporting and metrics that is appropriate for the relevant audience
What will the candidate get from the role?
Our competitive flexible benefits scheme gives you the opportunity to create a personalised benefits package, tailored to suit your lifecycle. You can use this allowance to purchase additional benefits such as dental or cycle to work or you have the option top up your base salary by taking this as cash. Core benefits that you will receive as standard are:
  • 25 days holiday per year
  • Private healthcare with Bupa
  • A non-contributory Pension of at least 8% of your basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach the age of 35)
  • Life assurance of eight times your basic salary
  • Income protection
  • We support hybrid working which means you will be able to work from home up to 60% of the time over a month with the remainder of your time in one of our three office locations
You will also get
  • An opportunity to tackle a challenging, interesting and varied portfolio of work, working with key stakeholders and senior members across the FCA
  • An opportunity to own and drive the cyber assurance testing agenda
  • An opportunity to be innovative and contribute to an evolving team within the FCA
  • Broadening of existing technical skills and knowledge
  • Involvement in the development of cyber and information assurance activities within the FCA
  • Interesting and fast moving work in a friendly, goal-orientated environment
  • Involvement in a team that is making a difference to the way the FCA operates
The skills and experience you’ll have
We're a signatory to the Government's Disability Confident scheme. This means that we guarantee an interview to any disabled candidates entering under the scheme, who best meet the minimum criteria for a role.

Minimum
  • A technical degree or relevant professional cyber security qualification (e.g. CISSP, CISM, CCSP or CEH)
  • Demonstrable expertise working with ISO 27001/2, NIST 800-53, NIST CSF, CIS Top 20 , CIS benchmarks and/or ISF security frameworks
  • Possesses relevant expertise and qualifications in applying principles driven by industry best practice
Essential
  • Demonstrable experience within the design, implementation and management of systems and/or assurance frameworks
  • Detailed understanding of information security, particularly security testing and vulnerability management
  • Relevant experience in cyber security
  • Experience of a technical business change work stream
  • Ability to develop effective relationships with internal and external stakeholders

Desirable
  • Keen desire to keep up to date with online technologies and trends
  • Experience of a hands-on role involving pen testing and vulnerability assessment activities of complex applications and operating systems
  • Knowledge of COBIT or other recognised risk management frameworks
About the FCA
The FCA regulates the conduct of 50,000 firms in the UK to ensure our financial markets are honest, fair and competitive. We do this to make sure markets work well for individuals, businesses and the economy as a whole. For more information on what we do, our three-year strategy can be found
here.

The FCA's Values & Diversity
Our ambition is to cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation. We particularly welcome applications from women, disabled, and minority ethnic candidates, as under-represented groups

Flexible working
We welcome applications from candidates who are looking for flexible arrangements. Many of our staff work flexibly including working part-time, staggered hours, and job shares. We can’t promise to give you exactly what you want but we won’t judge you for asking.

Multilocation & hybrid working
As part of the FCA’s on-going commitment to develop our national presence, most of our vacancies are now open to working in our Edinburgh, Leeds, or London offices. This means that as part of the application process you will be able to select your preference of which office location you would like to work from.

Useful information
Applications for this role close at midnight on 21st June
This role is graded as Senior Associate - Regulatory
Security Clearance will be required for this role

Got a question?
If you are interested in learning more about the role, please contact Sara Holland on

Please note that all applications must be submitted through our online portal before the closing date, applications sent via email will not be accepted.

Cyber Assurance Analyst
Financial Conduct Authority

www.fca.org.uk
London, United Kingdom
Nikhil Rathi
Unknown / Non-Applicable
1001 to 5000 Employees
Non-profit Organisation
National Services & Agencies
2013
Related Jobs

All Related Listed jobs

Procurement Category Lead
Magellan Aerospace Wrexham, Wales 40000 - 47918 GBP ANNUAL Today

2 years Procurement experience or equivalent in a customer facing role. Functional knowledge of process and product. Access to mental health support.

Customer Care Advisor (Fully Remote U.K.)
LuxDeco London, England 23000 GBP ANNUAL Today

Kind: You have a polite and engaging telephone manner, and are competent talking to High Net Worth (HNW) individuals over the phone.

Care Assistant (Days)
MHA Rotherham, England 11.45 GBP HOURLY Today

A discount scheme which includes savings with retail stores and online purchases. Permanent Full Time 39 hours per week. Free uniform and DBS check.

Occupational Therapy Assistant
Nottinghamshire Healthcare NHS Foundation Trust Nottingham, England 21730 - 23177 GBP ANNUAL Today

We are looking to fill a full-time post at a Local Mental Health Team covering the Gedling area of Nottingham.

Temporary Sales Assistant - Sports Direct
Sports Direct Ilford, England Today

To recommend, select and locate the correct merchandise for the customers needs. A desire and ability to deliver sales against targets set.