Information Assurance Lead

Information Assurance Lead

Salary: National ranging from £65,000 to £80,000 and London from £75,000 to £90,000

Are you interested in developing our information assurance control framework?

The team/department

The Information Assurance Lead role sits within the wider Assurance team of the Cyber and Information Resilience (C&IR) department.

C&IR is responsible for the management of cyber security at the FCA. 'Cyber security' means the protection of the FCA's data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions. 

The Information Assurance Lead position will contribute to the team’s prime objectives, which are:

• As an organisation, we have a legal, professional and moral duty to protect the information we hold; in order to safeguard consumers, firms and markets from harm.
• It is therefore essential that we assure our systems, the types of information they hold, and any potential risks to the data, whilst ensuring our suppliers and business processes meet our policies, risk tolerance and regulatory obligations.

What you will be doing (the role)

• Defining the technical and managerial measures to ensure the privacy, control, integrity, authenticity, availability and utility of the FCAs corporate repositories and information systems, in particular the M365 suite

• Information risk analysis – conduct scheduled information assurance risk reviews and assessments to identify, evaluate, test and prioritise potential security and data risks across our key applications and processes

• Perform security and information assurance assessments against FCA information and data controls and regulatory control frameworks to our cyber and information security policies, standards and procedures

• Ensure compliance with relevant regulatory and legislative requirements, support information related audits relating to information security and implement intelligence led attestations and reports related to information security and implement corrective actions where necessary

• Ensure compliance with security best practices and policies within the M365 suite, utilising tools such as MS Purview and other e5 tools by Prioritising and Influencing key stakeholders in building core functionality within Microsoft 365 through a risk based approach

• Detect, Assess, measure and report findings of our key applications and security and information assurance controls, including assurance oversight with security solutions to protect against malware, ransomware and other other cyber and data threats, such as endpoint security, data leakage, data breaches, post incident response

What you will get from the role

• Work within a high performing team of individuals continuing to shape and enhance information compliance within the FCA

• Work in an environment that encourages learning and collaboration within all areas of Cyber and Information Security

• Given the opportunity to develop and mature the information assurance control framework through leadership and direction, driving values and behaviours to ensure alignment and commitment between key stakeholders and the wider business

Our competitive flexible benefits scheme gives you the opportunity to create a personalised benefits package, tailored to suit your lifecycle. You can use this allowance to purchase additional benefits such as dental or cycle to work or you have the option top up your base salary by taking this as cash.

Core benefits that you will receive as standard are:

• 25 days holiday per year plus bank holidays

• Private healthcare with Bupa

• A non-contributory Pension of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach age 35)

• Life assurance of eight times your basic salary

• Income protection

We support hybrid working which means you will be able to work from home up to 60% of the time over a month with the remainder of your time in one of our three office locations.

The skills and experience you will have

Minimum 

We are a signatory to the Government’s Disability Confident scheme. This means that we will offer an interview to disabled candidates entering under the scheme, who best meet the minimum criteria for a role.  

• Evidence of delivering solutions across SAAS based information applications in particular Microsoft 365 security tools, monitoring, alerting, and reporting

• Demonstrable evidence of managing a Data or Information Assurance team

• Experience with agile working including agile tools such as JIRA

Essential

• Demonstrating ability of building an Information Management Assurance or Information Compliance Framework

• Working knowledge of information management and security concepts, aims, and industry standards like NIST CSF, ISO15489, GDPR and ISO27001

• Experience implementing policy modules for automation across industry standards including ISO27001 and GDPR

• Experience of delivering solutions in Microsoft 365 security and information compliance tools, including working knowledge of Microsoft Purview capabilities to deliver the best security and data solutions to drive compliance across the Microsoft Office Suite 

• Skilled manager to lead a technical and non-technical team to drive the information assurance agenda

About the FCA

The FCA regulates the conduct of nearly 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. We do this to make sure markets work well for individuals, businesses and the economy as a whole. For more information on what we do, our three-year strategy can be found here.

The FCA's Values & Diversity

Our ambition is to cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation, and delivers better regulation.

The FCA is committed to achieving greater diversity across all levels of the organisations. Given this, we particularly welcome applications from women, disabled and minority ethnic candidates for our lead associate role.

Flexible working

We welcome applications from candidates who are looking for flexible arrangements. Many of our staff work flexibly including working part-time, staggered hours, and job shares. We can’t promise to give you exactly what you want but we won’t judge you for asking.

Multi-location

As part of the FCA’s on-going commitment to develop our national presence, most of our vacancies are now open to working in our Edinburgh, Leeds, or London offices. This means that as part of the application process you will be able to select your preference of which office location you would like to work from.

Useful information

Applications for this role close at 23:59 on 10th November 2024

This role is graded as Lead Associate – Regulatory

Got a question?

If you are interested in learning more about the role please contact: 

For internal applicants, please contact Katie Ayling at [email protected] 

For external applicants, please contact Asha Gladis at [email protected]

What to expect from our interview process

 The assessment process consists of an initial screening call with the hiring manager. If successful, you will be invited to attend a competency-based interview.

Application support

We want to remove any possible barriers and are committed to providing a wide range of reasonable adjustments so that you can keep the focus on your conversations and be at your best.

If you have an accessibility requirement, disability, or condition that means you might require changes to the recruitment process, please contact your recruiter to discuss this further. Our aim is to make your application as easy and comfortable as possible, and your recruiter will be happy to work with you to make any necessary arrangements where possible. 

Security Clearance/Vetting

The successful candidate will hold or will be required to obtain Security Clearance (SC) level vetting.

Please note that all applications must be submitted through our online portal, applications sent via email will not be accepted.