Information Assurance Lead

C&IR is responsible for the management of cyber security at the FCA. 'Cyber security' means the protection of the FCA's data and systems from malicious activity, including theft, damage and disruption, in order that the FCA can deliver its key business functions. The Information Assurance Lead position will contribute to the team's prime objectives, which are:

• As an organisation, we have a legal, professional and moral duty to protect the information we hold; in order to safeguard consumers, firms and markets from harm.
• It is therefore essential that we assure our systems, the types of information they hold, and any potential risks to the data, whilst ensuring our suppliers and business processes meet our policies, risk tolerance and regulatory obligations.
What you will be doing (the role)
• Defining the technical and managerial measures to ensure the privacy, control, integrity, authenticity, availability and utility of the FCAs corporate repositories and information systems, in particular the M365 suite
• Information risk analysis - conduct scheduled information assurance risk reviews and assessments to identify, evaluate, test and prioritise potential security and data risks across our key applications and processes
• Perform security and information assurance assessments against FCA information and data controls and regulatory control frameworks to our cyber and information security policies, standards and procedures
• Ensure compliance with relevant regulatory and legislative requirements, support information related audits relating to information security and implement intelligence led attestations and reports related to information security and implement corrective actions where necessary
• Ensure compliance with security best practices and policies within the M365 suite, utilising tools such as MS Purview and other e5 tools by Prioritising and Influencing key stakeholders in building core functionality within Microsoft 365 through a risk based approach
• Detect, Assess, measure and report findings of our key applications and security and information assurance controls, including assurance oversight with security solutions to protect against malware, ransomware and other other cyber and data threats, such as endpoint security, data leakage, data breaches, post incident response
What you will get from the role
• Work within a high performing team of individuals continuing to shape and enhance information compliance within the FCA
• Work in an environment that encourages learning and collaboration within all areas of Cyber and Information Security
• Given the opportunity to develop and mature the information assurance control framework through leadership and direction, driving values and behaviours to ensure alignment and commitment between key stakeholders and the wider business, Our ambition is to cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences and similarities enable us to be a better organisation - one that makes better decisions, drives innovation, and delivers better regulation.
The FCA is committed to achieving greater diversity across all levels of the organisations. Given this, we particularly welcome applications from women, disabled and minority ethnic candidates for our lead associate role. Flexible working We welcome applications from candidates who are looking for flexible arrangements. Many of our staff work flexibly including working part-time, staggered hours, and job shares. We can't promise to give you exactly what you want but we won't judge you for asking.


• Evidence of delivering solutions across SAAS based information applications in particular Microsoft 365 security tools, monitoring, alerting, and reporting
• Demonstrable evidence of managing a Data or Information Assurance team
• Experience with agile working including agile tools such as JIRA
Essential
• Demonstrating ability of building an Information Management Assurance or Information Compliance Framework
• Working knowledge of information management and security concepts, aims, and industry standards like NIST CSF, ISO15489, GDPR and ISO27001
• Experience implementing policy modules for automation across industry standards including ISO27001 and GDPR
• Experience of delivering solutions in Microsoft 365 security and information compliance tools, including working knowledge of Microsoft Purview capabilities to deliver the best security and data solutions to drive compliance across the Microsoft Office Suite
• Skilled manager to lead a technical and non-technical team to drive the information assurance agenda
  
  The FCA regulates the conduct of nearly 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. We do this to make sure markets work well for individuals, businesses and the economy as a whole. For more information on what we do, our three-year strategy can be found here.
  
  Our competitive flexible benefits scheme gives you the opportunity to create a personalised benefits package, tailored to suit your lifecycle. You can use this allowance to purchase additional benefits such as dental or cycle to work or you have the option top up your base salary by taking this as cash.
Core benefits that you will receive as standard are:
• 25 days holiday per year plus bank holidays
• Private healthcare with Bupa
• A non-contributory Pension of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age - up to 12% a month once you reach age 35)
• Life assurance of eight times your basic salary
• Income protection