Full Job Description
The Role:

As part of the technology organisation at the Financial Conduct Authority (FCA), we run digital products throughout the organisation. We are passionate about delivering value in a fun collaborative manner and being an influencer at the heart of the global RegTech and FinTech revolutions driving the digital economy. As part of our Agile journey, we have formed Product Groups that combine our Delivery and Service functions.

As a newly formed Product Group, Cyber Security sits within Technology Resilience and takes end-to-end accountability for the technology roadmap and architecture, development and operational support of enterprise Security Products across the Technology division.

The Security Operations Technical Specialist will be part of Technology – Cyber Security – Security Operations and maintains the platforms, applications and security systems that deliver enterprise security services to the organisation.

Key Responsibilities:
Lead and Manage Security incidents and ensure outcomes align with business priorities and policy
Leading a multi-product group vulnerability management team, drive improvement to the FCA vulnerability posture. Champion improvement to processes and procedures to meet changing business needs, strategic objectives and team requirements.
Develop, monitor, evaluate and maintain systems and procedures to protect the confidentiality, integrity and availability of information systems within the organisation.
Key aspects of the work will include:
Provide technical assistance and security SME knowledge to the wider team as part of Security & Service Management activities including incident and problem management, risk management and mitigation.
Support Cyber Security colleagues and Product Groups with Security incidents and ensuring attack surface reduction.
Provide wider Security SME support and coaching to other Product Groups and wider Information Security community.
Supporting operations out of hours as part of an on-call rota

What will the candidate get from the role:
We work in small cross functional, self-organising and autonomous teams, passionate about delivering value and having fun.
We like to work smart, not long hours.
We enjoy having a sense of purpose in our job, knowing that we’re serving those in need.
We don’t do micro-managing; we hire people because we believe they are brilliant in getting the job done.
We love diversity.
We admire and look out for servant leaders who have exceptional critical soft skills.
We believe in innovation, not prescription
Skills/Experience Required:
We’re a signatory to the Government’s Disability Confident scheme. This means that we will offer an interview to disabled candidates entering under the scheme, should they meet the minimum criteria for a role. A minimum criterion needs to be measurable from reviewing a candidate’s CV. Exceptions may apply if due to the volume of applications we are not able to interview all eligible candidates who qualify under the scheme.

Minimum:
Strong experience of working in a Security Operations role supporting enterprise security services, products and architecture.
Strong interest in Cyber Security with relevant recognised security certification: CISSP and Microsoft security certifications such as SC200/300, MS500, AZ500
Have, or be willing and able to obtain HMG SC Clearance.
Essential:
Strong Service management skills and experience. Ability to manage incidents, problem investigations, undertaking patching & release management activities in addition to managing product risks & mitigation activities.
Previous experience in Security Operations, preferably 3+ years as a Security Analyst or similar
Thorough working knowledge of Operating Systems, Cloud and Data Centre technology
Strong understanding of network security, firewalls, IDS and proxy technology
Strong understanding of Azure and O365 security roles and technology, Sentinel experience is a bonus
Technical security knowledge and exposure to relevant technical architecture, environments, platforms, software industry and business practices.
Good knowledge and demonstrable experience of Information Security principles, tools, processes and procedures
Experience of working collaboratively with internal teams and external IT Partners.
Experience of coaching others to improve security knowledge
Desirable:
Experience working in the financial services industry
Sentinel and O365 ‘hunting’ skills
Service Design and Transition experience & knowledge
Good understanding of Security frameworks, e.g. MITRE, NIST, CIS
Good communications skills (both oral & written) and comfortable engaging at all levels including Senior Management.
Previous experience in security operations including responding to SIEM/ SOC alerts, EPP/ EDR alerts. O365 Defender alerts and providing support to security services such as Privileged Access Management, SIEM, Identity Governance & Administration, PKI, Vulnerability Scanning
This role is a Security Operations, Technical Specialist position.
This Position falls within the Regulatory Job Family.
London salary range is approximately £64,000 – £95,000 plus a competitive
benefits package
and non-contributory pension
National salary range (including Edinburgh and Leeds) is approximately £62,000 – £95,000 plus a competitive
benefits package
and non-contributory pension

Job post will close on Monday 19th September 2022
The FCA supports hybrid working and you will be expected to work 40% of your time over a month, in our office. We will consider other flexible arrangements, for example part time working, and you can discuss this with the recruiter.’
For more information please contact
[email protected]
About the FCA
At the FCA, we’re creating a fair and more resilient financial system. We’re establishing more transparent relationships between financial services and their customers, building trust in financial markets and protecting vulnerable consumers.
The landscape of financial services regulation is constantly changing, impacting the way in which the FCA regulates. Technology enables the FCA to deliver, through the implementation and management of cutting-edge, industry leading technology and digital solutions, used by tens of thousands of firms and millions of consumers across the financial services sector in their interactions with the FCA.
Technology is ambitious, with an established and forward-thinking digital strategy, focused on exploiting cloud technologies, and an operating model recognised as more pioneering than many in the private sector. Technology is actively focused on the professional development of colleagues throughout their careers with us. As a division, Technology is committed to establishing a culture of inclusion that enables diversity to underpin our ways of working.
The FCA’s Values & Diversity
Our ambition is to create a diverse and inclusive workplace that reflects the society we serve, helping us to be a better regulator.
As an inclusive employer, we are open to considering flexible working arrangements. Please contact our recruiter if you wish to apply for this role on a flexible basis.