Cyber Security Engineer- FCA- Permanent – London, Leeds & Edinburgh (hybrid working)
As part of the technology organisation at the Financial Conduct Authority (FCA), we run
digital products throughout the organisation. We are passionate about delivering value in a
fun collaborative manner and being an influencer at the heart of the global RegTech and
FinTech revolutions driving the digital economy. As part of our Agile journey, we have
formed Product Groups that combine our Delivery and Service functions.
As a newly formed Security Product Group, the Cyber Security sits within the Technology
Resilience and takes end-to-end accountability for the technology roadmap and
architecture, development and operational support of enterprise Security Products across
the internal FCA Technology division.
As Security Engineer, you will be part of Technology – Cyber Security – Engineering and
maintains the platforms, applications and security systems that deliver enterprise security
services to the organisation.
What does the role involve / What are the key responsibilities?
· Build, deploy and maintain a range of robust, available, repeatable, fit-for-purpose
and scaled enterprise security tools and services.
· Maintain, develop and improve the tools, processes and procedures to meet
changing business needs, strategic objectives and team requirements.
· Develop, monitor, evaluate and maintain systems and procedures to protect the
confidentiality, integrity and availability of information systems within the
Key aspects of the work will include:
· Provide technical assistance and security SME knowledge to the wider team as part
of Security & Service Management activities including incident and problem
management, risk management and mitigation.
· Support Cyber Security colleagues, Programmes & Projects with the design and
implementation of new enterprise Security Products, services, policies, and
procedures. Ensure any new enterprise Security Products and services can be fully
supported and appropriate service readiness activity completed.
· Provide wider Security SME support and coaching to other Product Groups and
wider Information Security community.
· Supporting operations out of hours as part of an on-call rota
What will you get from this opportunity?
· We work in small cross functional, self-organising and autonomous teams,
passionate about delivering value and having fun.
· We like to work smart, not long hours.
· We enjoy having a sense of purpose in our job, knowing that we’re serving those
· We don’t do micro-managing; we hire people because we believe they are brilliant
in getting the job done.
· We love diversity.
· We admire and look out for servant leaders who have exceptional critical soft
· We believe in innovation, not prescription
We’re a signatory to the Government’s Disability Confident scheme. This means that we
will offer an interview to disabled candidates entering under the scheme, should they meet
the minimum criteria for a role. A minimum criterion needs to be measurable from
reviewing a candidate’s CV. Exceptions may apply if due to the volume of applications we
are not able to interview all eligible candidates who qualify under the scheme.
· Good experience of working in a security engineering role supporting enterprise
security services, products and architecture.
· Strong interest in Cyber Security with relevant recognised security certification
· Have, or be willing and able to obtain HMG SC Clearance.
· Strong Service management skills and experience. Ability to manage incidents,
problem investigations, undertaking patching & release management activities in
addition to managing product risks & mitigation activities.
· Previous experience in security engineering or DevSecOps.
· Thorough working knowledge of Operating Systems, Cloud technology and
·Experience of Azure Cloud Stack
· Understanding of GitOps, Agile and DevOps practice
· Ability to write code and work with Infrastructure as Code tools (Ansible,
Terraform, Puppet etc)
· Technical security knowledge and exposure to relevant technical architecture,
environments, platforms, software industry and business practices.
· Good knowledge and demonstrable experience of Information Security principles,
tools, processes and procedures
· Experience of working collaboratively with internal teams and external IT Partners.
· Experience of coaching others to improve security and engineering knowledge
· Experience working in the financial services industry
· Scripting / automation skills
· Service Design and Transition experience & knowledge
· Good understanding of Security frameworks, e.g. MITRE, NIST
· Good communications skills (both oral & written) and comfortable engaging at all
levels including Senior Management.
· Previous experience in security engineering services such as Privileged Access
Management, SIEM, Identity Governance & Administration, PKI, Vulnerability
About the FCA
At the FCA, we’re creating a fair and more resilient financial system. We’re establishing
more transparent relationships between financial services and their customers, building
trust in financial markets and protecting vulnerable consumers.
The landscape of financial services regulation is constantly changing, impacting the way in
which the FCA regulates. Technology enables the FCA to deliver, through the
implementation and management of cutting-edge, industry leading technology and digital
solutions, used by tens of thousands of firms and millions of consumers across the
financial services sector in their interactions with the FCA.
Technology is ambitious, with an established and forward-thinking digital strategy, focused
on exploiting cloud technologies, and an operating model recognised as more pioneering
than many in the private sector. Technology is actively focused on the professional
development of colleagues throughout their careers with us. As a division, Technology is
committed to establishing a culture of inclusion that enables diversity to underpin our ways
The FCA’s Values & Diversity
Our ambition is to create a diverse and inclusive workplace that reflects the society we
serve, helping us to be a better regulator.
As an inclusive employer, we are open to considering flexible working arrangements.
Please contact our recruiter if you wish to apply for this role on a flexible basis.