Cyber Security Engineer

This role is graded as: Senior Associate - Regulatory

About the FCA and team

We regulate financial services firms in the UK, to keep financial markets fair, thriving and effective. By joining us, you will play a key part in protecting consumers, driving economic growth, and shaping the future of UK finance services. The Data, Technology and Innovation (DTI) division enables the FCA to be a digital-first, data-led smart regulator by delivering a secure, agile, and cost-effective technology and data ecosystem that drives better decisions, transparency, and operational efficiency. Sitting within DTI, the Technology Resilience team safeguards the FCA's digital assets, services and suppliers to ensure the organisation remains secure and compliant.

Role responsibilities

• Build, deploy, maintain and optimise enterprise scale threat detection and response platforms including SIEM, EDR, XDR and vulnerability management from initial build through BAU.
• Improve organisational security posture availability and operational robustness through measurable engineering and operational outcomes.
• Maintain, develop and improve security tools, processes and procedures to meet changing business needs, strategic objectives and service requirements.
• Develop, monitor, evaluate and maintain security systems and controls to protect the confidentiality, integrity and availability of information systems and reduce risk exposure.
• Provide technical security subject matter guidance supporting incident, problem and risk management across service management activities.
• Collaborate closely with cyber security technology resilience product groups and delivery teams contributing to stakeholder engagement and alignment across levels.
• Support the design, implementation, service readiness and transition of new enterprise security products and services including automation and engineering best practice.
• Develop professional capability through coaching communities of practice, practical exposure to a broad security ecosystem and the opportunity to deepen technical knowledge and certifications.

Skills required

Minimum:

• Extensive experience of working in a security engineering role supporting Enterprise Security services, products and architecture in the threat detection and response domain.
• Deep understanding of cyber security principles backed by certifications like CISSP and CISM and others.

Essential:

• Thorough understanding of networks and engineering protocols related to topologies and standards.
• Technical security knowledge and exposure to relevant technical architecture, environments, platforms, software industry and business practices.
• Solid knowledge and demonstrable experience of Information Security principles, tools, processes and procedures.
• Understanding of Security frameworks such as NIST, CIS and more.
• Experience of working collaboratively with internal teams and external IT Partners.
• Good communications skills (both oral & written) and comfortable engaging at all levels including Senior Management.
• Experience of coaching others to improve security knowledge and skills.
• Awareness of Architectural standards and documentation.

Benefits

• 25 days annual leave plus bank holidays.
• Hybrid model where employees work a minimum of 40% in the office each month (expectation of 50% for senior leaders). Changing from September to a minimum of 50% in the office each month (expectation of 60% for Directors and Executive Directors).
• Non-contributory pension (8-12% depending on age) and life assurance at eight times your salary.
• Private healthcare with Bupa, income protection, and 24/7 Employee Assistance.
• 35 hours of paid volunteering annually.
• A flexible benefits scheme designed around your lifestyle.

Our values & culture

Our colleagues are the key to our success as a regulator. We are committed to fostering a diverse and inclusive culture: one that is free from discrimination and bias, celebrates difference, and supports colleagues to deliver at their best. We believe that our differences and similarities enable us to be a better organisation - one that makes better decisions, drives innovation, and delivers better regulation.

If you require any adjustments due to a disability or condition, your recruiter is here to help - reach out for tailored support. We welcome diverse working styles and aim to find flexible solutions that suit both the role and individual needs, including options like part-time and job sharing where applicable.

Disability Confident: our hiring approach

We are proud to be a Disability Confident Employer, and therefore, people or individuals with disabilities and long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. In cases of high application volumes, we may progress applicants whose experience most closely matches the role's key requirements.

Useful information and timeline

• Advert Closing: 19th April at 11:59pm.
• CV Review/Shortlist: 21st April.
• 1st interview: w/c 27th April.
• 2nd interview: w/c 4th May.

Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time. SC Clearance is required for this role (SC Guidance) - you will hold or will be required to obtain Security Check (SC) level vetting.