SECURITY ENGINEER – Central Services Security Team

The Role
As part of the technology organisation at the Financial Conduct Authority (FCA), we run digital
products throughout the organisation. We are passionate about delivering value in a fun
collaborative manner and being an influencer at the heart of the global RegTech and FinTech
revolutions driving the digital economy. As part of our Agile journey, we have formed Product
Groups that combine our Delivery and Service functions.

As a newly formed Security Product Group, the Central Security Services team (CSST) sits within
the Infrastructure & Operations team and takes end-to-end accountability for the technology
roadmap and architecture, development and operational support of Enterprise Security across
the internal FCA Business & Technology Solutions division (BTS).

The Security Engineer sits within the Central Security Services Team (CSST) and maintains the
platforms, applications and security systems that deliver enterprise security services to the
organisation.

What does the role involve / What are the key responsibilities?
• Build, deploy and maintain a range of robust, available, repeatable, fit-for-purpose and
scaled enterprise security tools and services.
• Maintain, develop and improve the tools, processes and procedures to meet changing
business needs, strategic objectives and team requirements.
• Develop, monitor, evaluate and maintain systems and procedures to protect the
confidentiality, integrity and availability of information systems within the organisation.

Key aspects of the work will include:

• Provide technical assistance and security SME knowledge to the wider team as part of
Security & Service Management activities including incident and problem management,
risk management and mitigation.
• Support CSST colleagues, Programmes & Projects with the design and implementation of
new Enterprise security products, services, policies, and procedures. Ensure any new
Enterprise Security products and services can be fully supported and appropriate service
readiness activity completed.
• Provide wider Security SME support and coaching to BTS Product Groups and wider BTS
Security community (Communities of Practice).
• Supporting operations out of hours as part of an on-call rota where required

What will the candidate get from the role?

• Ability to build & shape a new centralised Security Product Group team with exposure to
enterprise security services and solutions.
• Critical part of a Central Security team influencing and guiding Enterprise Security
outcomes that will help provide a secure and consistent technology landscape for years
to come.
• We work in small cross functional, self-organising and autonomous teams, passionate
about delivering value and having fun.
• Development, coaching and feedback to allow individuals to improve their technical
capability and business skills.
Skills/Experience Required
• Good experience of working in a security engineering role supporting Enterprise Security
services, products and architecture.
• Strong interest in Cyber Security with relevant recognised security certification (CISSP,
CISM, etc)
• Strong Service Management skills and experience. Ability to manage incidents, problem
investigations, undertaking patching & release management activities in addition to
managing product risks & mitigation activities.
• Technical security knowledge and exposure to relevant technical architecture,
environments, platforms, software industry and business practices.
• Good knowledge and demonstrable experience of Information Security principles, tools,
processes and procedures
• Good understanding of Security frameworks such as NIST, CIS etc.
• Experience of working collaboratively with internal teams and external IT Partners.
• Good communications skills (both oral & written) and comfortable engaging at all levels
including Senior Management.
• Experience of coaching others to improve security knowledge and skills

About the FCA

At the FCA, we’re creating a fair and more resilient financial system. We’re establishing more
transparent relationships between financial services and their customers, building trust in
financial markets and protecting vulnerable consumers.

The landscape of financial services regulation is constantly changing, impacting the way in which
the FCA regulates. Business and Technology Solutions (BTS) enables the FCA to deliver, through
the implementation and management of cutting-edge, industry leading technology and digital
solutions, used by tens of thousands of firms and millions of consumers across the financial
services sector in their interactions with the FCA.

BTS is ambitious, with an established and forward-thinking digital strategy, focused on exploiting
cloud technologies, and an operating model recognised as more pioneering than many in the
private sector. BTS is actively focused on the professional development of colleagues
throughout their careers with us. As a division, BTS is committed to establishing a culture of
inclusion that enables diversity to underpin our ways of working.

The FCA’s Values & Diversity

Our ambition is to create a diverse and inclusive workplace that reflects the society we serve,
helping us to be a better regulator.

As an inclusive employer, we are open to considering flexible working arrangements. Please

contact our recruiter if you wish to apply for this role on a flexible basis.