AWS Assurance Specialist Job Vacancy in Barking, England, UK

Interested in joining a team that is pivotal in protecting consumers and UK financial markets against cyber-crime? 

We are looking for an AWS Assurance Specialist to join us!

The Cyber and Information Resilience Team is a department that has been formed to respond to the growing threat from cyber security and the organisation’s increasing reliance on the data in order to effectively regulate of the financial sector and ensure that relevant markets function well. The team brings together the disciplines of cyber and information security, information management and privacy.       

The Assurance team’s prime objectives are:

• Assuring services to ensure our systems, infrastructure, suppliers and business processes are compliant with our polices and the FCA’s risk appetite.
• Validate operational decisions are made in accordance with our security policies and standards and do not increase the overall risk exposure of the FCA.
• Analyse compliance with the fundamental processes and plans required to manage risk and safeguard our most important assets.
• Determine correct measures of governance and controls are in place to validate identified cyber risks and vulnerabilities are prioritised and remediated based on agreed C&IR SLAs

What does the role involve?

• Building the cloud assurance regime, within our cloud environments
• Participate as a member of the Cyber Assurance Team as an AWS subject matter expert
• Monitoring compliance with cyber policies, standards and frameworks, in particularly NIST 800, OWASP and MITRE.
• Development of cloud security procedures and controls for the assurance team across the operating environment
• Manages and maintains AWS security governance policies, including custom IAM policies, security groups, NACLs, and S3 bucket policies
• Monitors and assists with the implementation of AWS in-house and COTS security capabilities
• Conducts and automate cyber security audits of AWS accounts and resources
• Documents and delivers enhancements to FCA’s AWS environment at the direction of FCA’s cloud architects and engineers

What you will get from the role:

• You will have the experience of acting as a mentor to a multi-disciplinary team that is strategically important to the mission of the FCA.
• Ability to influence the strategic direction of cyber security and information resilience in the cloud at the FCA
• Acting as the key AWS SME across multiple divisions for AWS compliance and assurance

Skills/ Experience Required  

Minimum 

We’re a signatory to the Government’s Disability Confident scheme. This means that we will offer an interview to disabled candidates entering under the scheme, should they meet the minimum criteria for a role. A minimum criterion needs to be measurable from reviewing a candidate’s CV. Exceptions may apply if due to the volume of applications we are not able to interview all eligible candidates who qualify under the scheme. 

• Proven experience of leading security or information cloud assurance initiatives and operating AWS Information Security/ Assurance Frameworks and Services.
• Have experience in performing technical assessments and audits of network, operating systems, application security, as well as auditing IT processes
• Understanding of cloud computing services/ deployment architecture.

Essential

• Substantial experience in the AWS security assessment and information assurance space
• Understanding of computer science fundamentals and high-level design.
• Experience supporting information security control audits (e.g. NIST 800-53, ISO 27017/ 27018, PCI DSS, SOC)
• Experience in AWS tooling for generating automated metrics to measure IT security effectiveness and consistency.
• Strong hands-on involvement in the delivery and execution of more than one of the areas listed in the job description key responsibilities
• Ability to plan strategically, arrange and consolidate resources in order to deliver cloud assurance services to achieve CIR assurance objectives

Desirable

• Professional IT Accreditations (CISM, CISA, CISSP, CEH, M Inst ISP).
• Experience in IT program or project management, IT auditing, and/ or control framework development and implementation is also a plus.
• Analytical, thorough and methodical.

About the FCA  

At the FCA, we’re creating a fair and more resilient financial system. We’re establishing more transparent relationships between financial services and their customers, building trust in financial markets and protecting vulnerable consumers.

The FCA is currently trialling a new hybrid way of working, requiring colleagues to spend 40% of their time in the office each month until the end of July. This trial period will allow us to identify the most appropriate balance of hybrid working, enabling us to benefit from the best of both working in an office environment and remotely.

The FCA’s Values & Diversity  

Our ambition is to create a diverse and inclusive workplace that reflects the society we serve, helping us to be a better regulator.

As an inclusive employer, we are open to considering flexible working arrangements. Please contact our recruiter if you wish to apply for this role on a flexible basis.

Useful Information:

• This is a permanent contract graded Senior Associate – Regulatory

The base salary range for this role is up to £80,000 (London) and up to £77,000 (National) per annum, plus an additional flexible allowance. Our competitive flexible benefits scheme gives you the opportunity to create a personalised benefits package, tailored to suit your lifecycle. You can use this allowance to purchase additional benefits such as dental or cycle to work or you have the option top up your base salary by taking this as cash.

Core benefits that you will receive as standard are:

• 25 days holiday per year
• Private medical for yourself
• Pension contributions of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach age 35).
• Life assurance of eight times your basic salary
• Income protection

If you are interested in learning more about the role please click the APPLY button.

Please note – Applications must be submitted through our online portal. Applications sent via email will not be accepted.

Closing date: 4^th August 2022