We are looking for a skilled individual to join FSCS as an IT Security Analyst. This role will be responsible for a wide variety of technical and administrative information security tasks. In addition, it will play a key role in helping to administer and enforce the key components of FSCS Information Security Program in the efforts to ensure the security and integrity of the Scheme’s infrastructure and key assets. You will be responsible for partnering with team members across the Scheme and our key outsource business partners to ensure the policies are effectively executed and enforced
FSCS is a long-established organisation with an enviable reputation for quality and success. We protect consumers when financial services firms fail. It’s the compensation scheme for customers of UK authorised financial services firms. Since 2001 we’ve helped millions of people and paid out billions of pounds. It’s completely free to consumers and independent of government and the financial industry.
At FSCS we recognise and reward people’s hard work and contribution and actively support personal and professional development. Our people make a difference to other people’s lives and we like to recognise their impact through social events, team lunches and away days, fund raising activities and giving back events.
We are committed to ensuring that there are no barriers when applying for our roles. All our roles are offered with flexibility in mind plus we are keen to make any reasonable adjustments to enable you to fulfil the role. We offer all roles as either part time or full time with the added benefit of flexible working. We practice award winning diversity and inclusion and enhance both maternity and paternity leave plus recognise the wider needs of employees with disabilities and other groups such as carers and older workers.
FSCS is non-profit and independent and a great place to work if you enjoy making a difference to people’s lives.
We put the customer at the heart of everything we do at FSCS. Our values are designed to ensure that all staff can affect the impact on our customers:
- We always do what we say we will do. People can trust us to deliver.
- We put FSCS and what FSCS is trying to achieve above all else.
- We have the humility to acknowledge when we are wrong and learn from our mistakes.
- We encourage constructive and appropriate challenge.
- We are brave and honest in questioning each other and receptive to questions ourselves.
- We strive daily to add greater value for all our customers.
- We believe in our collective strength. We work better together.
- We respect each other’s expertise and use it to achieve common goals.
- We work as one to do what we agree is right
What the role will deliver
- Work with SoC team and manage/co-ordinate security incidents through the lifecycle
- Provide support to the Infrastructure & Security Manager by analysing IT processes & infrastructure to design and optimise Information Security solutions e.g. DLP, Ransomware, Threat protection, O365, Cloud, Email, SIEM
- Provide advisory and consulting support to help the organisation improve its security posture and adhere to security policies and expected controls
- Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions.
- Serve as a key liaison point between the IT Security Team and the business, gaining business support for IT controls and security efforts
- Assist in the support and operation of FSCS’s security solutions with our partners and contribute to the analysis of information managed by those systems along with the related follow-up action items.
- Assist in the creation of information security policies and procedures and the related security awareness programs to both end users and technical staff.
- Threat monitoring and intelligence gathering
- Perform periodic and ad-hoc system security audits and assessments. Assist in the coordination of third parties to help complete the required assessments when relevant.
- Participate and help coordinate various types of security investigations (e.g. discovery activity) upon request.
- Report security performance against established security metrics
- Ensure security compliance and meets all service level agreement requirements
- Work effectively with internal IT SME’s and those at hosting provider to deliver security services
What I Need to Know
- Understanding of information security concepts such as security architecture and design, Information security standards and technical security risk assessment.
- Knowledge of common information security management frameworks (ISO 27001, NIST Cybersecurity, CIS Controls).
- Technical knowledge of network, server, desktop and security component e.g. Windows Server 2012, Windows 10, Office 365, VMware, firewall, IPS, web proxy, Antivirus, SIEM, OWASP
- Although professional certifications would be a distinct advantage (e.g. CISSP, CCSP, CEH); any experience through professional career will also be considered
- Minimum of 2 years of related information technology and cyber security experience within Financial Services or similar regulated organisation
- Experience of security incident handling/ response
- Experience of Vulnerability Management, Security Incident Management, Security monitoring & reporting, Access management.
- Some Experience of Network management (e.g. Cisco firewall, switches, IPS, ISE) , server management ( e.g. Microsoft Windows 2012, Windows 10, VMware 6) and Cloud infrastructure Management (Azure/Office365 management)
- Extensive knowledge of the latest technical and security, relevant legislation, current guidance and best practice
- Ability to conduct research/investigation into security issues
- Ability to analyse complex information, assess risks and respond appropriately to make and facilitate informed decisions.
- Willingness to record, capture and document all tasks and projects without exception through the appropriate IT process/procedure.
- Highly self-motivated, self-directed, and attentive to detail with ability to effectively prioritise and execute tasks in a high-pressure environment
- Good organisation skills with a logical, analytical approach to solving IT problems and the ability to prioritise work to meet demands and deadlines of both IT support and IT development
- Ability to work on your own initiative whilst at the same time adhering to strict IT policies and procedures
- Excellent customer management skills, seeking feedback and driving a culture of continuous improvement
We have a generous benefits package offering a competitive salary, 26 days’ holiday plus Bank Holidays, contributory pension, discretionary bonus, 20 weeks fully paid maternity and paternity leave, health and dental insurance and more. We are based in the City of London in corporate offices with excellent access to major transport links.