Cloud Assurance Lead

Cloud Assurance Lead

Division – Cyber and Information Resilience

Salary – National (Edinburgh and Leeds) ranging from £59,100 to £90,800 and London £64,900 to £99,700 per annum (Salary offered will be based on skills and experience)

About the FCA  

The FCA regulates the conduct of 45,000 firms in the UK to ensure our financial markets are honest, fair and competitive. Follow this link to find out more About the FCA.

The Cyber and Information Resilience division was established in response to the growing threat of cyber security risks and the FCAs increasing reliance on data to effectively regulate the financial sector and ensure markets function well. This team integrates the key disciplines of cyber and information security, information management and data privacy, providing a cohesive approach to safeguarding information and supporting regulatory objectives.

The team is primarily focused on the following key objectives:

• Assuring services to ensure our systems, infrastructure, suppliers and business processes are compliant with our policies and the FCA’s risk appetite

• Validating that operational decisions are made in accordance with our security policies and standards and do not increase the FCA’s overall risk exposure

• Analysing compliance with the fundamental processes and plans required to manage risk and safeguard our most important assets

• Determining that appropriate governance measures and controls are in place to ensure identified cyber risks and vulnerabilities are properly prioritised

What will you be doing? 

• Champion cloud security assurance across AWS, Azure and Salesforce—bringing strategic focus and hands-on leadership, with a strong emphasis on AWS environments

• Implement and manage Cloud Security Posture Management (CSPM) tools, including AWS Security Hub and third-party SaaS platforms, enhancing compliance and threat resilience

• Align cloud control frameworks to NIST standards—driving risk reduction through control testing, assurance processes and thoughtful architecture reviews

• Collaborate closely with product teams, IT groups and senior stakeholders, guiding technical discussions and creating shared understanding across diverse audiences

• Mentor and inspire a team of cloud assurance analysts, fostering a culture of continuous improvement while tracking key metrics (KPIs, KRIs) to measure effectiveness

• Shape the future of a maturing function by influencing tooling, modelling and compliance approaches—bringing an agile mindset and solution-focused energy to every challenge

What you will get from the role 

• Take ownership of a dynamic and varied security portfolio, working closely with senior leaders and key stakeholders across the FCA to drive impactful change

• Lead and shape the cloud assurance agenda, ensuring robust security and compliance in a fast-evolving digital landscape

• Become the go-to AWS SME, providing expert guidance on compliance and assurance across multiple divisions

• Innovate and contribute to an evolving team within the FCA and develop the next generation of cloud assurance professionals

• Expand and deepen your cloud technical expertise, gaining hands-on experience with cutting-edge solutions

• Play a key role in advancing cyber and information assurance initiatives within the FCA, contributing to critical security strategies

Which skills are required? 

We are a Disability Confident Employer; therefore, disabled people or individuals with long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process (to learn more about the Disability Confident Scheme Click Here). 

Minimum  

• Prior experience leading cloud assurance initiatives and governance across AWS, Azure, with a hands-on and strategic focus on enhancing AWS security posture, visibility and control effectiveness

• Prior experience of line management and leading and nurturing cyber security teams, combining strong technical direction with a people-first approach to mentoring and development

• Prior experience working hands-on with Cloud Security Posture Management (CSPM) and SSPM tools—applying these platforms to enhance visibility, support compliance and strengthen cloud security in collaborative, fast-paced environments taking a threat focussed approach

Essential

• Significant experience in stakeholder management at all levels and line management experience.

• Demonstrable expertise in cloud security architecture and implementation

• Certified in AWS Solutions Architecture or AWS Security Specialist, with Certified Cloud Security Professional (CCSP) accreditation or active progress toward achieving it—demonstrating a growth mindset and strategic cloud security expertise

• Demonstrable experience conducting cloud threat risk assessments and good understanding of threat methodologies such as Stride

• Proven ability to define and track key security metrics, set tolerance for compliance including KPIs and KRIs, with alignment to NIST frameworks

• In-depth understanding of cloud security frameworks and compliance requirements including adoption of a shift left approach to deploying IaC (Infrastructure as Code)

Our Values & Diversity 

We are proud to be an inclusive employer and our ambition is to cultivate a culture for all employees that respects their individual strengths, views and experiences. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation and delivers better regulation. 

Within the workplace you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions. 

Did you know? 50% of our Executive Committee were the first in their family to attend university. 

Benefits of working at the FCA  

• 25 days holiday per year plus bank holidays

• Hybrid working (work from home up to 60% of your time)

• Private healthcare with Bupa

• A non-contributory Pension of at least 8% of basic salary each month (there are several contribution levels that increase depending on your age – up to 12% a month once you reach age 35)

• Life assurance of eight times your basic salary

• Income protection

We also have a competitive flexible benefits scheme which gives you the opportunity to create a personalised benefits package, tailored to suit your lifestyle. 

We welcome applications from candidates who are looking for flexible arrangements.  Many of our staff work flexibly including working part-time, staggered hours and job shares. We can’t promise to give you exactly what you want but we can explore what might work best for both sides. 

Follow this link to see what life is like at the FCA - Life at the FCA 

Application Support  

We are dedicated to removing barriers and ensuring our application process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible. 

If you have an accessibility need, disability, or condition requiring changes to the recruitment process, please contact your recruiter using the details below and they will be happy to discuss this further with you. 

Useful Information and Timeline

• This role is graded as Lead Associate- Regulatory

• SC Clearance is required for this role (SC Guidance)- you will hold or will be required to obtain Security Clearance (SC) level vetting

• Advert Closing Date:  21/10/2025

• CV Review/Shortlist: 23/10/2025

• Interview: w/c 27/10/2025

• Case Study Assessment: w/c 03/11/2025

When submitting your application, please tailor your CV to highlight how you meet the minimum and essential requirements above

Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.  

Got a question? 

If you are interested in learning more about the role, please contact Steve Christopher on [email protected] 

Applications must be submitted through our online portal. Applications sent via email will not be accepted