FCA
Finance / FinServ
CyberPolicyLead
“Cyber Policy Lead at FCA. Skills: Cyber Policy, Policy Framework Management, Risk Management, Stakeholder Management. Maintain and refresh the cyber policy framework by managing policy and standards updates in line with agreed review/refresh cycles and making out-of-cycle updates where material changes are required. Modernise and simplify the policy & standards suite, exploring improved formats (e.g., “standards on a page”) to increase usability and adoption across the organisation”
Industry & Context.
policy gap analysis
What They're Looking For.
Must Have
Experience in designing, drafting and maintaining policies, standards and procedures across their full lifecycle., Solid working knowledge of industry standards such as ISO 27001, NIST Cybersecurity Framework (CIS), CIS Controls, Understanding of technical security controls, including network security, cloud security, identity and access management and vulnerability management., Working knowledge of Information Management practices and Data Privacy legislation, proven record in dealing with stakeholders at all levels (including Director level), Experience in delivering organisational change, Risk identification, articulation and management
What You'll Do.
Maintain and refresh the cyber policy framework by managing policy and standards updates in line with agreed review/refresh cycles and making out-of-cycle updates where material changes are required
Modernise and simplify the policy & standards suite
exploring improved formats (e.g.
“standards on a page”) to increase usability and adoption across the organisation
Serve as the FCA-wide point of contact for policy requirements
handling BAU and project-related queries and providing clear
consistent interpretations of published requirements
Manage and track policy non-compliance and exceptions
including owning and modernising the Policy Waiver process and ensuring issues are surfaced and understood by relevant stakeholders
Conduct policy gap analysis and horizon scanning
identifying emerging risks
regulatory/industry changes and required updates to keep the framework current and effective
Support articulation of the organisation’s Cyber Risk Appetite through the policy framework
ensuring requirements align to risk tolerance and are understood across the business
Enable a new self-service policy model for low-risk projects
helping define requirements and controls that balance agility with the FCA’s risk appetite
Provide reporting and governance support by assisting the Risk lead with controls performance measurement and supporting the GHR Manager/CISO with reporting on cyber issues
audit/risk engagements and organisational non-compliance; additionally supporting specialist investigation teams and HR with policy interpretation where needed
How You'll Work.
Team & Collaboration
Serve as the FCA-wide point of contact for policy requirements; ensuring issues are surfaced and understood by relevant stakeholders; supporting specialist investigation teams and HR with policy interpretation where needed
Communication Scope
providing clear, consistent interpretations of published requirements
Applying for this Cyber Policy Lead role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about FCA?
Real rants from real employees. Read before you apply.