Rodeo
ResourcesPartnersSign in

Financial Conduct Authority

Cyber Policy Lead

City of Edinburgh
£53.8k – £70k/yr
Posted about 19 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Cyber Policy Lead

Division: Operations
Department: Cyber and Information Resilience

Salary:

  • National (Edinburgh and Leeds) ranging from £53,800 to £65,000
  • London from £59,200 to £70,000
    (salary offered will be based on skills and experience)

This role is graded as: Senior Associate, Regulatory

Your external recruitment contact is Raimonda via Raimonda.Stankute@fca.org.uk
Your internal recruitment contact is Fizah via FizahFarouk.Ibrahim@fca.org.uk

Applications must be submitted through our online portal. Applications sent via social media or email will not be accepted.

About the FCA and team

We regulate financial services firms in the UK, to keep financial markets fair, thriving and effective. By joining us, you’ll play a key part in protecting consumers, driving economic growth and shaping the future of UK finance services.

The Cyber and Operational Resilience directorate enables secure and resilient regulation across the FCA and PSR, supporting the protection of UK consumers and financial markets. This Senior Associate sits within the Policy & Risk team, part of the wider Governance and Human Risk function.

The role focuses on the management and maintenance of the Cyber & Information Resilience Policy Framework, including associated standards, procedures and guidance.

Role responsibilities

  • Maintain and refresh the cyber policy framework by managing policy and standards updates in line with agreed review/refresh cycles and making out-of-cycle updates where material changes are required
  • Modernise and simplify the policy & standards suite, exploring improved formats (e.g., “standards on a page”) to increase usability and adoption across the organisation
  • Serve as the FCA-wide point of contact for policy requirements, handling BAU and project-related queries and providing clear, consistent interpretations of published requirements
  • Manage and track policy non-compliance and exceptions, including owning and modernising the Policy Waiver process and ensuring issues are surfaced and understood by relevant stakeholders
  • Conduct policy gap analysis and horizon scanning, identifying emerging risks, regulatory/industry changes and required updates to keep the framework current and effective
  • Support articulation of the organisation’s Cyber Risk Appetite through the policy framework, ensuring requirements align to risk tolerance and are understood across the business
  • Enable a new self-service policy model for low-risk projects, helping define requirements and controls that balance agility with the FCA’s risk appetite
  • Provide reporting and governance support by assisting the Risk lead with controls performance measurement and supporting the GHR Manager/CISO with reporting on cyber issues, audit/risk engagements and organisational non-compliance; additionally supporting specialist investigation teams and HR with policy interpretation where needed

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Skills required

Minimum:

  • Experience in designing, drafting and maintaining policies, standards and procedures across their full lifecycle.
  • Framework knowledge: Solid working knowledge of industry standards such as ISO 27001, NIST Cybersecurity Framework (CIS), CIS Controls

Essential:

  • Security Domain Knowledge: Understanding of technical security controls, including network security, cloud security, identity and access management and vulnerability management.
  • Working knowledge of Information Management practices and Data Privacy legislation
  • Stakeholder management: proven record in dealing with stakeholders at all levels (including Director level)
  • Experience in delivering organisational change
  • Risk identification, articulation and management

Benefits

  • 25 days annual leave plus bank holidays
  • Non-contributory pension (8–12% depending on age) and life assurance at eight times your salary
  • Private healthcare with Bupa, income protection and 24/7 Employee Assistance
  • 35 hours of paid volunteering annually
  • Hybrid model where employees work a minimum of 40% in the office each month (expectation of 50% for senior leaders). Changing from September to a minimum of 50% in the office each month (expectation of 60% for Directors and Executive Directors)
  • A flexible benefits scheme designed around your lifestyle

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

For a full list of our benefits and our recruitment process as a whole visit our benefits page.

Our values and culture

Our colleagues are the key to our success as a regulator. We are committed to fostering a diverse and inclusive culture: one that’s free from discrimination and bias, celebrates difference and supports colleagues to deliver at their best. We believe that our differences and similarities enable us to be a better organisation – one that makes better decisions, drives innovation and delivers better regulation.

If you require any adjustments due to a disability or condition, your recruiter is here to help - reach out for tailored support. We welcome diverse working styles and aim to find flexible solutions that suit both the role and individual needs, including options like part-time and job sharing where applicable.

Disability confident: our hiring approach

We’re proud to be a Disability Confident Employer and therefore, people or individuals with disabilities and long-term conditions who best meet the minimum criteria for a role will go through to the next stage of the recruitment process. In cases of high application volumes we may progress applicants whose experience most closely matches the role’s key requirements.

Useful information and timelines

Timeline:

  • Job advert close: 11:59pm on Tues 28th July 2026
  • CV Review/Shortlist: Thursday 30th July 2026
  • Interview: w/c 3rd August 2026 onwards

Your Recruiter will discuss the process in detail with you during screening for the role, therefore, please make them aware if you are going to be unavailable for any date during this time.

At the FCA, we’re creating a fair and more resilient financial system. We’re establishing more transparent relationships between financial services and their customers, building trust in financial markets and protecting vulnerable consumers. Click here to learn more about the FCA.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Policy Design
Policy Drafting
ISO 27001
NIST Cybersecurity Framework
CIS Controls
Network Security
Cloud Security
Identity And Access Management
Vulnerability Management
Information Management
Data Privacy Legislation
Stakeholder Management
Organisational Change
Risk Identification
Risk Management
Gap Analysis

Location

City of Edinburgh, Scotland, United Kingdom

Sign up to applySee more jobs like this