AddressAt Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement , we’re a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day.
We’re evolving, to be a more digitally-focused data-driven insurance company of the future – and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That’s why we’re embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution.
We have an exciting opportunity for a Security Analyst to join our Security Operations team as part of our re-energised CISO function. Reporting into the Security Operations Lead, you'll be responsible for maintaining strong oversight of our third party 24x7 Security Operations Centre and managing a number of operational security services related to this (including DDoS, Web Application Firewall, Intrusion Prevention & Detection, File Integrity Monitoring, Vulnerability Scanning, Privileged Access Management, SIEM). You'll participate in the rotational 24/7 security incident response capability, acting as the point of contact for all security related response actions and decisions when required. You'll also provide security input for the Service Management function in relation to change management, problem management and incident management, and will develop and maintain relationships with various internal and external stakeholders, including Technology Services and IT Risk.
What else you'll be doing:
- Operating and maintaining data leakage prevention toolsets, responding to alerts for data loss events including investigation and management of any data loss incidents that breach corporate data handling requirements and/or industry standards (such as PCI DSS).
- Maintaining security oversight of the technical infrastructure delivered by third party suppliers and raising concerns that pose a security risk to the organisation
- Operational support of the security certificate provisioning platform, including all operational functions. This includes alerting key stakeholders, scheduled and ad-hoc reporting, renewal and revocation of certificates and updates to procedural documentation
- Managing the governance of the firewall rule bases and associated change management process
- Overseeing the management of web proxy policy configuration provided by third party providers
- Monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and provide escalations of any unknown threats to relevant areas within the company.
- Reporting metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop and manage remediation plans as required
Operational On-Call Requirement
- This role has a shared, rotational 24 / 7 on-call requirement and forms part of information security incident response capability.
What you'll need:
- Knowledge and operational experience in: firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, Network and Cloud Architecture , Voice over IP (VoIP), firewall zoning and PKI infrastructure.
- Ability to read and understand system data including security event logs, system logs, application logs, and device logs
- Knowledge and experience of enterprise grade technologies including operating systems, databases and web applications.
- Knowledge and experience of performing network traffic analysis for identifying any developing patterns.
It would be beneficial if you have:
- Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM.
- Knowledge of reporting suites such as Power BI
- Good understanding of Microsoft security suites and associated qualifications
- Threat identification
- Fundamental Cloud Concepts for AWS
- OWASP Top 10: API Security Playbook
- Security Analysis for CompTIA CySA+ or similar level of certification
- Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body
- Technical certifications by a recognised professional body in network or systems engineering
Ways of Working
This role is based out of our London Bridge office. Our hybrid model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. When you'll be in the office depends on your role, but most colleagues are in 2 days a week, and we'll consider the flexible working options that work best for you.
Read our flexible working approach here
Benefits
We wouldn’t be where we are today without our people and the wide variety of perspectives and life experiences they bring. That’s why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include:
- 9% employer contributed pension
- Up to 10% bonus
- 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover
- Additional optional Health and Dental insurance
- EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way.
- 25 days holiday (rising by 1 each year to 28) + bank holidays and option to buy or sell up to 5 days
- Buy as you earn share scheme
- Employee discounts and cashback
- Plus many more!
Being yourself
Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work – that’s why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we’ve made it our mission to give you everything you need to be authentically you. Discover more at directlinegroupcareers.com
Together we’re one of a kind.
#LI-Hybrid
#LI-BB1
