At Direct Line Group, insurance is just the start. Combining decades of industry experience with talented people in every field from data, technology, customer care and auto repair, to HR, finance and procurement, we’re a customer-obsessed market powerhouse. And we all work together to be brilliant for customers, every single day.
We’re evolving, to be a more digitally-focused data-driven insurance company of the future – and your unique talent, skills and ideas can drive our success. Like us, you thrive on collaboration, exploration and innovation. And like you, we take tech seriously. That’s why we’re embracing the move to a more digital, flexible world. With constant investment in the newest tools, programmes and equipment for our teams, it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution.
We have an exciting opportunity for a Security Services Analyst to join our Security Operations team as part of our re-energised CISO function! Reporting into the Security Operations Lead, you'll be responsible for maintaining strong oversight of the Security Services within DLG, managing a number of operational security services, reviewing the security impact of operational changes within the environment and monitoring various toolsets for security violations. We are looking for someone with strong stakeholder and customer management skills, with the ability to communicate technical challenges in a non-technical manner. You'll also be responsible for creating and maintaining our relationships with our wider business colleagues around security services.
This is a 12-month Fixed-term contract/secondment opportunity with two working days from our London office.
What you'll be doing:
* Overseeing the day-to-day operational delivery of security services provided to our internal DLG customers. These services include exceptions processing, firewall modifications, business query responses and certificate management.
* Making appropriate reclassifications within our web proxy policy configuration and fulfilment of exception requests alongside our engineering SME’s.
* Management of the security certificate provisioning platform, including all operational functions. This includes alerting key stakeholders, scheduled and ad-hoc reporting, renewal and revocation of certificates and updates to procedural documentation.
* Maintaining general security oversight of the technical infrastructure within the responsibilities of the security services team and raising concerns/issues that pose a security risk to the organisation accordingly.
* Managing and approving changes to the firewall rule bases alongside networking SME’s and associated change management processes.
* Review and management of web and user access requests, ensuring there is valid business justification and no impact to DLG’s security posture. Providing appropriate governance and risk awareness as required.
* Providing security input and maintaining relationships with the Service Management function in relation to change management, problem management and incident management.
* First point of contact for ticket queues and responding appropriately to queries/requests from the business.
* Providing awareness campaigns to our customers when threat intelligence professionals identify upcoming or emerging threats.
* Reporting metrics on the status of requests received by the team and adherence to DLG KPI’s and SLA’s, ensuring we deliver a great service to our customers.
* Collaborating with the CISO and external teams within the business to report appropriate operational issues that may be resolved at an architecture level.
* Approval of Elevated Privilege requests and Privileged access management requests that will come from different areas of the business and ensure that they have a good understanding of the impact of these.
What you'll need:
* Strong stakeholder management skills including the ability to work with customers with varied levels of technical skillsets.
* Knowledge and operational experience in firewalls, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning and PKI infrastructure.
* Good understanding of ITSM systems and process flows.
* Knowledge and experience of enterprise-grade technologies including operating systems, databases, and web applications.
* Knowledge and experience of performing network traffic analysis for identifying any developing patterns.
* Experience with endpoint management solutions such as virus protection & other prevention solutions.
It would be beneficial if you have:
* Fundamental Cloud Concepts for AWS.
* OWASP Top 10: API Security Playbook.
* Knowledge of Microsoft cloud services and Security suites.
* AWS Cloud Security Best Practices.
* Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM.
* Knowledge of reporting and automation suites such as Power BI.
* ITIL Foundation.
* CompTIA Security + or CompTIA CySA+ equivalent certification.
* Certified networking credential (CCNA or equivalent).
* Technical certifications by a recognised professional body in network or systems engineering.
Closing date: 4th April
Ways of Working
Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone. How much you'll be in the office depends on your role, and we'll consider the flexible working options that work best for you.
Benefits
We wouldn’t be where we are today without our people and the wide variety of perspectives and life experiences they bring. That’s why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and office-working, varying with the nature of your role. Our core benefits include:
* 9% employer contributed pension.
* Up to 10% bonus.
* 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover.
* Additional optional Health and Dental insurance.
* EV car scheme which allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way.
* 25 days annual leave.
* Buy as you earn share scheme.
* Employee discounts and cashback.
* Plus many more!
Being yourself
Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work – that’s why we champion diverse voices, build workplaces that work for people, and invest in the things that matter. From senior leadership to inclusivity networks, adaptive working to inclusion training, we’ve made it our mission to give you everything you need to be authentically you. Discover more at directlinegroupcareers.com
Together we’re one of a kind.
#LI-Hybrid
#LI-GY
#J-18808-Ljbffr