Security Services Analyst

At Direct Line Group insurance is just the start. Combining decades of industry experience with talented people in every field from data technology customer care and auto repair to HR finance and procurement were a customerobsessed market powerhouse. And we all work together to be brilliant for customers every single day.

Were evolving to be a more digitallyfocused datadriven insurance company of the future and your unique talent skills and ideas can drive our success. Like us you thrive on collaboration exploration and innovation. And like you we take tech seriously. Thats why were embracing the move to a more digital flexible world. With constant investment in the newest tools programmes and equipment for our teams it all adds up to creating the best possible user experience for customers. And a great career for you. Join us. Own the evolution.

We have an exciting opportunity for a Security Services Analyst to join our Security Operations team as part of our reenergised CISO function! Reporting into the Security Operations Lead youll be responsible for maintaining strong oversight of the Security Services within DLG managing a number of operational security services reviewing the security impact of operational changes within the environment and monitoring various toolsets for security violations. We are looking for someone with strong stakeholder and customer management skills with the ability to communicate technical challenges in a nontechnical manner. Youll also be responsible for creating and maintaining our relationships with our wider business colleagues around security services.

This is a 12month Fixedterm contract/secondment opportunity with two working days from our London office.

What youll be doing:

• Overseeing the daytoday operational delivery of security services provided to our internal DLG customers. These services include exceptions processing firewall modifications business query responses and certificate management.

• Making appropriate reclassifications within our web proxy policy configuration and fulfilment of exception requests alongside our engineering SMEs.

• Management of the security certificate provisioning platform including all operational functions. This includes alerting key stakeholders scheduled and adhoc reporting renewal and revocation of certificates and updates to procedural documentation.

• Maintaining general security oversight of the technical infrastructure within the responsibilities of the security services team and raising concerns/issues that pose a security risk to the organisation accordingly.

• Managing and approving changes to the firewall rule bases alongside networking SMEs and associated change management processes

• Review and management of web and user access requests ensuring there is valid business justification and no impact to DLGs security posture. Providing appropriate governance and risk awareness as required.

• Providing security input and maintaining relationships with the Service Management function in relation to change management problem management and incident management.

• First point of contact for ticket queues and responding appropriately to queries/requests from the business.

• Providing awareness campaigns to our customers when threat intelligence professionals identify upcoming or emerging threats

• Reporting metrics on the status of requests received by the team and adherence to DLG KPIs and SLAs ensuring we deliver a great service to our customers.

• Collaborating with the CISO and external teams within the business to report appropriate operational issues that may be resolved at an architecture level.

• Approval of Elevated Privilege requests and Privileged access management request that will come from different areas of the business and ensure that they have a good understanding of the impact of these.

What youll need:

• Strong stakeholder management skills including the ability to work with customers with varied levels of technical skillsets.

• Knowledge and operational experience in firewalls antivirus and content filtering URL filtering authentication solutions switches routers Voice over IP (VoIP) firewall zoning and PKI infrastructure.

• Good understanding of ITSM systems and process flows.

• Knowledge and experience of enterprisegrade technologies including operating systems databases and web applications.

• Knowledge and experience of performing network traffic analysis for identifying any developing patterns.

• Experience with endpoint management solutions such as virus protection & other prevention solutions

It would be beneficial if you have:

• Fundamental Cloud Concepts for AWS

• OWASP Top 10: API Security Playbook

• Knowledge of Microsoft cloud services and Security suites

• AWS Cloud Security Best Practices

• Experience with any of the following technologies: Data Loss Prevention Intrusion Prevention/Detection Systems Firewalls SIEM.

• Knowledge of reporting and automation suites such as Power BI

• ITIL Foundation

• CompTIA Security or CompTIA CySA equivalent certification

• Certified networking credential (CCNA or equivalent)

• Technical certifications by a recognised professional body in network or systems engineering

Closing date: 4th April

Ways of Working

Our mixed model way of working offers a best of both worlds approach combining the best parts of home and officeworking offering flexibility for everyone. How much youll be in the office depends on your role and well consider the flexible working options that work best for you.

Read our flexible working approach here.

Benefits

We wouldnt be where we are today without our people and the wide variety of perspectives and life experiences they bring. Thats why we offer excellent benefits to suit your lifestyle and a flexible working model combining the best parts of home and officeworking varying with the nature of your role. Our core benefits include:

• 9 employer contributed pension

• Up to 10 bonus

• 50 off home motor and pet insurance plus free travel insurance and Green Flag breakdown cover

• Additional optional Health and Dental insurance

• EV car scheme which allows all colleagues to lease a brand new electric or plugin hybrid car in a tax efficient way.

• 25 days annual leave

• Buy as you earn share scheme

• Employee discounts and cashback

• Plus many more!

Being yourself

Difference makes us who we are. We believe everyone should feel comfortable to bring their whole selves to work thats why we champion diverse voices build workplaces that work for people and invest in the things that matter. From senior leadership to inclusivity networks adaptive working to inclusion training weve made it our mission to give you everything you need to be authentically you. Discover more at directlinegroupcareers

Together were one of a kind.

#LIHybrid

#LIGY