19 Jun 2017

Full-Time Security Operations Analyst

Directline Group – Posted by AdminOrpington, England, United Kingdom

Job Description

Security Operations Analyst

This is a fantastic opportunity to progress your career within the Security Operations team at Direct Line group, a market leading insurer based in Bromley.

The Security Operations Analyst is a member of the Security Engineering & Operations team, reporting to the Security Operations Lead. The purpose of this role is to manage a number of operational security services, review the security impact of infrastructure changes within the environment and monitor various toolsets for security violations.

Key Responsibilities

Information Technology Operations

  • Responsible for maintaining security certificate management requirements / functions and operationally renewing and revoking certificates as required.
  • Responsible for operating and maintaining data leakage prevention toolsets and overseeing associated procedures.
  • Responsible for managing the governance of the firewall rule bases and associated change management process.
  • Responsible for the review of web and user access requests ensuring there is valid business justification and no impact to DLG’s security posture.
  • Responsible providing security input and for maintaining relationships with the Service Management function in relation to change management, problem management and incident management.
  • Responsible for overseeing the management of web proxy policy configuration provided by third party providers.
  • Responsible for monitoring the operational security team mailbox and responding appropriately to queries/requests from the business.
  • Responsible for monitoring and responding to emerging threat patterns, vulnerabilities and anomalies and provide escalations of any unknown threats to the Security Operations Lead.
  • Responsible for reporting metrics on the status of technical information security controls across the DLG estate, highlighting risk areas and working to develop remediation plans as required.
  • Responsible for collaborating with the Security Engineering team to report appropriate operational issues that may be resolved at an architecture level.

Operational On-Call Requirement

  • This role has a shared, rotational 24 / 7 on-call requirement and also forms part of information security incident response capability.

Stakeholder Management

  • Responsible for developing and maintaining relationships with various stakeholders, including Technology Services and IT Risk.

Required Skills/Competencies

  • Experience of working in high performing teams and understanding the dynamics of teamwork in an operational security environment.
  • Knowledge and operational experience in: firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning.
  • Ability to read and understand system data including security event logs, system logs, application logs, and device logs, etc.
  • Knowledge and experience of enterprise grade technologies including operating systems, databases and web applications.
  • Knowledge and experience of performing network traffic analysis for identifying any developing patterns.
  • Ability to work both independently and as part of a team.
  • Strong analytical skills to monitor information and perform detailed data analysis to identify any vulnerabilities.
  • Ability to identify and understand key issues and areas for improvement in the Information Security realm.
  • Motivated to delivering quality and striving for continual improvement.
  • Logical thinking and analytical ability.
  • Aptitude in solving problems independently.
  • Communicate and present concisely and effectively based on appropriate level of management interaction.

Desirable Skills/Competencies

  • C#, Java, Python or PHP programming language knowledge.
  • Experience with any of the following technologies: Data Loss Prevention, Intrusion Prevention/Detection Systems, Firewalls, SIEM.

Qualifications/Certifications

  • Undergraduate degree (preferably 2:1 or higher) in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math) is strongly preferred and a Master’s degree in relevant field is desired.
  • Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body are desired.
  • Security certifications such as GIAC Certified Incident Handler (GCIH), EC-Council Certified Incident Handler (ECIH) by a recognised professional body are strongly preferred.
  • Technical certifications by a recognised professional body in network or systems engineering are desired.

Career benefits and rewards

Rewarding you is really important to us, as well as offering a competitive salary and generous holiday entitlement; you can take advantage of a wide range of benefits. The best part is you can pick and choose the benefits to suit your own lifestyle, but also pass on some of the savings to family and friends. Here are just a few we have on offer:

  • A competitive salary, benchmarked against our competitors, which will grow as you do.
  • Pension 9% of your base salary, you can choose to contribute less or more than this, and anything you don’t wish to put in to your pension you can take as cash instead!
  • Private medical insurance (anyone can choose this through our flexible benefits scheme, and managers receive this as standard)
  • Attractive holiday entitlement
  • 50% off our Home, Motor and Pet insurance
  • Free Travel insurance
  • Free Green Flag breakdown cover
  • Flexible rewards including Life insurance, income protection, critical illness insurance, personal accident insurance
  • Retail card, with discounts at big name retailers
  • My Discounts – a discounts website for all our employees, with great discounts, cash back savings and offers across hundreds of brilliant  high street brands, travel, tickets, gym memberships and much more.

Who we are
Direct Line Group is an organisation with a clear mission: to make insurance much easier and better value for customers. We are one of the leading motor, home and small business insurers in the UK. We are home to some of the nation’s best-known brands, including Direct Line, Churchill, Privilege, Green Flag and NIG.

Closing date – Undisclosed

To apply for this role click here to register your interests.

 

How to Apply

To apply for this role click the link shown above.

Job Categories: Other and sECURITY. Job Types: Full-Time and Permanent. Job Tags: Directline Group, diversity, equality, full time, inclusion, London - Bromley, permanent, and Security Operations Analyst. Salary: Competitive.

Apply for this Job