Skip to main content

CISO Governance, Risk and Compliance Analyst

Req ID:
Risk & Compliance

About us

We are Direct Line Group – home to some of the country's best-known brands including Direct Line, Churchill, Privilege, Greenflag and NIG. Our vision is to create a world where insurance is personal, inclusive, and a force for good, and our purpose is to help people carry on with their lives, giving them peace of mind now and in the future.

DLG is at an important stage in its evolution to be a technology and data company. Following a few years of significant build and transformation of core assets, ranging from telephony to core customer-facing platforms, an Agile transformation for key segments of our business is bedding in with the intent of better serving our customers at pace. However, there is more to do!  

The role:

As one of our CISO Governance, Risk & Compliance Analysts you will be responsible for supporting our Governance Risk and Compliance (GRC) team for CISO & Technology Services, facilitating the team in understanding and documenting the Compliance, IT and Supply Chain risk position.

You will look to continually increase technology resilience and reduce technology risk by embedding a culture of security and resilience through behaviours, designs and controls that underpin the DLG Vision and Strategic Objectives.

N.B This is a hybrid role and you'll need to be in our London office c.2-4 times per month.

Who you’ll be working with:

You’ll join our  Governance, Risk & Compliance team who are part of our CISO function and report into our Risk Lead. Our CISO function has been re-energised and comprises of Cyber Defence Centre, Business Resilience, Governance, Risk & Compliance, Privacy & Information Management, Strategy & Operating Office and Security Innovation & Enablement.

What you’ll be doing:

  • Manage the team mailbox and communication channels, triaging engagements and transferring them appropriately
  • Support meetings, with internal and external stakeholders, managing actions and ensuring they are completed
  • Administer and maintain data within the GRC tool suite
  • Perform an initial triage on concerns and issues raised with the team
  • Assist the team in gathering and interpreting information and evidence
  • Identifying and documenting risks, performing initial assessments and provide recommendations
  • Manage a logs and actions that result from technology and information security incidents, updating as information becomes available
  • Build relationships with stakeholders to facilitate the transfer of knowledge between teams
  • Assist in the reporting and monitoring of team metrics, reporting any issues to the GRC Leadership Team

What you’ll need:

  • Experience of using the Microsoft Office Suite
  • Excellent communication and stakeholder management skills
  • Ability to work independently and proactively
  • A problem solver with an analytical and curious mindset
  • Desire to develop a career in technology and cyber security
  • Desire to work towards obtaining professional qualifications (e.g. CISSP, CRISK, ISO27001 Lead Implementer/Auditor, PCI ISA)

Ways of Working

Here at Direct Line Group, we recognise the importance of flexibility, not only in our personal lives but also in the way we work. Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone.

How much you'll be in the office depends on your role, and we'll consider the flexible working options that work best for you. You can find out more about our flexible working approach or please get in touch with the team to discuss.


We recognise we wouldn't be where we are today without our colleagues, that's why we offer such excellent benefits designed to suit you as and when you need them:

  • 9% employee contributed pension
  • 50% off home, motor and pet insurance plus free travel insurance and Green Flag breakdown cover
  • Additional optional Health and Dental insurance
  • Up to 10% bonus
  • EV car scheme allows all colleagues to lease a brand new electric or plug-in hybrid car in a tax efficient way.
  • 25 days holidays
  • Buy as you earn share scheme
  • Employee discounts and cashback

Life at Direct Line Group

Direct Line Group is an equal opportunity employer. We value diversity and we're committed to making DLG a truly inclusive place to work.

We recognise and embrace that people work in different ways and we'll always adapt as much as possible so you have the best and most comfortable working environment that we can offer. We know you're more than a CV, and the things that make you, you, can bring real potential to DLG.

If you need us to make any adjustments to our recruitment process, speak to our recruitment team who will be happy to support you.



Sign up for job alerts

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Risk & Compliance, Bromley, England, United KingdomRemove

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.