Skip to main content

Cyber Security Operations Analyst (18MFTC)

Req ID:
Information Technology

We’re looking for a motivated and driven Security Operations Analyst to join our Cyber Security and Resilience chapter.

With over 10,000 employees and nearly 10 million customers, that’s a lot of information to keep safe. As such, we have an opportunity for an ambitious Security Operations Analyst to join us.

We have a variety of technologies available and work collaboratively to ensure that we develop our specialist skills. If the idea of working with a range of cross-functional experts in a fast paced and an ever-changing environment excites you then we would love to hear from you!

Working in our team might not be exactly like it is in action movies, there’s no high-suspense sound track, but feel free to bring your own and help us protect the business from the bad guys!

This is a fantastic opportunity with great exposure across a wide range of security areas with the opportunity to develop and build your skills further in whichever area interests you.


  • This is a hybrid role and you'll need to visit our offices in London c.twice per month and ad hoc days.
  • There is also an on-call requirement for this role.
  • This is a 12-18month fixed term contract.

Who you’ll be working with:

Reporting into our Cyber Security Operations Lead, Brian you’ll join a team of 5 Security Operations Analysts. Within Security Operations you will be working alongside the Security Engineering and Incident response teams with a view on the wider Security areas and systems within Direct Line Group. These roles reach far and wide into the whole company and require critical thinkers, who are not backwards in coming forward, to tackle the challenges that Security poses in a modern fast paced company.

What you’ll be doing:

As part of this role you’ll work with high performing teams to maintain strong oversight of the offshore 24/7 SOC, as well as manage a number of operational security services which will include;

  • Operating and maintaining data leakage prevention toolsets, responding to alerts for data loss events including investigation and management of any data loss incidents that breach corporate data handling requirements.
  • Taking responsibility for a range of operational security aspects such as management of the security certification platform, review and management of web and user access requests, governance of the firewall rule bases, vulnerability management and phishing
  • Responsible for reporting metrics on the status of technical information security controls across the DLG estate and highlighting areas for improvements
  • Monitoring and responding to emerging threat patterns & anomalies
  • Collaborating with other security teams within the business to report operational issues that may be resolved at an architectural level.

This role has a share, rotational 24/7 on-call requirement and forms pat of our information security incident response capability (at present this is c.1 per 6-8 weeks). In terms of location we’re happy for you to be based anywhere in the UK but we would expect you to visit our Bromley office c. 1-2 per month for collaboration.

Come join us and you’ll find yourself in the middle of one of the most on-the-go teams in the business, with autonomy and exposure to industry leaders on huge household brand names.

What we are looking for:

We want to make sure you’re set for success so the key skills we’re looking for in the role are below. We know not everyone ticks all the boxes and we’d still love to hear from you if not, we can provide training on certain aspects if you’re the right person for the role!

  • Knowledge and operational experience such as; firewalls, intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, KPI and certificate management, authentication solutions, switches, routers, Voice over IP (VoIP), firewall zoning & SIEM.
  • Understanding of Cloud deployments, Operating systems enterprise grade technologies and associated security risks and controls.
  • Experience or understanding of Vulnerability and Patch management within companies and effective ways to manage these.
  • Good knowledge of security / IT infrastructure
  • Good analytical skills, and experience of PowerBI would be beneficial to be able to perform data analysis to identify vulnerabilities

What we'll give you:

Here at Direct Line Group, we recognise the importance of flexibility, not only in our personal lives but also in the way we work. Our mixed model way of working offers a 'best of both worlds' approach combining the best parts of home and office-working, offering flexibility for everyone.

We’ve ditched the daily commute for a virtual first approach. If you do come into the office, there are exciting workspaces and zones you can use, depending on the type of work you are doing.

How much you’ll be in the office depends on your role, and we’ll consider the flexible working options that work best for you. Please get in touch with the team to discuss.

Be the first to know

Sign up for job alerts

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Bromley, England, United KingdomRemove

Can’t find the job you’re looking for? Register to be notified as soon as new jobs become available. Enter your email address. Choose the job category and/or enter a location that you’re interested in. And then click “Add” to add the criteria and “Sign Up” to create your job alert.