Senior Threat Analyst
At Direct Line Group, we're shaping the future. With a mission to make insurance easier and better value for our customers, we embrace change in all its richness and variety. It's not just what we do; it's how we do it. We bring our whole selves to work every day and embrace fresh thinking - after all, Britain is constantly changing and to protect the nation, we adapt with it.
Across our diverse brands - including Direct Line, Churchill, Privilege and Green Flag - change takes many forms. We appreciate the knowledge and skills that each one of us brings to the business. It's hard not to be inspired by the things that make us unique. Boldness, curiosity and enthusiasm go a long way. And they're helping us transform the industry we lead.
Senior Threat Analyst
The Senior Threat Analyst reports to the Head of Threat Intelligence and Strategy. The purpose of this role is to gather threat intelligence feeds from external sources, understand the threat landscape and then integrate them into the threat framework to help ensure that the business is aware of, and protected against, new and emerging cyber security threats.
Work being a Senior Threat Analyst will involve:
- Managing the monitoring of daily intelligence feeds, analysis and development of baselines for all related risks.
- Identification, analysis and monitoring of relevant threat actors and reporting on the DLG threat landscape to the Head of Threat Intelligence and Strategy.
- Developing Threat Use Cases for new security events that require detection, containment and remediation.
- Driving information security strategy and tactical direction aligned to changing risks and threats at the strategic, tactical and operational levels.
- Collaborating with Penetration Testers to define scenario based testing covering people, process and technology.
- Working with Security Engineering, producing detailed written reports outlining the circumstances around events and incidents and adding further input into lessons identified.
- Collaborating with the Head of Threat Intelligence and Strategy to create and maintain the security testing framework.
- Responsible for collaborating with the Disaster Recovery (DR) / Business Continuity Planning (BCP) team and Security Engineering to develop and maintain the integration of cyber response scenarios in DR/BC planning.
- Collaborating with Security Enablement and Security Architecture functions to develop standards and guidelines and implement them to prevent any reoccurring security issues.
- Responsible for collaborating with the Threat Analyst in providing assurance over the effectiveness of supplier vulnerability management.
- Identifying opportunities for security controls optimisation in line with threats affecting technology supplier services and driving necessary response strategies.
- Responsible for developing and maintaining relationships with different functions within DLG to collaborate on defining standards and procedures, defining security control optimisation and remediation of vulnerabilities.
Skills & qualities you'll need:
- Experience in threat modelling, risk assessment, vulnerability assessment and penetration testing.
- Strong background in intelligence analysis.
- Communicate and present concisely and effectively based on level of management interaction.
- Knowledge of security concepts, practices and procedures.
- Knowledge of enterprise grade technologies including operating systems, databases and web applications.
- Ability to identify and understand key issues and areas for improvement in the Information Security realm.
- Motivated to delivering quality and striving for continual improvement.
- Logical thinking and analytical ability.
- Experience in network traffic analysis for identifying any developing patterns.
- Experience working in Network infrastructure and security configuration.
- Knowledge of security controls like authentication, encryption, IDS, input validation, WAFs, firewalls, HIPS, etc.
- Knowledge of TCP/IP networking and associated protocols.
- Undergraduate degree (preferably 2:1 or higher) in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math) is strongly preferred and a Master's degree in relevant field is desired.
- Security accreditations such as CISM, CISSP, M.Inst.ISP. CISA, CISM by a recognised professional body are desirable..
- Threat intelligence certification such as CREST Certified Threat Intelligence Manager is strongly preferred.