Lead Cyber Security Engineer

Join our journey to create a new experience for the National Lottery and help us to power change for the greater good.

About us:

We are Allwyn UK, part of the Allwyn Entertainment Group – a multi-national lottery operator with a market-leading presence in Austria, the Czech Republic, Greece, Cyprus and Italy.  We have been officially awarded the Fourth Licence (10 year licence) to operate the National Lottery starting February 2024.

‍We’ve developed ground-breaking technologies, built player protection frameworks, and have a proven track record of making lotteries better.  Our aim is to create one of the UK’s most inclusive organisations – where people can bring the best of themselves, to do their best work, every day, for the benefit of good causes.

Allwyn is an Equal Opportunity Employer which prides itself in being diverse and inclusive. We do not tolerate discrimination, harassment, or victimisation in the workplace.  All employment decisions at Allwyn are based on the business needs, the job requirements, and the individual qualifications.  Allwyn encourages applications from individuals regardless of age, disability (visible or hidden), sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.

While the main contribution of the National Lottery to society is through the funds to good causes, at Allwyn we put our purpose and values at the heart of everything we do.  Join us as we embark on a once-in-a-lifetime, largescale transformation journey to build a bigger, better, and safer National Lottery that delivers more money to good causes.  

Role Purpose:

This role will be key to our approach to Cyber Defence at Allwyn, managing the engineers, toolsets, processes and capabilities required to effectively deliver a world class security operations Centre. Responsibilities will include managing security engineering toolset.

The role will be focused on developing and maintaining the technology and capabilities we have deployed.

You will be joining an exciting and growing area and will be instrumental in supporting and advancing the operational security capabilities of the Cyber Security Team. There will be opportunity to work on and establish new Security Projects, as well as provide an advisory role to other elements of the business on best practice.

The role will require establishing relationships with key stakeholders in Risk, Technology and Operations, as well as establishing yourself as a SME for cyber security within the organisation.

Role Responsibilities:

Advanced and Predictive Analytics

Lead advanced and predictive analyses and perform assessments based on the Mitre ATT&CK framework. Will also be required to do validation, and enhancement activities, using predictive analytics' software tools and functionalities as well as the correlating testing activities to ensure quality of the use cases. Correlation monitoring using multiple SIEM technologies will be required to ensure that the SOC achieves its objective of being a threat led organisation. Will be required to gather forensic data and physical equipment to perform forensic investigation when necessary. You will be required to act as incident responder for potential incidents identified and where necessary lead the incident responder.

Data and Analytics Strategy

Drives and provides guidance and training to others on analysing data trends for use in security use cases to guide the development of the Security toolset. Improve data and analytics systems and platforms, contribute and continuously improve and refine the data and analytics security strategy. Conduct security assessments regularly to identify vulnerabilities and performing risk analysis. Analyse breaches to reach the root cause. Generate reports for IT administrators, business managers, and security leaders. These reports serve as an input to evaluate the efficacy of the security controls. Perform forensic analysis and gather evidence for correlation monitoring using multiple SIEM technologies.

Security Improvement through AI

Leads on Creating artificial intelligence algorithms that identify potential patterns or indicators of compromise in security logs, to be used in the defence of the environment. Ensure the proactive development of all new machine learning activities are in alignment to identified threats by using your extensive knowledge of the threat landscape.

Cloud Security

Have expert knowledge of both Aws an Azure security controls and be able to design,implement and maintain all security controls required by the business including knowledge of but not limited to (Azure – AIP;Defender;Azure AD;key vaults;log shipping ect  AWS – Guard duty;security hub;trusted advisor;config;cloudtrail;cloudwatch;inspector ect)

Be the subject matter expert on all Azure security tooling.

Implementation and design of required security measures such as firewalls or message encryption.

Planning and Organizing

Uses comprehensive knowledge and skills to drive productivity of the team by providing guidance and training to others on planning, organizing, prioritizing, and managing activities to efficiently meet business objectives. Lead on updating Protective Monitoring/SOC documentation, processes and procedures and ensure consistency.

Key Skills and Experience:

Ability to work under pressure

Have 1-3 years’ experience in a similar role

In-depth understanding of the cyber threat landscape and advances adversary tactics

The role requires an expert knowledge and experience of Linux; Windows; Azure; AWS; Sentinel;Paulo Alto and Cyberark.

Threat Modelling and Mitre Att&ck.

In-depth knowledge of a scripting language preferably python

Desirable Skills:

Previous experience in a similar role

Relevant Cloud experience

Qualifications:

CISSP

AWS Certified Security – Specialty

Azure security engineer

Here is our list of benefits:

• 34 days paid leave (This includes bank holidays)
• 2 x Life Days
• 4 x Salary of Life Insurance
• Pension: We’ll contribute 8.5%
• BUPA
• £500 wellness allowance
• Income Protection

As part of our onboarding processes, all successful candidates will need to complete both a Pre-Employment Screening process and a Fit & Proper check by the Gambling Commission. These checks include a DBS (an enhanced check, which shows convictions and conditional cautions), credit and social media checks. As part of our application process, you will be asked to identify in advance if you have spent or unspent convictions that we need to be aware of.

Should you not disclose convictions at the application stage, not pass the Fit & Proper Check process or not complete your Pre-Employment Screening then unfortunately you may not pass our probation process.

All data will be handled in accordance with our data policies and treated with utmost confidentiality.