Senior Cyber Operations Engineer

We’re First Central Insurance & Technology Group (First Central for short), an innovative, market-leading insurance company. We protect the things customers love so they can get on with what matters to them in life. 

Data drives us. It fuels our outstanding distribution, finance, technology and legal services. Our underwriting skills are built on data expertise; it creates the insights we need to give the right cover to the right customers at the right price. But, it’s the people inside and outside our business that power us. They make us stand out, help us succeed. We’re ambitious. We’re growing. We’ve won awards.   

Are you ready to take your career to the next level in a dynamic and fast-paced environment? We’re on the lookout for a Senior Cyber Operations Engineer to become a key player in our cutting-edge technology and data teams.

Working as the Senior Cyber Operations Engineer you’ll be supporting the Cyber function in delivering the IT Support / Corporate Services business objectives and implementation of the Cyber strategy to meet business infrastructure and platform needs and growth targets. You’ll be responsible for designing, implementing, and supporting Cyber Security solutions and services to support the delivery of the Cyber Security Strategy. This role will take overall responsibility of engineering within the Cyber Security Team, providing technical guidance and compliance support to the wider business units. Furthermore, this role will be responsible for supporting CSOC members during investigations and BAU activities, ensuring the stable operation and resilience of the organisation IT security Infrastructure.

Could you fit the bill? We're big on working flexibly - you'll spend most of your time working from home, with occasional visits to the office.  But of course, it’s your choice - if you prefer to be in the office more - that's good with us too.  We have offices located in Haywards Heath, West Sussex, Salford Quays, Manchester, and Guernsey it’s your choice – if you live further afield, we’ll accept applications for remote workers! 

Core skills we’re looking for to succeed in the role: 

• Technical Expertise: You’ll possess a strong understanding of several core technology areas, including cloud providers, cloud security, endpoint management, and information protection, with 5+ years of experience in configuration and security operations to excel in this role.
• Security Automation: You’ll need strong experience in automating security operations through various scripting and automation platforms to streamline incident response, threat detection, and vulnerability management. Expertise in orchestrating automated workflows for security operations is essential.
• Cloud Security: You’ll possess deep knowledge of securing cloud environments, including virtual machines and cloud-based infrastructure, with a focus on automated policy enforcement, identity protection, and compliance monitoring. Familiarity with cloud-native security solutions and practices is critical.
• Cloud Identity and Access Management (IAM): You’ll have expertise in cloud-based identity protection, policy enforcement, and implementing Zero Trust security controls to safeguard users, devices, and data in the cloud. Strong understanding of access control and identity management frameworks.
• Threat Detection & Response: You’ll have strong capability in incident response, proactive threat hunting, and the development of custom detection queries to identify suspicious activities and behaviours. Experience with automated response mechanisms and behavioural analysis is highly valued.

Powering the business with the right tools

What’s involved:

• You’ll provide leadership support in the absence of the Cyber Security Lead when required.
• You’ll mentor and support the development of Cyber Security team members.
• You’ll offer technical expertise in cyber security engineering, contributing to the establishment of best practices, security configurations, and documentation of security processes and controls.
• You’ll design, implement, and monitor security measures for protecting information systems and networks, ensuring the security infrastructure is resilient and responsive.
• You’ll support upgrades, implementations, and testing in collaboration with IT, Business Change, and other stakeholders.
• You’ll work closely with teams to identify and improve security controls and recovery mechanisms for threats and incidents.
• You’ll assist in planning, developing, and testing corporate cyber security controls and processes.
• You’ll adhere to change management protocols for all security implementations.
• You’ll provide technical support for software audits to ensure compliance.
• You’ll identify potential improvements to IT systems and infrastructure from a cyber security perspective.
• You’ll engage with vendors and suppliers to enhance security services and build strong relationships.
• You’ll ensure all system and procedural documentation is accurate, up-to-date, and effective.
• You’ll identify and develop new skills aligned with changing technologies and business needs.
• You’ll ensure compliance with all relevant industry standards and regulations (FCA, TCF, DPA, H&S).at all times.
• You’ll maintain an up-to-date knowledge of information governance, legal and regulatory compliance, and apply it to security operations.
• You’ll engage in Requirement gathering and workshop facilitation.
• You’ll collaborate with solutions and enterprise architects.
• You’ll attend to all company mandatory training within given timeframes.
• You’ll engage in regular performance reviews.

Job Specific Competencies:

• Strong understanding of core security principles, cloud security, endpoint management, and information protection, with over 5 years of experience in configuration and operations.
• Extensive knowledge of infrastructure technologies such as virtual environments, server systems, and firewalls, with experience in securing and maintaining these environments.
• Support and act as a senior advisory on the design, implementation, establishment, and management a Cyber Security function
• Experience with Automation to reduce overhead within BAU activity and streamline processes.
• Expertise in designing, implementing, and managing Cyber Security functions, including penetration testing, risk assessment, and vulnerability remediation.
• Proactive attitude toward identifying and implementing opportunities for automation and process optimization within security operations.
• Excellent analytical & problem-solving skills, identifying root causes and offering solutions.
• Assist in the delivery of Cyber Security workstreams, assessing impact on IT service.
• Understanding data complexity and how to implement data solutions based on Cyber and infrastructure requirements (PCI/ISO/Regulatory)
• Ability to communicate with and inspire others.
• Experience of compiling reports detailing activity and progress along with project plans to within accurate timescales.
• Ability to prioritise multiple projects using Agile methodologies.
• The ability to explore new service or business possibilities.
• Good understanding of project management and methodologies
• Ability to interpret complex business issues into IT requirements and complex IT requirements and translate this to the business.
• Extensive knowledge of, and experience in the private lines insurance business, the aggregator marketplace and the core business functions of a general insurance provider
• Experience with Automation to reduce overhead within BAU activity and streamline processes.

Skills & Qualifications

• Relevant Cyber Security certifications
• Experience managing cloud infrastructure and data centres, with strong knowledge of network and firewall security.
• 5 years’ experience in Cyber Security engineering, with a strong emphasis on automation and cloud security
• Strong network and firewall knowledge
• Strong experience in using SIEM tools and other monitoring solutions to detect and respond to threats
• Production of reports which inform priority and recommended actions to enhance Cyber Security service delivery.
• Excellent communication and interpersonal skills
• Strong analytical and problem-solving skills
• A proactive and ‘can do’ attitude to challenge the status quo and support our continual improvement programme.

Behaviours

• Security by default approach to delivery
• Self-motivated and enthusiastic
• A quick thinker with a ‘can do’ attitude and an aptitude for creativity
• An organised and pro-active approach
• Demonstrates an ability to help others and is approachable.
• Experienced at building relationships with internal customers.
• Takes initiative to make decisions.
• A flexible approach and positive attitude
• Ability to work on own initiative and as part of a team.
• Emphasis on attention to detail and accuracy
• Strives to drive business improvements to contribute to the success of the business.
• Embrace, embed, and incorporate the company values.

Ready to make a positive impact? Apply now and be part of something big!

What can we do for you?

People first. Always. We’re passionate about our colleagues and know the best people deserve an extraordinary working environment. We owe it to them so that’s what we offer. Our workplaces are energetic, inspirational, supportive. To get a taste of the advantages you’ll enjoy, take a look at all our perks in full here. 

Intrigued? Our Talent team can tell you everything you need to know about what we want and what we’re offering, so feel free to get in touch.