Security Tech Lead

Vacancy Type:
Data Governance & Architecture
About The Role

DAS UK Group are recruiting for an IT Security Tech Lead with good technical, organisational and communication skills to join the Architecture and Governance team at the forefront of DAS’ security strategy. This role will help the company to understand security threats and create strategies to protect DAS’ assets and interests.

As well as ensuring the confidentiality, integrity and availability of DAS’ information and information systems, this position will focus on three key areas:

  • The assessment of information risk and facilitate remediation of identified vulnerabilities within the company’s network, systems and applications;
  • The strategy, road mapping and planning of security in the organisation; and
  • The management of the security team and SOC including, driving the IT Security strategy, leading projects, co-ordinating the team’s work and mentoring, coaching and developing them.

Working closely with colleagues in Architecture and Governance and the wider organisation, this role will proactively assess and communicate risk and ensure compliance across DAS UK Group, as well as keeping up to date with new developments and adherence to security best practice. The successful candidate will also be involved with reporting and event analysis, general analysis and recommendations across the system development life cycles as well as lead security reviews across the enterprise.

About You

In addition to the above, we are looking for candidates that can demonstrate:

  • A good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Cyber Essentials, OWASP);
  • Knowledge and adherence to data protection legislation and regulatory requirements (e.g. GDPR, FCA SYSC, PCI DSS);
  • Extensive experience and understanding of security analysis tools, defensive technologies and other security technologies (e.g. SIEM, VAS, IDS/IPS, Firewalls, IAM, NAC, patch management, anti-malware);
  • A good understanding of security incident management and incident response processes and activities;
  • Sound working knowledge of authentication technologies (e.g. two-factor, multifactor);
  • Good knowledge of “BeyondCorp” principles (e.g. limiting access to confidential information, limiting remote access to applications, differentiating between corporate and personal devices, trusted endpoints);
  • Knowledge of endpoint security solutions (e.g. HIDS, anti-malware, file integrity, DLP);
  • AWS and cloud platforms (e.g. SaaS, IaaS, PaaS);
  • System administration, supporting multiple platforms and applications;
  • Skills in conducting vulnerability scans and identifying vulnerabilities in systems;
  • Good awareness of the current Threat Landscape;
  • A good understanding of modern malware: execution methods, persistence, detection, delivery mechanisms and entry points; and
  • Experience delivering presentations and supporting messaging to leadership teams.
Qualifications (desirable):
  • CISSP: Certified Information Systems Security Professional
  • ISO/IEC 27001 Lead Implementer / Auditor
About The Company
As a market leader in the Legal Expenses Insurance market we have undergone rapid growth in recent years.

Thousands of businesses, motorists and individuals defend or pursue legal action each year safe in the knowledge that DAS are paying their legal bills. We have always been aware that it is the people that really make it happen; the quality of our people defines the quality of the company and the standard of service we offer.

DAS are owned by the ERGO Insurance Group, one of the major insurance groups in Germany and Europe and are dedicated to the development of the best staff in the industry. At DAS, we don’t simply talk about our values they are at the heart of everything we do. They guide us with the way that we work and provide the framework for how we do business. ‘Doing the right thing’ is central to our behaviour – from building  trust, being accountable, putting our customer at the heart of everything that we do which we believe drives performance

We believe it is an exciting time to join DAS. You can expect an organisation that will challenge and develop you to progress your career.  

By giving you every opportunity to develop yourself professionally and personally, we also pride ourselves on having an open, inclusive and high energy culture that encourages a fun working environment and places our customers at the very heart of everything we do.

If you are keen to become part of our exciting future then we would love to hear from you. In addition to the very genuine development opportunities we provide we also offer an extremely generous reward and benefits package.