Cyber Security Operations Lead

Guernsey, Haywards Heath, Home Office (Remote) or Manchester
up to £65,000 depending on experience
Technology and Data
Apply for this job

We’re First Central Insurance & Technology Group (First Central for short), an innovative, market-leading insurance company. We protect the things customers love so they can get on with what matters to them in life. 

Data drives us. It fuels our outstanding distribution, finance, technology and legal services. Our underwriting skills are built on data expertise; it creates the insights we need to give the right cover to the right customers at the right price. But, it’s the people inside and outside our business that power us. They make us stand out, help us succeed. We’re ambitious. We’re growing. We’ve won awards.   

You’re always ready for anything, and we mean anything. Together we make it happen.  It’s a great place to work… 

Our Cyber Operations team need a pro active, agile and problem solving Cyber Security Operations Lead, who knows a thing or two about core technology areas and their configuration, such as Sentinel, MCAS and Defender. You'll have been involved in end-to-end Penetration testing from scoping to remediation and ideally have the CISSP (Certified Information Systems Security Professional) qualification. If you're an expert in the use of security frameworks such as Mitre ATT&CK, NIST or the ISF’s Standard of good practice - all the better!

Supporting the Cyber Operations function, you'll ensure objectives and the Cyber Strategy is truly rooted in the business. With responsibility for the Security Operations Centre Services (SOCS) , you'll lead the team to ensure there are protective monitoring systems, notifications and alerting, identification and reporting of real time attacks and vulnerabilities on the estate.

We're big on working flexibly - you'll spend most of your time working from home, with a couple of days a month in the office.  But of course, it’s your choice - if you prefer to be in the office more - that's good with us too.  We've offices located in Haywards Heath, West Sussex, Salford Quays, Manchester, Guernsey and Gibraltar, its your choice - or maybe you live further afield, we will accept applications for home workers! 

We’d love to have you on the team if:

  • You're a natural when it comes to analytical and problem-solving skills, lets say identifying root causes and offering innovative and cost optimised solutions are your powers.
  • Strong time management and self-discipline are your tools of your trade!
  • Excellent stakeholder management skills up to C-Suite - its your thing.

Powering the business with the right tools

Job Responsibilities:

  • Support the Head of IT Operations in defining strategic roadmaps.
  • Implement and maintain 1st / 2nd line security incident / event management, escalation and technical response process and investigate suspected and actual incidents / events. Acting as a key escalation point in the team to the relevant team/individual.
  • Design, implement, manage, monitor, and upgrade security measures for the protections of the information systems and networks.
  • Support out of hours upgrades/implementations and testing in conjunction with Business Change, Technology, and other stakeholders.
  • To participate in a 24/7 on-call rota to respond to security alerts and adhere to the requirements and responsibilities of the on-call policy.
  • Work with relevant control owners/teams to understand and identify areas for improvement on the identification of and recovery from information security threats and incidents.
  • Support the planning, development, documentation, implementation and testing of the corporate cyber security controls and processes.
  • Adhere to change management processes for all implementations.
  • Assist in software auditing ensuring compliance.
  • Provide support to all other departmental staff and ensure delivery of requested services.
  • Identify and feedback any potential improvements from a cyber perspective to IT systems and infrastructure.
  • Responsible for ensuring all system & procedural documentation is accurate, effective, and up to date.
  • Line management duties including coaching and development of Cyber Operations Analysts.
  • Comply with the requirements, and act in accordance with, the Group Code of Conduct and Fitness and Propriety policies at all times.
  • Ensure compliance with Company Policies, Values and guidelines and other relevant standards/ regulations at all times.

Job Specific Competencies:

  • Strong understanding of at least 5 of the following 6 core technology areas (Sentinel, MCAS, Defender, Office365 Security, DLP) including their configuration (excess of 5 years’ experience).
  • Experience of end-to-end Penetration testing from scoping to remediation
  • Excellent analytical & problem-solving skills, identifying root causes and offering innovative and cost optimised solutions.
  • Assist in the delivery of Cyber Security workstreams, assessing impact on IT service security to prioritise actions.
  • Strong time management and self-discipline skills.
  • Experience of compiling reports detailing activity and progress along with project plans to within accurate timescales.
  • Excellent stakeholder management skills for end users all the way up to C-Suite.

Skills & Qualifications

  • Certified Information Systems Security Professional (CISSP)(Preferable)
  • Web Application Security.
  • Experience in creating and maintaining BAU runbooks, use-case definitions, and operating procedures.
  • Expertise in the use of security frameworks such as Mitre ATT&CK, NIST or the ISF’s Standard of good practice.
  • Strong administration of Azure Cloud and Data Centres infrastructure
  • Strong network and firewall knowledge.
  • Significant experience in using analysis tools and working with Azure.
  • SIEMs, SOCs and other vendors to produce reports and performance reports which inform priority and recommended actions to enhance.
  • 5 years’ experience in Cyber Security related duties.
  • Excellent communication and interpersonal skills.
  • Strong analytical and problem-solving skills.
  • Azure and cyber security accreditation preferable.


  • Security by default approach to delivery.
  • Self-motivated and enthusiastic.
  • A quick thinker with a ‘can do’ attitude and an aptitude for creativity.
  • An organised and pro-active approach.
  • Demonstrates an ability to help others and is approachable.
  • Experienced in building relationships with internal and external stakeholders
  • Takes initiative to make decisions.
  • A flexible approach and positive attitude.
  • Ability to work on own initiative and as part of a team.
  • Emphasis on attention to detail and accuracy.
  • Strives to drive business improvements to contribute to the success of the business.
  • Embrace, embed and incorporate the company values.

Go on, lets take a look at your application and see if you're ready for anything? 

What can we do for you?

People first. Always. We’re passionate about our colleagues and know the best people deserve an extraordinary working environment. We owe it to them so that’s what we offer. Our workplaces are energetic, inspirational, supportive. To get a taste of the advantages you’ll enjoy, take a look at all our perks in full here. 

Intrigued? Our Talent team can tell you everything you need to know about what we want and what we’re offering, so feel free to get in touch.

Apply for this job


86% of people would recommend a friend to work at First Central

Based on 164 Glassdoor reviews (March 2022)


View all benefits >

Simply Health Cash Plan

Simply Health Cash plan. Reclaim the cost of your eye tests, dental, physiotherapy and more

Flexible Bank Holidays

Eight flexible bank holidays; you can choose which festivals you observe


We’re passionate about it. Everyone gets a paid day off annually to volunteer

Electric Car Scheme

Plug into our Electric Car Scheme for a deal with insurance, road tax and servicing

Flexible Working

We’re flexible; most roles let you mix office and home working. We work fluidly around core hours

Your Time in Need

Your Time in Need: five days’ leave so you can deal with life stuff. We’ll support you