Senior Cyber Security Specialist

Join our journey to create a new experience for the National Lottery and help us to power change for the greater good.

About us:

We are Allwyn UK, part of the Allwyn Entertainment Group – a multi-national lottery operator with a market-leading presence in Austria, the Czech Republic, Greece, Cyprus and Italy.  We have been officially awarded the Fourth Licence (10 year licence) to operate the National Lottery starting February 2024.

‍We’ve developed ground-breaking technologies, built player protection frameworks, and have a proven track record of making lotteries better.  Our aim is to create one of the UK’s most inclusive organisations – where people can bring the best of themselves, to do their best work, every day, for the benefit of good causes.

Allwyn is an Equal Opportunity Employer which prides itself in being diverse and inclusive. We do not tolerate discrimination, harassment, or victimisation in the workplace.  All employment decisions at Allwyn are based on the business needs, the job requirements, and the individual qualifications.  Allwyn encourages applications from individuals regardless of age, disability (visible or hidden), sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.

While the main contribution of the National Lottery to society is through the funds to good causes, at Allwyn we put our purpose and values at the heart of everything we do.  Join us as we embark on a once-in-a-lifetime, large-scale transformation journey to build a bigger, better, and safer National Lottery that delivers more money to good causes.  

Purpose of Role: 

The role is a key analyst to operate the review of security tools to enable the timely detection of potential incidents and work with the technical teams who remediate the threats and vulnerabilities detected. They will ensure review and analyse the reports from the security tools, and follow up findings with systems owners and assign remediation targets. They will also be responsible for: 

• Responding to escalations and queries from the first & second line security operations teams  
• Threat hunting  
• Helping respond to security incidents 
• Advanced troubleshooting and investigations 
• Continuous improvement of SOC technology and processes 

Team Description: 

The Allwyn information security team’s vision is to be the leading information security function in the industry and we’ve won industry awards for our work. The purpose of the team is to protect the integrity of the National Lottery and to do so we work in a heavily regulated environment and have to secure one of the most visited websites in the UK, a very large retail channel and numerous back office systems spread across both on premise datacenters and AWS. 

We are a predominately in house team, with a strong focus on learning and development. The team is split into a Security Operations Centre (SOC), Security Architecture function and Governance Risk and Compliance (GRC) team. The 24/7 SOC is split between Watford and Knowsley and works hard to detect and respond to any external or internal threat. The security architecture function help deliver change in a secure way, focusing on designing out risk. The GRC team help manage the security risk in our supply chain, work to enhance the security culture and keep us certified to a range of national and international security standards, some of which we also help develop.

Skills & Experience: 

• A wealth of experience in a technically focused security role with ideally at least five working in an analyst or pen-tester role 
• Key experiences in handling incidents and threat / vulnerability hunting  
• Ability to write complex regular expressions.  
• Alternative experience in either a Devops role with ability to write scripts in *nix and / or windows environments at an intermediate – advanced level and ability to code in python (or similar language) to an intermediate level  
• Experience of other security technologies including but not limited to file integrity management, hardware security modules and malware detection and response tools 
• Undertaking tasks in support of the security architecture function. Primarily conducting technical risk assessments of changes proposed by projects or as part of BAU. 
• Confident skills running tools like Nmap, Nessus, Wireshark.  
• Also confident reading and analysing netflow / pcaps or at least three years' experience in using a SIEM, experience configuring and tuning alerts and alarms and ingesting new log sources; 
• Solid understanding of TCP/IP, Routing and DNS. Good understanding of network security including but not limited to firewalls and IPS. (The firewalls themselves are managed by a separate team). 
• Understanding of cryptography theory mandatory with experience of cryptographic key management desirable; 
• Experience in engaging with security vendors for fourth line support and planning and implementing upgrades. 
• Demonstrable experience of troubleshooting and problem solving under pressure. 
• Basic understanding of PCI-DSS and ISO27001 
• At least one qualification or certification in information security  
• Ability to work on an on-call basis  

 Highly Desirable:  

• hands on experience with Microsoft security tooling 

Here is our list of benefits:

• 34 days paid leave (This includes bank holidays)
• 2 x Life Days
• 4 x Salary of Life Insurance
• Pension: We’ll contribute 8.5%
• BUPA
• £500 wellness allowance
• Income Protection

As part of our onboarding processes, all successful candidates will need to complete both a Pre-Employment Screening process and a Fit & Proper check by the Gambling Commission. These checks include a DBS (an enhanced check, which shows convictions and conditional cautions), credit and social media checks. As part of our application process, you will be asked to identify in advance if you have spent or unspent convictions that we need to be aware of.

Should you not disclose convictions at the application stage, not pass the Fit & Proper Check process or not complete your Pre-Employment Screening then unfortunately you may not pass our probation process.

All data will be handled in accordance with our data policies and treated with utmost confidentiality.