Job Description

Remote

Data Confidentiality is a function of the Security Operations & Cyber Defence Department and includes Detection Engineering, Digital Forensics & Incident Response (DFIR), Threat Intelligence & Analytics, Security Monitoring & Threat Hunting, Cyber Engineering & Emulation as core components and service areas.


The Data Confidentiality Analyst ('DC Analyst') supports the Data Confidentiality function in implementing the Admiral 2.0 Diversification Agenda, with respect to all matters relating to Data Confidentiality, Models and Principles. Ensuring across all EUI, compliance with Security Standards (NIST, CIS, ISO 27001), PCI DSS, DPA 2018, EU GPDR and other appropriate industry standards, and to support the overall organisational strategy.


The DC Analyst will work with the Cyber Security & IT departments with respect to control capability to ensure business requirements for all related risks are within tolerance.


Key Responsibilities


Prepare and maintain documentation for Data Confidentiality controls. Own stakeholder engagement and requirements gathering for mitigating controls. Configure and manage control capabilities including detection, exceptions, target groups, and responses. Ensure governance and stakeholder sign-off for all Data Confidentiality measures. Collaborate with the Security Operations Centre and external providers to meet incident response and consequence management needs. Liaise with Cyber Security, Risk, and Assurance teams to assess current risks, threat landscape, and vulnerabilities. Partner with data risk owners to assess control effectiveness and recommend improvements. Define, test, and deploy Data Confidentiality controls, both functional and non-functional. Ensure controls are integrated throughout project phases, including application development and acquisitions. Review and enhance Data Loss Prevention strategies to mitigate data exfiltration risks. Report residual risks, vulnerabilities, and non-compliance issues. Review risk assessments and audit findings to recommend mitigation strategies. Support security incident resolution and participate in investigations and compliance reviews. Contribute to the development of security architecture, policies, and standards. Evaluate and recommend security solutions aligned with future business needs. Ensure security processes and SLAs meet business requirements.

Experience and skills required


Experience liaising with Business & IT peers delivering Data Confidentiality controls is mandatory. CIS, NIST, COBIT, ISO 27001, PCI DSS knowledge & experience highly desired. An inquisitive thought process to identify current and potential data risk to Admiral. Knowledge of Data Loss Prevention controls will be very desirable. Aptitude to learn.

Admiral: Where You Can


We take pride in being a diverse and inclusive business. It's a place where you can Be You, and show up as you are. We're committed to fostering a people-first culture where everyone is accepted, supported, and empowered to be brilliant. You can, Grow And Progress at a pace and direction that suits you, Make A Difference for our customers and each other, and Share in Our Future with all colleagues eligible for up to 3,600 of free shares each year after one year of service.


Everyone receives 33 days holiday (including bank holidays) when they join us, increasing the longer you stay with us, up to a maximum of 38 days (including bank holidays). You also have the option to buy or sell up to an additional five days of annual leave.


We're proud of our people-first culture. In fact, we've been recognised as a Great Place to Work for Women, a Great Place to Work for Wellbeing, and an overall Great Place to Work for over 25 years! We're fully committed to making sure your progression is not slowed or halted by barriers related to race, gender, age, sexuality or any of the protected characteristics.


Our fantastic benefits make sure our colleagues have a great work-life balance; You can view some of our other key benefits here.


#LI-KG1