Band 6 Senior Cyber Security Incident Response & Risk Officer

University Hospitals Birmingham NHS Foundation Trust

This job is now closed

Job summary

An exciting opportunity has arisen, and we are looking to recruit a senior cyber security incident response and risk officer into an expanding cyber security team. The ideal candidate will be a team player with drive and enthusiasm; someone who understands the value of providing outstanding customer service and is able to effectively balance the need for improved cyber security with the operational needs of a large, busy hospital.

Responsible for the overall cyber security incident management, we are looking for someone who has excellent knowledge of information security risk management and containment strategies and a good understanding of cyber security policy standards and guidelines.

Serve as the first responder to any cyber security incident within the department and perform vital functions in identifying, mitigating, reviewing, documenting, and reporting findings. Evaluate potential information security risks and ensure their corresponding risk exposures are appropriately addressed. Enhance our cyber security readiness for cyber security incidents and uplift our capabilities to tackle future emerging cyber risks.

Main duties of the job

This role requires excellent knowledge of Information Security Risk Management & containment strategies. Knowledge of Penetration testing and risk assessment methodologies, clear understanding of cyber security policy standards and guidelines. The role also requires the post holder to have an in-depth understanding of vulnerability management, threat monitoring and information security methodologies.

The Cyber Security Senior Incident Response & Risk Officer will be responsible for establishing and managing a structured, yet flexible approach for managing information security risk and monitor risk and would perform regular risk assessments. The role is also expected to keep watch for emerging threat and compliance mandates to perform effective Cyber security Risk Management.

The post holder will also support and ensure forensic investigation and incident response procedures comply with standard operating procedures, processes, policies, guidelines, and forensics best practices.

Examine and analyse security events or incidents, and investigate significant issues, related to technology infrastructure. Employ technical, investigative and analytical skills to solve a wide range of complex issues or problems.

About us

We are recognised as one of the leading NHS Foundation Trusts in the UK. Our vision is to Build Healthier Lives, and we recognise that we need incredible staff to do this.

Our commitment to our staff is to create the best place for them to work, and we are dedicated to:

Investing in the health and wellbeing of our staff, including a commitment of offering flexible working where we can;Offer our staff a wide variety of training and development opportunities, to support their personal and career development objectives.

UHB is committed to ensuring that our staff are treated fairly and feel that they belong, by creating a kind and inclusive environment. This is about equity of opportunity; removing all barriers, including discrimination and ensuring each individual member of staff reach their true potential, achieve their ambitions and thrive in their work. This is more than words. We are taking action. Our commitment to an inclusive culture is embedded at all levels of the organisation where every voice is heard, driven by our diverse and active staff networks, and at Board level by the Fairness Taskforce led by our CEO. We nurture a culture which empowers staff to challenge discriminatory behaviours and to enable people to bring their 'whole self' to a kinder, more connected and bold place to work.

Date posted

29 August 2023

Pay scheme

Agenda for change

Band

Band 6

Salary

£35,392 to £42,618 a year

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

304-1074224PM

Job locations

Yardley Court

11-13 Frederick Road, Edgbaston

Birmingham

West Midlands

B15 1JD

Job description

Job responsibilities

*Please Note : For a detailed job description for this vacancy, please see attached Job Description*

Job description

Job responsibilities

*Please Note : For a detailed job description for this vacancy, please see attached Job Description*

Person Specification

Qualifications

Essential

*Educated to Degree level or equivalent qualification/experience
*Evidence of relevant continued professional development
*Certified Information Systems Security Professional (CISSP) qualification or equivalent experience

Experience

Essential

*Extensive experience in cyber security, with a focus on incident response and risk management
*Strong knowledge and awareness of Governance, Risk Management methodologies.
*Excellent knowledge of information security, related business processes and control.
*Knowledge of information security standards, codes of practice and guidelines such as ISO27001, NIST, NCSC
*Knowledge of risk assessment procedures, policy formation, role-based authorisation methodologies, authentication technologies
*Demonstrated experiences in cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments

Additional Criteria

Essential

*Ability to remain calm and collected throughout the management and hands-on activities of a security incident
*Ability to manage time and work to deadlines with strong prioritisation skills
*Good interpersonal skills and ability to collaborate with multiple teams
*Willingness to learn, question and continually develop

Person Specification

Qualifications

Essential

*Educated to Degree level or equivalent qualification/experience
*Evidence of relevant continued professional development
*Certified Information Systems Security Professional (CISSP) qualification or equivalent experience

Experience

Essential

*Extensive experience in cyber security, with a focus on incident response and risk management
*Strong knowledge and awareness of Governance, Risk Management methodologies.
*Excellent knowledge of information security, related business processes and control.
*Knowledge of information security standards, codes of practice and guidelines such as ISO27001, NIST, NCSC
*Knowledge of risk assessment procedures, policy formation, role-based authorisation methodologies, authentication technologies
*Demonstrated experiences in cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments

Additional Criteria

Essential

*Ability to remain calm and collected throughout the management and hands-on activities of a security incident
*Ability to manage time and work to deadlines with strong prioritisation skills
*Good interpersonal skills and ability to collaborate with multiple teams
*Willingness to learn, question and continually develop

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information