Go back

​​Band 6 Senior Digital Forensics and Incident Response Specialist

University Hospitals Birmingham NHS Foundation Trust

Information:

This job is now closed

Job summary

An exciting opportunity has arisen, and we are looking to recruit a senior digital forensics and incident response specialist into an expanding cyber security team. The ideal candidate will be a team player with drive and enthusiasm; someone who understands the value of providing outstanding customer service and is able to effectively balance the need for improved cyber security with the operational needs of a large, busy hospital.

This is a hands-on technical role which also requires operational management skills. We are looking for someone with a strong technical background and significant experience across all types of incident response. This person will be one of the main escalation points for our SOC and an active member of purple team activities.

The right candidate will serve as the first responder to any cyber security incident within the department. When not responding to and managing incidents will be driving forward the DFIR team with their strategic mission, which will consist of constant reviews of processes and procedures, developing new playbooks, business continuity planning, running business-wide tabletop sessions and assessing our overall digital forensic and incident response maturity levels.

Main duties of the job

The Senior Digital Forensics and Incident Response (DFIR) Specialist is responsible for leading and executing digital investigations and incident response activities. The role requires expertise in computer forensics, network forensics, malware analysis, and incident response methodologies. The Senior DFIR Specialist will work with other members of the security team to prevent, detect, and respond to security incidents across the organisation.

The post holder will be performing highly technical duties including system analysis, malware analysis, indicator extraction, signature development, log review and network traffic analysis, threat intelligence. You will be expected to analyse forensic data, determine root cause and develop a timeline for incident response activities, articulating findings in technical detail as well as at an executive summary level. You will evaluate and improve the effectiveness of incident response policies and programs in use.

The role will be responsible in providing proactive threat detection and response capabilities across a vast technology environment encompassing both traditional on-premises and cutting-edge cloud native assets.

The postholder will play a key operational role in the development, management, and continuous improvement of the Digital Forensics and Incident Response (DFIR) services.

About us

We are recognised as one of the leading NHS Foundation Trusts in the UK. Our vision is to Build Healthier Lives, and we recognise that we need incredible staff to do this.

Our commitment to our staff is to create the best place for them to work, and we are dedicated to:

Investing in the health and wellbeing of our staff, including a commitment of offering flexible working where we can;Offer our staff a wide variety of training and development opportunities, to support their personal and career development objectives.

UHB is committed to ensuring that our staff are treated fairly and feel that they belong, by creating a kind and inclusive environment. This is about equity of opportunity; removing all barriers, including discrimination and ensuring each individual member of staff reach their true potential, achieve their ambitions and thrive in their work. This is more than words. We are taking action. Our commitment to an inclusive culture is embedded at all levels of the organisation where every voice is heard, driven by our diverse and active staff networks, and at Board level by the Fairness Taskforce led by our CEO. We nurture a culture which empowers staff to challenge discriminatory behaviours and to enable people to bring their 'whole self' to a kinder, more connected and bold place to work.

University Hospitals Birmingham is a Smoke-Free premises hospital.

Date posted

18 September 2023

Pay scheme

Agenda for change

Band

Band 6

Salary

£35,392 to £42,618 a year

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

304-1074165PM

Job locations

Yardley Court

11-13 Frederick Road, Edgbaston

Birmingham

West Midlands

B15 1JD


Job description

Job responsibilities

*Please Note : For a detailed job description for this vacancy, please see attached Job Description*

Job description

Job responsibilities

*Please Note : For a detailed job description for this vacancy, please see attached Job Description*

Person Specification

Qualifications

Essential

  • *Degree standard or equivalent in an IT related subject or with equivalent experience
  • *Certified Information Systems Security Professional (CISSP) qualification or equivalent experience
  • *Memberships and participation in relevant professional associations

Desirable

  • *Formal certification in any of the following Incident Handler, Ethical Hacker, Intrusion Analyst, Forensic Analyst

Experience

Essential

  • *Demonstrated experiences in cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments.
  • *Experience in developing procedures, policies, processes and playbooks
  • *Strong understanding of forensics tools and procedures
  • *Solid grasp of any of the following security frameworks; NCSC; NIST, ISO:27001
  • *Hands on experience delivering, maintaining and maturing business continuity management systems

Desirable

  • *Endpoint and network-based analysis.
  • *Excellent technical security knowledge of network architecture, IT infrastructure, applications, and systems including an understanding of cloud services such as MS Azure and AWS
  • *Functional knowledge of Incident Response and Cyber Security Operations along with Cyber Kill Chain, MITRE ATT@CK, NIST CSF, and how to best apply
  • *Understanding of compliance requirements and how these relate to cyber security business practices and controls

Additional Criteria

Essential

  • *Ability to remain calm and collected throughout the management and hands-on activities of a security incident
  • *Ability to manage time and work to deadlines with strong prioritisation skills
  • *Good interpersonal skills and ability to collaborate with multiple teams
  • *Willingness to learn, question and continually develop
Person Specification

Qualifications

Essential

  • *Degree standard or equivalent in an IT related subject or with equivalent experience
  • *Certified Information Systems Security Professional (CISSP) qualification or equivalent experience
  • *Memberships and participation in relevant professional associations

Desirable

  • *Formal certification in any of the following Incident Handler, Ethical Hacker, Intrusion Analyst, Forensic Analyst

Experience

Essential

  • *Demonstrated experiences in cyber-security threats, vulnerabilities, controls and remediation strategies in global enterprise environments.
  • *Experience in developing procedures, policies, processes and playbooks
  • *Strong understanding of forensics tools and procedures
  • *Solid grasp of any of the following security frameworks; NCSC; NIST, ISO:27001
  • *Hands on experience delivering, maintaining and maturing business continuity management systems

Desirable

  • *Endpoint and network-based analysis.
  • *Excellent technical security knowledge of network architecture, IT infrastructure, applications, and systems including an understanding of cloud services such as MS Azure and AWS
  • *Functional knowledge of Incident Response and Cyber Security Operations along with Cyber Kill Chain, MITRE ATT@CK, NIST CSF, and how to best apply
  • *Understanding of compliance requirements and how these relate to cyber security business practices and controls

Additional Criteria

Essential

  • *Ability to remain calm and collected throughout the management and hands-on activities of a security incident
  • *Ability to manage time and work to deadlines with strong prioritisation skills
  • *Good interpersonal skills and ability to collaborate with multiple teams
  • *Willingness to learn, question and continually develop

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

University Hospitals Birmingham NHS Foundation Trust

Address

Yardley Court

11-13 Frederick Road, Edgbaston

Birmingham

West Midlands

B15 1JD


Employer's website

https://www.uhb.nhs.uk/jobs.htm (Opens in a new tab)

Employer details

Employer name

University Hospitals Birmingham NHS Foundation Trust

Address

Yardley Court

11-13 Frederick Road, Edgbaston

Birmingham

West Midlands

B15 1JD


Employer's website

https://www.uhb.nhs.uk/jobs.htm (Opens in a new tab)

For questions about the job, contact:

Hiring Manager

Shezad Hussain

Shezad.Hussain2@uhb.nhs.uk

07977162845

Date posted

18 September 2023

Pay scheme

Agenda for change

Band

Band 6

Salary

£35,392 to £42,618 a year

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

304-1074165PM

Job locations

Yardley Court

11-13 Frederick Road, Edgbaston

Birmingham

West Midlands

B15 1JD


Supporting documents

Privacy notice

University Hospitals Birmingham NHS Foundation Trust's privacy notice (opens in a new tab)