West Midlands Ambulance Service University NHS Foundation Trust

IT Security Engineer

This job is now closed

Job summary

West Midlands Ambulance Service positively welcomes diversity and aims to be a truly inclusive place to work. We are looking for self-motivated, enthusiastic people from all backgrounds that care about making a difference.

The Trust is currently under-represented in terms of people from BME backgrounds and welcomes applicants from these communities. Selection will be on a basis of merit. The Trust has achieved the status of a Disability Confident Leader and guarantees to invite to assessment applicants who meet the criteria for the job vacancy. To ensure the diversity of the workforce and understand the differing needs of our communities, the Trust is committed to the principles of Positive Action.

This hands-on technical role supports the overall development, management & delivery of the Trusts IT security programme. To provide IT security advice & support under the direction of the IT Security Architect.

Participate in the planning & implementation of policies, procedures, & processes to ensure IT security provisioning & maintenance that is consistent with the Trusts goals, industry best practice & regulatory requirements.

A proactive mindset for continuous improvement to the Trusts IT security posture & cyber resilience both on-premise & cloud based, with a particular focus on Microsoft 365 services.

Main duties of the job

Monitor, maintain, administer & develop IT security systems & solutions.

Identify, investigate & mitigate threats to the organisation.

Liaise with internal staff & external partners providing IT security advice.

Assist with infrastructure developments to include patch/update deployments, asset hardening, & secure configuration.

This role requires participation in the IT on-call rota. This may require attendance on-site outside standard office hours for remedial or planned activities. Travel to other Trust sites may also be required on an ad-hoc basis, therefore your own vehicle & a full clean UK drivers license is required. Mileage expense is available where appropriate for Trust business.

The post holder will be expected to deal with other duties appropriate to their level & post as directed by the IT Security Architect.

If this position involves a regulated activity it will require an Enhanced Disclosure & Barring Service check. The disclosure will, where appropriate to the role, include information against the Independent Safeguarding Authority barred lists for working with children, adults or both.

Where a Disclosure & Barring Service (DBS) check is required for the post, all applicants are required to cover the cost of the check. The cost of £42.50 for an enhanced check is payable to our online provider at the time that the DBS application is submitted. Upon receipt of your DBS you will then be required to sign up to the DBS online update service.

About us

We do endeavour to respond to all candidates on an individual basis. Therefore we do ask for your co-operation and patience whilst the short listing process takes place. After the closing date please ensure you check your emails (including junk mail) regularly as contact is usually made via this method.

We are proud to offer flexible working options to support our colleagues to have a greater choice in when, where and how they work. During your interview we will explore this with you and discuss your individual needs and how this could be facilitated for this role to benefit patient experience, service delivery and the work-life balance of colleagues.

If you wish to discuss and adjustments that you may need for the role of the assessment process prior to your application, then please do not hesitate to contact the recruitment team.

The Trust is proud to support our Armed Forces community and have signed up to the Step Into Health initiative. We welcome applications from Armed Forces Veterans and Service leavers.

Date posted

18 October 2023

Pay scheme

Agenda for change

Band

Band 6

Salary

£35,392 to £42,618 a year plus the relevant unsocial hours as per section 2

Contract

Permanent

Working pattern

Full-time

Reference number

C9217-183-23-24

Job locations

Ambulance Headquarters

Waterfront Business Park

Brierley Hill

West Midlands

DY5 1LX

Job description

Job responsibilities

Responsible for a range Trust IT Security policy implementation and development shaping the trusts long term IT patching cycle, to ensure a seamless and consistent delivery of IT Services.

Assist in the translation of Trust Long term strategic plans, objectives and policy decisions into operational activity and provide feedback to ensure continuous quality improvements.

Maintain high awareness of developing standards and innovations in the area of IT Security, and under the guidance of the IT Security Manager ensure the trust exploit opportunities. Both financial and technological as necessary to deliver optimal and cost-effective patient care.

Ensure services are supported to agreed hours of service to agreed service levels by participation within the on-call rota. This will require attendance on site for remedial or planned activities.

Act as an authority and provide specialist knowledge across the range of IT security procedures and practices, underpinned by theoretical knowledge and relevant practical experience. For the Trust and ensure delivery of associated IT systems and services.

Work with stakeholders to ensure clear definition and agreement of service. In particular, with relation to possible downtime during patch management. Ensure these services are delivered and possible downtime communicated as necessary.

Conduct risk assessments as appropriate and advise the Trust on IT Security concerns. Under the instruction of the IT security Manager ensure IT Security risks are clearly identified, recorded, managed and directly communicated to IT Senior Management Team accordingly.

When required, liaise with external/third parties to ensure the Trusts IT Security stance is not compromised. When completing agreed patching tasks. With relevance to external systems or services being connected to the Trusts network.

Provide specialist knowledge as required or requested by other departments on the procurement of new solutions, systems or services to ensure they comply with the Trusts IT Security Strategy.

Work with the Heads of IT Services to ensure the IT systems and services are affordable and cost effective.

To contribute to the overall development of the Trust, to identify present and future opportunities, threats and risks in the IT environment with relation to IT security.

Promote effective use of IT systems and services, developing IT Security awareness and promoting a culture of IT Security.

Be responsible for managing and maintaining the various highly complex IT Security systems and services, as well as advising on future technologies, research and development.

Participate in continued professional development, training and courses as identified ensuring skills and knowledge are kept current.

Provide specialist knowledge and advice on the effective use of Trust IT Services to staff, including promotion of the use of IT Security Policies & IT Security awareness programs.

Identify staff IT Security knowledge gaps, develop and promote an IT Security awareness program in conjunction with other departments as required.

Assist the IT Security Manager to identify and develop quality measures to ensure the highest levels of service delivery are achieved.

Carry out complex projects pertinent to the work of the Trust under the direction of the IT security Manager assisting the production of management information, reports and recommendations.

Conduct vulnerability assessments and other associated activities as appropriate underpinned by theoretical knowledge and relevant practical experience. within the Trust to Identify, remediate and mitigate risks to the Trust.

Liaise with NHS Digital, NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to CareCERT, CiSP, vendor and other specialist threat intelligence feeds.

Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch management routine as detailed in the patch management policy.

Assist the IT Security Manager with developing and maintaining an Incident Response plan and Computer Emergency Response Team in relation to severe IT Security incidents.

Take part in activities that lead to personal and/or team growth. Including responsibility for providing briefings on developments in your field of specialist knowledge.

Attend supervision and appraisal sessions with the Line Manager. Take a lead in identifying own development needs.

Lead on investigating IT Security issues using analytical & judgmental skills to fault find in addition to liaising with other staff and departments &/or external third parties as appropriate.

The post holder is expected to work with the minimum of supervision and may be expected to deal with other duties appropriate to their level and post.

Travel to other Trust sites maybe required on an ad-hoc basis, therefore your own vehicle and a full clean UK drivers license is required. Mileage expense is available where appropriate for Trust business.

Assume wider responsibilities as assigned by the IT Security Manager