West Midlands Ambulance Service University NHS Foundation Trust

Senior IT Security Engineer

The closing date is 16 March 2026

Job summary

An exciting opportunity has become available for a Senior IT Security Engineer to join our well established team

The successful applicant will be responsible for a range Trust IT Security policy implementation and development shaping the trusts long term IT patching cycle, to ensure a seamless and consistent delivery of IT Services

Applicants must have achieved, or evidence of working towards & ability to obtain recognized IT Security qualifications such as CISMP, CISSP, CASP along with at least 3 years experience in an IT role which should include IT security as a responsibility & dealing with vulnerabilities, risks & threats

The successful applicant must be able to take part in the teams out of hours on-call rota (1 in 3) this will attract an additional 9.5% on-call allowance in addition to the band 6 salary & section 2 unsocial hours enhancements. The on-call rota includes covering outside standard office hours, public holidays, and weekends. There may be a requirement to attend Trust sites in-person across the West Midlands at short notice

Please note, a full UK driving licence is essential for this post

If you require sponsorship, we would encourage you to contact the Recruitment team in the first instance to check your eligibility before applying.

Main duties of the job

West Midlands Ambulance Service University NHS Foundation Trust is committed to creating an inclusive, supportive, and accessible workplace for everyone where our colleagues feel empowered to succeed.

Each person plays a vital part to ensuring our organisation meets the differing needs of our communities ultimately enabling us to save lives. We acknowledge that a workforce that reflects the communities that it serves provide better patient care and we are therefore looking for self-motivated, enthusiastic people from all backgrounds that care about making a difference to our patients.

We are committed to diversity and inclusivity at all levels. We are proud to have maintained Disability Confident Leader status and as part of our commitments to this we guarantee to invite all applicants who meet the essential criteria for a role to attend assessment or interview. If you have a disability or learning difficulty, and prefer to disclose it, please feel free to do so in your application. You can also contact the Recruitment Team via email at recruitment@wmas.nhs.uk if you wish to have a confidential discussion. We use this information, with your permission, to ensure you are fully supported during the recruitment process.

The Trust is proud to support our Armed Forces community and have signed up to the Step Into Health initiative. We welcome applications from Armed Forces Veterans and Service leavers.

About us

Please note, artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting ideas and experiences of others or generated by AI as your own) applications may be withdrawn and internal applicants may be subject to disciplinary action.

If this position involves a regulated activity it will require an Enhanced Disclosure & Barring Service check. The disclosure will, where appropriate to the role, include information against the Independent Safeguarding Authority barred lists for working with children, adults or both

Where a Disclosure & Barring Service (DBS) check is required for the post, all applicants are required to cover the cost of the check.

We do endeavour to respond to all candidates on an individual basis. Therefore we do ask for your co-operation and patience whilst the short listing process takes place. After the closing date please ensure you check your emails (including junk mail) regularly as contact is usually made via this method.

We are proud to offer flexible working options to support our colleagues to have a greater choice in when, where and how they work. During your interview we will explore this with you and discuss your individual needs and how this could be facilitated for this role to benefit patient experience, service delivery and the work-life balance of colleagues.

Date posted

18 February 2026

Pay scheme

Agenda for change

Band

Band 6

Salary

£38,682 to £46,580 a year plus the relevant unsocial hours & 9.5% on call

Contract

Permanent

Working pattern

Full-time

Reference number

C9217-218-25-26

Job locations

Ambulance Headquarters

Waterfront Business Park

Brierley Hill

West Midlands

DY5 1LX

Job description

Job responsibilities

Responsible for a range Trust IT Security policy implementation and development shaping the trusts long term IT patching cycle, to ensure a seamless and consistent delivery of IT Services.

Assist in the translation of Trust Long term strategic plans, objectives and policy decisions into operational activity and provide feedback to ensure continuous quality improvements.

Maintain high awareness of developing standards and innovations in the area of IT Security, and under the guidance of the Head of IT Security ensure the trust exploit opportunities. Both financial and technological as necessary to deliver optimal and cost-effective patient care.

Ensure services are supported to agreed hours of service to agreed service levels by participation within the on-call rota. This will require attendance on site for remedial or planned activities.

Act as an authority and provide specialist knowledge across the range of IT security procedures and practices, underpinned by theoretical knowledge and relevant practical experience. For the Trust and ensure delivery of associated IT systems and services.

Work with stakeholders to ensure clear definition and agreement of service. In particular, with relation to possible downtime during patch management. Ensure these services are delivered and possible downtime communicated as necessary.

Conduct risk assessments as appropriate and advise the Trust on IT Security concerns. Under the instruction of the Head of IT Security ensure IT Security risks are clearly identified, recorded, managed and directly communicated to IT Senior Management Team accordingly.

When required, liaise with external/third parties to ensure the Trusts IT Security stance is not compromised. When completing agreed patching tasks. With relevance to external systems or services being connected to the Trusts network.

Provide specialist knowledge as required or requested by other departments on the procurement of new solutions, systems or services to ensure they comply with the Trusts IT Security Strategy.

Work with the Heads of IT Services to ensure the IT systems and services are affordable and cost effective.

To contribute to the overall development of the Trust, to identify present and future opportunities, threats and risks in the IT environment with relation to IT security.

Promote effective use of IT systems and services, developing IT Security awareness and promoting a culture of IT Security.

Be responsible for managing and maintaining the various highly complex IT Security systems and services, as well as advising on future technologies, research and development.

Participate in continued professional development, training and courses as identified ensuring skills and knowledge are kept current.

Provide specialist knowledge and advice on the effective use of Trust IT Services to staff, including promotion of the use of IT Security Policies & IT Security awareness programs.

Identify staff IT Security knowledge gaps, develop and promote an IT Security awareness program in conjunction with other departments as required.

Assist the Head of IT Security to identify and develop quality measures to ensure the highest levels of service delivery are achieved.

Carry out complex projects pertinent to the work of the Trust under the direction of the Head of IT Security, assisting the production of management information, reports and recommendations.

Conduct vulnerability assessments and other associated activities as appropriate underpinned by theoretical knowledge and relevant practical experience. within the Trust to Identify, remediate and mitigate risks to the Trust.

Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds.

Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch management routine as detailed in the patch management policy.

Assist the Head of IT Security with developing and maintaining an Incident Response Plan and Computer Emergency Response Team in relation to severe IT security incidents.

Take part in activities that lead to personal and/or team growth. Including responsibility for providing briefings on developments in your field of specialist knowledge.

Attend supervision and appraisal sessions with the Line Manager. Take a lead in identifying own development needs.

Lead on investigating IT Security issues using analytical & judgmental skills to fault find in addition to liaising with other staff and departments &/or external third parties as appropriate.

The post holder is expected to work with the minimum of supervision and may be expected to deal with other duties appropriate to their level and post.

Travel to other Trust sites maybe required on an ad-hoc basis, therefore your own vehicle and a full clean UK drivers license is required. Mileage expense is available where appropriate for Trust business.

Assume wider responsibilities as assigned by the Head of IT Security