Job summary
University Hospitals Coventry & Warwickshire NHS Trust's ICT Department team has a fantastic opportunity within its Cyber Security Team.
As part of the team you will be involved in providing support and assisting with obtaining assurance on cyber risks as well as developing improvements to the Trusts cyber security ensuring essential services remain protected.
Closing Date: Please be advised that this job advert will close as soon as sufficient applications have been received. Please apply for this job as soon as you can, if interested.
Main duties of the job
Main Duties/ Responsibilities
- To proactively monitor, review, analyse and interpret security incidents and alerts received by external agencies, using detailed log information, a variety of software utilities and software management tools to identify potential threats and eliminate false positives
- To monitor, review and analyse security incidents and alerts, using security incident and event management software, such as Microsoft Defender Endpoint and anti-virus management consoles to ensure that incidents and alerts are resolved quickly by the appropriate team
- Undertake regular and frequent vulnerability scans using tools such as Tenable Nessus and IT Health Assurance Dashboard, using the results to identify potential areas of concern and working with the appropriate team to ensure that potential risks are mitigated or accepted at the appropriate level
- Assisting with official investigations initiated by the NHS Trust and providing detailed reports in relation to IT security and monitored activity
- Robust awareness of good cyber security practice guidelines, advising colleagues on cyber awareness and recommendations for the modifications to ensure that we keep up to date with cyber security, malware prevention and critical updates as required
- Assisting with the ongoing improvement and development of cyber security measures, including but not limited to SIEM, anti-malware, network security and vulnerability management
About us
University Hospitals Coventry and Warwickshire NHS Trust, rated as good by the Care Quality Commission, is one of the largest teaching Trusts in the UK.
We are extremely proud of our employees across our hospital sites, with high quality patient care at the heart of everything we do.
Boasting some of the most modern facilities in Western Europe, the Trust is renowned for being at the forefront of research and innovation as part of its blossoming reputation as a worldwide leader in healthcare.
We are proud to be recognised as a Pathway to Excellence designated organisation - please click the link for further details about this prestigious award. Pathway To Excellence - University Hospitals Coventry & Warwickshire (uhcw.nhs.uk)
By joining our exciting journey, you will form part of a passionate, talented team and will be able to access a wide range of learning and development opportunities. There has never been a better time to join our team.
The Trust is committed to building an organisation that makes full use of the talents, skills, experience, and different perspectives available in our diverse society. We want everyone to feel they are respected, valued, can achieve their potential and receive the most appropriate and relevant care. We will create an environment where the equality and human rights principles of fairness, respect, equality, dignity and autonomy are promoted and are part of the organisation's core values.
Job description
Job responsibilities
- Detailed knowledge and experience of the installation, configuration and maintenance of PCs and mobile devices, with the ability to make security recommendations
- Prioritisation and management of allocated tasks and workload
- To assist in all matters relating to Information Security including Cyber Security, Disaster Recovery and ICTs Business Continuity Plans.
- To support development, maintenance and implementation of policies, standards and controls for IT Security across the Trust in line with the law, regulation and NHS Best practise.
- To ensure that all changes to the IT environment be they hardware, software or other system components comply with the information security requirements.
- To take responsibility for addressing IT security issues as and when they arise.
- To undertake IT security audits and use the results to improve the effectiveness of the security controls.
- To ensure IT security confidentiality, integrity and availability is maintained in the event of a disaster and to periodically test this to ensure the documentation, processes and procedures remain current.
- Provide advice and consultancy on the procurement, implementation, operation and maintenance of ICT systems.
- Assist in managing programmes for PC and server system security as well as end-user devices, including threat protection monitoring and control schemes.
- Undertake the support of corporate computer systems covering routine housekeeping/ maintenance duties, configuration management, change management and problem management
- To report on all aspects of Information Security and Disaster recovery.
- To ensure that all work undertaken for the Trust, whether in-house or with Third Parties adheres to the established IT Information Security Standards.
- Ensure that maintenance contracts with third party suppliers for ICT security systems are current and are value for money.
- Assist in regular Penetration Tests and ensure any risks identified are mitigated and any poor practices have improvement plans put in place.
- Check and audit existing processes and procedures in place are being adhered to and improvement plans put in place to recover any non-conformances.
- Contribute, as required, to the Trusts Controls Assurance Programme particularly in relation to ICT, such as business continuity planning and disaster recovery procedures.
- Ensure that system logs are kept and that any problems are reported to the appropriate outside support agencies.
- Undertake the training of staff and students in the knowledge of IT Security and ensure the Cyber security awareness programme is effective and functional.
- Give presentations of systems to users and other interested parties as required.
- Keep abreast of current developments within the ICT Security and related industries.
- Liaise with other ICT Services staff, as required, to ensure the overall integrity and smooth running of the service.
- Ensure that all Trust wide standards are maintained and monitored to improve the quality of total care to all who come into contact with services provided by University Hospitals Coventry and Warwickshire NHS Trust.
- Make a positive contribution to Customer Relationship Management by ensuring that users and other relevant staff are notified in a timely and professional manner of changes made which affect the operation of specific ICT services.
- Contribute to policy related to the ICT quality (ISO 9001) and ICT Security Management System (ISO 27001) where required.
- Participate in team, professional and personal development activities and promote a commitment to continuous development and improvement.
- Participate in appraisals and personal reviews and work to achieve agreed set objectives.
- Participate in appropriate training and development activities.
For further details of the role please see the attached job description.
Job description
Job responsibilities
- Detailed knowledge and experience of the installation, configuration and maintenance of PCs and mobile devices, with the ability to make security recommendations
- Prioritisation and management of allocated tasks and workload
- To assist in all matters relating to Information Security including Cyber Security, Disaster Recovery and ICTs Business Continuity Plans.
- To support development, maintenance and implementation of policies, standards and controls for IT Security across the Trust in line with the law, regulation and NHS Best practise.
- To ensure that all changes to the IT environment be they hardware, software or other system components comply with the information security requirements.
- To take responsibility for addressing IT security issues as and when they arise.
- To undertake IT security audits and use the results to improve the effectiveness of the security controls.
- To ensure IT security confidentiality, integrity and availability is maintained in the event of a disaster and to periodically test this to ensure the documentation, processes and procedures remain current.
- Provide advice and consultancy on the procurement, implementation, operation and maintenance of ICT systems.
- Assist in managing programmes for PC and server system security as well as end-user devices, including threat protection monitoring and control schemes.
- Undertake the support of corporate computer systems covering routine housekeeping/ maintenance duties, configuration management, change management and problem management
- To report on all aspects of Information Security and Disaster recovery.
- To ensure that all work undertaken for the Trust, whether in-house or with Third Parties adheres to the established IT Information Security Standards.
- Ensure that maintenance contracts with third party suppliers for ICT security systems are current and are value for money.
- Assist in regular Penetration Tests and ensure any risks identified are mitigated and any poor practices have improvement plans put in place.
- Check and audit existing processes and procedures in place are being adhered to and improvement plans put in place to recover any non-conformances.
- Contribute, as required, to the Trusts Controls Assurance Programme particularly in relation to ICT, such as business continuity planning and disaster recovery procedures.
- Ensure that system logs are kept and that any problems are reported to the appropriate outside support agencies.
- Undertake the training of staff and students in the knowledge of IT Security and ensure the Cyber security awareness programme is effective and functional.
- Give presentations of systems to users and other interested parties as required.
- Keep abreast of current developments within the ICT Security and related industries.
- Liaise with other ICT Services staff, as required, to ensure the overall integrity and smooth running of the service.
- Ensure that all Trust wide standards are maintained and monitored to improve the quality of total care to all who come into contact with services provided by University Hospitals Coventry and Warwickshire NHS Trust.
- Make a positive contribution to Customer Relationship Management by ensuring that users and other relevant staff are notified in a timely and professional manner of changes made which affect the operation of specific ICT services.
- Contribute to policy related to the ICT quality (ISO 9001) and ICT Security Management System (ISO 27001) where required.
- Participate in team, professional and personal development activities and promote a commitment to continuous development and improvement.
- Participate in appraisals and personal reviews and work to achieve agreed set objectives.
- Participate in appropriate training and development activities.
For further details of the role please see the attached job description.
Person Specification
Qualifications
Essential
Desirable
Experience
Essential
Desirable
Knowledge
Essential
Desirable
Skills
Essential
Desirable
Person Specification
Qualifications
Essential
Desirable
Experience
Essential
Desirable
Knowledge
Essential
Desirable
Skills
Essential
Desirable
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
