Go back

Cyber Security Analyst

The Dudley Group NHS Foundation Trust

Information:

This job is now closed

Job summary

The IT Department is responsible for delivering Information Technology to the Dudley Group NHS Foundation Trust. In addition, IT is responsible for delivering IT services to other NHS organisations and private enterprises involved in the delivery of Healthcare. IT customers have a total user countof over 10,000 with services being delivered from multiple Datacentres - cloud and on-premises

This is an exciting opportunity to join a growing Cyber Security service within the Digital, Data and Technology function at Dudley Group.

The post holder will be an integral part of the team delivering proactive and reactive support in terms of cyber and IT Governance

Main duties of the job

Undertake proactive and reactive cyber security support and monitoring

Support the development procedures for technical securityCarry out plans for incident handling and responseCarry out risk assessments and recommend actions to address risksProvide support and advice on cyber securityMaintain cyber security dashboard for Management reportsProvide advice on innovation of policies, procedures, guidelines for maintenance of IT Security

About us

At the Dudley Group our patients and staff are at the heart of all that we do and that is to provide a world class service that aligns with our vision of "excellent health care, improved health for all". We are seeking to recruit staff who share our vision and values of making Dudley Group an incredible workplace.

We are committed to becoming a diverse and an inclusive employer and where people feel sense of belonging. Seeking to expand diversity within our teams, we positively encourage applications from under-represented groups such as ethnically diverse, disabled and LGBTQ+ groups. We are also under-represented in-terms of gender within nursing roles and we would welcome applications from people from male and non-binary backgrounds.

We are committed to home life balance through flexible working and making reasonable adjustments where possible

Date posted

05 March 2024

Pay scheme

Agenda for change

Band

Band 6

Salary

£35,392 to £42,618 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

253-0224-6055470

Job locations

Russells Hall Hospital

Pensnett Road

Dudley

DY1 2HQ


Job description

Job responsibilities

Continuously assess and proactive monitoring the security of IT infrastructure including firewalls, network switches, servers, virtual machines, client machines and cloud services using a variety of Cyber/IT security technology solutions such as Endpoint Detection andResponse (EDR) and Intrusion Prevention Systems (IPS)

Monitor and respond to systems and infrastructure alerts and scheduled system reports and use evidence based approaches to improvement

Support the development and implementation of the IT Security Policy, associated policies, accompanying standards, procedures and guidance.

Support the delivery of planned compliance reviews and internal audit programme, and assisting the Service Operations Centre Manager to ensure any gaps are addressed.

To investigate suspected and actual security incidents in accordance with internal Trust and NHS England security incident reporting systems, support the production of reports with recommendations and ensure any remedial action is completed.

Respond to enquiries from staff and provide security advice in accordance with best practice, mandated policies and procedures as required.

Work with internal stakeholders to develop relationships to help promote and improve information security and provide security and education advice on topics such as phishing and multi factor authenticationAssist the Trusts IT Service Desk in relation to incidents and requests relating to information security

Provision and improvement of real or near-time dashboards to measure service delivery against key performance indicators

Provide input to the wider Trust development of security, disaster recovery and business planning processes

Maintain currency with emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies.

Support cyber security table-top exercises with Infrastructure and Services Teams.

Agree with line manager in relevant training requirements for personal development.

Regular training of staff across the organisation in terms of cyber security, communicating risks to the organisation and communicating effectively

Production of training materials to be utilised for education of staff across the organisation.

Job description

Job responsibilities

Continuously assess and proactive monitoring the security of IT infrastructure including firewalls, network switches, servers, virtual machines, client machines and cloud services using a variety of Cyber/IT security technology solutions such as Endpoint Detection andResponse (EDR) and Intrusion Prevention Systems (IPS)

Monitor and respond to systems and infrastructure alerts and scheduled system reports and use evidence based approaches to improvement

Support the development and implementation of the IT Security Policy, associated policies, accompanying standards, procedures and guidance.

Support the delivery of planned compliance reviews and internal audit programme, and assisting the Service Operations Centre Manager to ensure any gaps are addressed.

To investigate suspected and actual security incidents in accordance with internal Trust and NHS England security incident reporting systems, support the production of reports with recommendations and ensure any remedial action is completed.

Respond to enquiries from staff and provide security advice in accordance with best practice, mandated policies and procedures as required.

Work with internal stakeholders to develop relationships to help promote and improve information security and provide security and education advice on topics such as phishing and multi factor authenticationAssist the Trusts IT Service Desk in relation to incidents and requests relating to information security

Provision and improvement of real or near-time dashboards to measure service delivery against key performance indicators

Provide input to the wider Trust development of security, disaster recovery and business planning processes

Maintain currency with emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies.

Support cyber security table-top exercises with Infrastructure and Services Teams.

Agree with line manager in relevant training requirements for personal development.

Regular training of staff across the organisation in terms of cyber security, communicating risks to the organisation and communicating effectively

Production of training materials to be utilised for education of staff across the organisation.

Person Specification

Qualifications & education

Essential

  • Degree level IT qualification or equivalent significant experience in cyber/information security/computing
  • Demonstrable evidence of Continuing Professional Development (CPD)

Knowledge & Training

Essential

  • A good working knowledge of information security

Desirable

  • Detailed knowledge and experience in cyber security threat analysis and the use of associated software
  • Understanding the principles of digital forensics and incident response

Experience

Essential

  • Previous experience in an IT technical role
  • Able to understand complex technical issues combine with analytical skills

Desirable

  • Able to demonstrate an excellent understanding of security and technical trends within the IT industry and ensure the best use of technologies to satisfy user requirement

Communication Skills

Essential

  • Good verbal and written communication skills

Planning & Organisational Skills

Essential

  • Responsive to change, new ideas, adaptable to new systems
  • Experience of working with service requests and maintaining accurate records for customers and colleagues
Person Specification

Qualifications & education

Essential

  • Degree level IT qualification or equivalent significant experience in cyber/information security/computing
  • Demonstrable evidence of Continuing Professional Development (CPD)

Knowledge & Training

Essential

  • A good working knowledge of information security

Desirable

  • Detailed knowledge and experience in cyber security threat analysis and the use of associated software
  • Understanding the principles of digital forensics and incident response

Experience

Essential

  • Previous experience in an IT technical role
  • Able to understand complex technical issues combine with analytical skills

Desirable

  • Able to demonstrate an excellent understanding of security and technical trends within the IT industry and ensure the best use of technologies to satisfy user requirement

Communication Skills

Essential

  • Good verbal and written communication skills

Planning & Organisational Skills

Essential

  • Responsive to change, new ideas, adaptable to new systems
  • Experience of working with service requests and maintaining accurate records for customers and colleagues

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

The Dudley Group NHS Foundation Trust

Address

Russells Hall Hospital

Pensnett Road

Dudley

DY1 2HQ


Employer's website

https://www.dgft.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

The Dudley Group NHS Foundation Trust

Address

Russells Hall Hospital

Pensnett Road

Dudley

DY1 2HQ


Employer's website

https://www.dgft.nhs.uk/ (Opens in a new tab)

For questions about the job, contact:

Head of Cyber Security & IT Governance

Karen Hale

karen.hale1@nhs.net

01384456111

Date posted

05 March 2024

Pay scheme

Agenda for change

Band

Band 6

Salary

£35,392 to £42,618 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

253-0224-6055470

Job locations

Russells Hall Hospital

Pensnett Road

Dudley

DY1 2HQ


Supporting documents

Privacy notice

The Dudley Group NHS Foundation Trust's privacy notice (opens in a new tab)