Job summary
We are looking to recruit a Cyber Security Projects Officer to join the Informatics team.
The successful candidate will hold a professional entry level cyber certification such as COMPTIA+ (or higher) or have relevant experience in IT security. They must also have a recognised project management qualification or equivalent experience such as APM or Prince 2. This role would suit a person who is looking for an opportunity to enhance their strategic level cyber security support knowledge.
Informatics are predominantly working from home but we maintain an office base at Sleaford and hot desking is available across the county, so hybrid working can be discussed with the successful candidate. Regular attendance at face to face meetings within the department and wider trust will still be required so the ability to travel is essential.
Main duties of the job
This post will work within the Informatics project team with a direct link to the trust Data Protection Officer and will be responsible for producing IT security policies, processes and procedures.
It will work with local Cyber teams to keep up to date assessment's of the trusts entire attack surface, arrange and review penetration testing and produce clear and concise reports on the trusts cyber security posture.
There will be close working with the Information Governance (IG) team and DPO to provide SME input into any queries in relation to cyber security and IG.
It will help develop and test BC and DR plans along with producing and delivering cyber training at an appropriate level across the trust.
The post will support any informatics projects and tasks with regard to cyber and technical elements.
As a member of the Informatics department, this post will be part of the crucial work undertaken by the team enabling digital transformation, facilitating new ways of working and supporting change whilst ensuring the protection of our data.
About us
Lincolnshire Partnership NHS Foundation Trust provides mental health services and a number of learning disability, autism and social care services in the county of Lincolnshire. Employing around 2,800 staff, and serving a population of over 766,000, our people lie at the heart of everything we do.
You could be part of a Trust rated by staff as one of the best mental health and learning disability trusts in England, in an area heralded as a fantastic place to live and work. We firmly believe the key to high quality care is a contented workforce. This is reflected in our Care Quality Commission rating of 'outstanding' for well-led and 'good' overall. In the most recent National NHS Staff Survey, our staff rated us as the number one trust nationally for staff morale and one of the top scoring NHS Trusts in the Midlands for being compassionate and inclusive. We're really proud of this!
We are also leading the way in transforming care, with multi-million-pound transformation of patient environments and radical redesign of community services.
This is the time to join and help redesign our services of the future. We offer options for flexible working and provide a wide range of training and promotion opportunities in all professions. We support and celebrate diversity, have active staff networks groups and are always looking at what more we can do to support our staff.
Job description
Job responsibilities
Strategy and Policy
Contribute to IT Security policies, processes and procedures
Write and deliver cyber training at a level appropriate to role
Help develop, write and test Business Continuity and Disaster Recovery plans
Keep informed and up to date on the latest cyber security developments and news
Service Planning
Working with the local Cyber team keep an up to date assessment of the Trusts entire attack surface (network, infrastructure and people/social)
Help arrange and review penetration testing as required
Produce regular clear and concise reports for the management team on the Trusts cyber security posture (to include risk assessments, identified vulnerabilities and mitigations, maintenance and patching of systems, cyber security systems and protection measures, incident response planning, and training / education)
Be a key point of contact for managing and co-ordinating cyber incident responses
Support any Infomatics projects and tasks, specifically with regard to technical and cyber elements
Work closely with Information Governance teams and the DPO to assist with any queries in relation to cyber security and Information Governance (IG)
Develop an ongoing cyber security campaign working closely with other Informatics colleagues
Work with wider systems colleagues across the ICS and other suppliers as required by Trust and system wide operational need and strategy
Be aware of ITSM arrangements and monitor overall IT Service Management provision to identify any underperformance that may cause a risk to the Trust or its systems
Service Management
Monitor all cyber security communications and systems within scope
Keep all relevant parties clearly informed of any cyber event, change, news or action as required
Act on any cyber incident, ensuring required mitigation actions are enacted promptly and logically
Advise as required to technical and non-technical users at all levels of the organisation within the sphere of knowledge and capacity
Appropriately escalate to senior managers including DPO and cyber team in the local Commissioning Unit (CSU) (as processes dictate)
Work closely with technical suppliers to ensure the Trusts infrastructure estate is kept secure
Any other duties as required by the Trust that sit appropriately within the sphere of this post
Job description
Job responsibilities
Strategy and Policy
Contribute to IT Security policies, processes and procedures
Write and deliver cyber training at a level appropriate to role
Help develop, write and test Business Continuity and Disaster Recovery plans
Keep informed and up to date on the latest cyber security developments and news
Service Planning
Working with the local Cyber team keep an up to date assessment of the Trusts entire attack surface (network, infrastructure and people/social)
Help arrange and review penetration testing as required
Produce regular clear and concise reports for the management team on the Trusts cyber security posture (to include risk assessments, identified vulnerabilities and mitigations, maintenance and patching of systems, cyber security systems and protection measures, incident response planning, and training / education)
Be a key point of contact for managing and co-ordinating cyber incident responses
Support any Infomatics projects and tasks, specifically with regard to technical and cyber elements
Work closely with Information Governance teams and the DPO to assist with any queries in relation to cyber security and Information Governance (IG)
Develop an ongoing cyber security campaign working closely with other Informatics colleagues
Work with wider systems colleagues across the ICS and other suppliers as required by Trust and system wide operational need and strategy
Be aware of ITSM arrangements and monitor overall IT Service Management provision to identify any underperformance that may cause a risk to the Trust or its systems
Service Management
Monitor all cyber security communications and systems within scope
Keep all relevant parties clearly informed of any cyber event, change, news or action as required
Act on any cyber incident, ensuring required mitigation actions are enacted promptly and logically
Advise as required to technical and non-technical users at all levels of the organisation within the sphere of knowledge and capacity
Appropriately escalate to senior managers including DPO and cyber team in the local Commissioning Unit (CSU) (as processes dictate)
Work closely with technical suppliers to ensure the Trusts infrastructure estate is kept secure
Any other duties as required by the Trust that sit appropriately within the sphere of this post
Person Specification
Qualifications
Essential
- Be educated to degree level or have equivalent relevant experience
- A portfolio of practical experience in IT and/or Cyber Security
- Project Management experience with engagement at all organisational levels
Desirable
- Cyber Security qualifications i.e. CompTIA + /Cyber security fundamentals/ Systems Security Certified Practitioner/ CCNA or equivalent IT security experience
- Project Management certification
- Experience of ITIL IT Service Management
Experience
Essential
- Broad technical experience of IT infrastructure and networking
- Knowledge of use of IT Security digital tools and solutions (Firewalls, anti-virus and malware protection, DLP, monitoring services, IDS/IPS and patch management)
- Experience of supporting digital change projects
- An understanding of Cloud based technologies and cloud-based communication systems
- Experience of creating reports and presenting to senior audiences/stakeholders
- Experience of working with Information Governance teams/DPOs
- Evidence of delivering to tight deadlines
- Evidence of application of good analytical skills
- Evidence of deploying innovations/new technologies to promote enhanced security and efficiency gains
Desirable
- Strong influencing skills
- Strong presentation skills
- Experience of producing Business cases and executive level papers
- NHS experience
- Experience of developing a full cyber campaign
Skills
Essential
- Ability to communicate highly complex issues to a wide range of non-technical end users
- Excellent documentation writing skills to create and develop processes and procedures
- Excellent interpersonal skills, building effective professional relationships with all Trust staff and wider system colleagues as well as suppliers
- Ability to perform as an effective team player, and on own initiative
- Establish and maintain informal internal or external relationships to gain knowledge that can be adopted and adapted to the improvement the Informatics department
- Good knowledge of IT Security Fundamentals, including Confidentiality, Integrity and Availability, attack surface, social engineering, risk management, physical security, Identity management, encryption, network security, security policies and IT security tools and products such as AV, IDS/IPS and DLP etc..)
- Good awareness of IG principles such as the DPA, GDPR, types of data and DPIAs
- Knowledge of fraud detection and prevention in a digital environment
- Good verbal and written communication skills
- Change management skills
- Good planning, presentation, and interpersonal skills
- Flexible in approach to working hours when necessary
- Ability to keep pace with the rapid rate of change in IT Security
Desirable
- Demonstrable knowledge of advanced IT Security concepts
- A broad high level knowledge of network technologies and methodologies including TCP/IP, DHCP, DNS,VLAN, Switching and emerging technologies such as SDWAN and Cloud
Special Requirements
Essential
- Ability to be mobile across sites
Person Specification
Qualifications
Essential
- Be educated to degree level or have equivalent relevant experience
- A portfolio of practical experience in IT and/or Cyber Security
- Project Management experience with engagement at all organisational levels
Desirable
- Cyber Security qualifications i.e. CompTIA + /Cyber security fundamentals/ Systems Security Certified Practitioner/ CCNA or equivalent IT security experience
- Project Management certification
- Experience of ITIL IT Service Management
Experience
Essential
- Broad technical experience of IT infrastructure and networking
- Knowledge of use of IT Security digital tools and solutions (Firewalls, anti-virus and malware protection, DLP, monitoring services, IDS/IPS and patch management)
- Experience of supporting digital change projects
- An understanding of Cloud based technologies and cloud-based communication systems
- Experience of creating reports and presenting to senior audiences/stakeholders
- Experience of working with Information Governance teams/DPOs
- Evidence of delivering to tight deadlines
- Evidence of application of good analytical skills
- Evidence of deploying innovations/new technologies to promote enhanced security and efficiency gains
Desirable
- Strong influencing skills
- Strong presentation skills
- Experience of producing Business cases and executive level papers
- NHS experience
- Experience of developing a full cyber campaign
Skills
Essential
- Ability to communicate highly complex issues to a wide range of non-technical end users
- Excellent documentation writing skills to create and develop processes and procedures
- Excellent interpersonal skills, building effective professional relationships with all Trust staff and wider system colleagues as well as suppliers
- Ability to perform as an effective team player, and on own initiative
- Establish and maintain informal internal or external relationships to gain knowledge that can be adopted and adapted to the improvement the Informatics department
- Good knowledge of IT Security Fundamentals, including Confidentiality, Integrity and Availability, attack surface, social engineering, risk management, physical security, Identity management, encryption, network security, security policies and IT security tools and products such as AV, IDS/IPS and DLP etc..)
- Good awareness of IG principles such as the DPA, GDPR, types of data and DPIAs
- Knowledge of fraud detection and prevention in a digital environment
- Good verbal and written communication skills
- Change management skills
- Good planning, presentation, and interpersonal skills
- Flexible in approach to working hours when necessary
- Ability to keep pace with the rapid rate of change in IT Security
Desirable
- Demonstrable knowledge of advanced IT Security concepts
- A broad high level knowledge of network technologies and methodologies including TCP/IP, DHCP, DNS,VLAN, Switching and emerging technologies such as SDWAN and Cloud
Special Requirements
Essential
- Ability to be mobile across sites
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
