Go back
Gateshead Health NHS Foundation Trust

Cyber Security Analyst

Information:

This job is now closed

Job summary

The Cyber Security Analyst plays a critical role in safeguarding the Trust's digital infrastructure, clinical systems, and sensitive patient data against cyber threats. Working within the Digital Services team, the post holder will be responsible for monitoring security events, identifying vulnerabilities, responding to incidents, and ensuring compliance with relevant data protection and cybersecurity standards. This role is essential to maintaining the operational integrity of clinical and administrative systems, directly supporting the continuity of patient care and protecting the Trust from reputational, legal, and financial risks arising from cyber incidents.

Main duties of the job

The Cyber Security Analyst will be responsible for proactively monitoring and analysing network traffic, system logs, and security alerts to detect and respond to potential threats in real time. They will conduct regular vulnerability assessments, coordinate penetration testing, and support the implementation of technical controls to protect critical systems. The post holder will manage incident response activities, investigate security breaches, and produce detailed reports and recommendations. They will also play a key role in ensuring compliance with NHS Digital standards, the Data Security and Protection Toolkit (DSPT), and other regulatory requirements. Collaboration with clinical and non-clinical teams will be essential to raise awareness, deliver training, and support secure digital practices across the Trust.

About us

Based in the North East of England we provide a range of hospital and community health services from our leading facilities, including the Queen Elizabeth Hospital, Blaydon urgent care centre and Bensham Hospital, all within Gateshead.

Established in 2005, we were one of the first foundation trusts in the country and since then have consistently achieved the highest levels of care for patients.

We now employ around 4,800 staff and currently provide 444 hospital beds across the Gateshead region.

Our values should be the 'golden thread' which runs through everything we do - they are the core of who we are. Our five values can easily be remembered by the simple acronymICORE; Innovation, Care, Openness, Respect, Engagement.

We have a number of staff networks including the BAME network, D-Ability network, LGBTQ+ Network and the Women's Network, to challenge us and help us to constantly improve. Our armed forces network is one of our emerging networks.

The health and wellbeing of our staff is one of our highest priorities, and we offer a range of support and initiatives as part of our 'Balance' programme balancegateshead.com to cater for our diverse workforce, so that your individual needs can be supported.

Details

Date posted

02 October 2025

Pay scheme

Agenda for change

Band

Band 4

Salary

£27,485 to £30,162 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

297-7433756

Job locations

IT Department

QE Hospital

Gateshead

NE9 6SX


Job description

Job responsibilities

Main Responsibilities:

  • Threat Monitoring and Response:

    • Monitor security systems and tools to detect and investigate suspicious activity.

    • Respond to security incidents, including malware outbreaks, phishing attacks, and attempted breaches, following Trust incident response protocols.

  • Vulnerability Management:

    • Conduct regular vulnerability scans and risk assessments across the Trusts IT infrastructure.

    • Work with infrastructure and application teams to remediate identified vulnerabilities and ensure timely patch management.

  • Security Operations:

    • Maintain and improve the Trusts security monitoring tools, configurations, and automated alerting systems.

    • Assist in the development and enforcement of IT security policies, procedures, and standards.

  • Compliance and Governance:

    • Support compliance with the Data Security and Protection Toolkit (DSPT), Cyber Essentials, and NHS Digital requirements.

    • Assist with audits and evidence gathering for internal and external reviews.

  • Awareness and Training:

    • Support the delivery of cybersecurity awareness campaigns and user training across the Trust.

    • Provide guidance to staff on best practices for data security, secure password use, phishing prevention, and secure handling of sensitive information.

  • Documentation and Reporting:

    • Maintain accurate documentation of incidents, configurations, and response actions.

    • Produce regular security performance reports and risk assessments for senior management.

  • Collaboration and Support:

    • Work collaboratively with clinical and non-clinical teams to assess system security requirements for new digital services or changes.

    • Provide expert advice on secure system design and configuration during IT project delivery.

Job description

Job responsibilities

Main Responsibilities:

  • Threat Monitoring and Response:

    • Monitor security systems and tools to detect and investigate suspicious activity.

    • Respond to security incidents, including malware outbreaks, phishing attacks, and attempted breaches, following Trust incident response protocols.

  • Vulnerability Management:

    • Conduct regular vulnerability scans and risk assessments across the Trusts IT infrastructure.

    • Work with infrastructure and application teams to remediate identified vulnerabilities and ensure timely patch management.

  • Security Operations:

    • Maintain and improve the Trusts security monitoring tools, configurations, and automated alerting systems.

    • Assist in the development and enforcement of IT security policies, procedures, and standards.

  • Compliance and Governance:

    • Support compliance with the Data Security and Protection Toolkit (DSPT), Cyber Essentials, and NHS Digital requirements.

    • Assist with audits and evidence gathering for internal and external reviews.

  • Awareness and Training:

    • Support the delivery of cybersecurity awareness campaigns and user training across the Trust.

    • Provide guidance to staff on best practices for data security, secure password use, phishing prevention, and secure handling of sensitive information.

  • Documentation and Reporting:

    • Maintain accurate documentation of incidents, configurations, and response actions.

    • Produce regular security performance reports and risk assessments for senior management.

  • Collaboration and Support:

    • Work collaboratively with clinical and non-clinical teams to assess system security requirements for new digital services or changes.

    • Provide expert advice on secure system design and configuration during IT project delivery.

Person Specification

Experience

Essential

  • Experience working in an IT support, desktop support, or technical environment
  • Experience using endpoint protection platforms (e.g. antivirus, EDR tools)
  • High knowledge and proficiency in SCCM include being able to create and deploy packages and task sequences

Desirable

  • Awareness of NHS Digital's Data Security and Protection Toolkit (DSPT) or ISO 27001
  • Basic working knowledge of AD and group policy management

Skills

Essential

  • Effective communication with all levels of users.
  • Strong analytical and problem solving skills

Knowledge

Essential

  • Knowledge of PC hardware and operating systems, including installation, support and troubleshooting.

Desirable

  • Familiarity with NHS.

Qualifications

Essential

  • Educated to A-level or equivalent in IT relevant subject

Desirable

  • Foundation-level certification in cyber security or IT
Person Specification

Experience

Essential

  • Experience working in an IT support, desktop support, or technical environment
  • Experience using endpoint protection platforms (e.g. antivirus, EDR tools)
  • High knowledge and proficiency in SCCM include being able to create and deploy packages and task sequences

Desirable

  • Awareness of NHS Digital's Data Security and Protection Toolkit (DSPT) or ISO 27001
  • Basic working knowledge of AD and group policy management

Skills

Essential

  • Effective communication with all levels of users.
  • Strong analytical and problem solving skills

Knowledge

Essential

  • Knowledge of PC hardware and operating systems, including installation, support and troubleshooting.

Desirable

  • Familiarity with NHS.

Qualifications

Essential

  • Educated to A-level or equivalent in IT relevant subject

Desirable

  • Foundation-level certification in cyber security or IT

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

Gateshead Health NHS Foundation Trust

Address

IT Department

QE Hospital

Gateshead

NE9 6SX


Employer's website

https://www.qegateshead.nhs.uk (Opens in a new tab)

Employer details

Employer name

Gateshead Health NHS Foundation Trust

Address

IT Department

QE Hospital

Gateshead

NE9 6SX


Employer's website

https://www.qegateshead.nhs.uk (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Desktop Security Manager

Liam Karmazyn

liam.karmazyn@nhs.net

01914452397

Details

Date posted

02 October 2025

Pay scheme

Agenda for change

Band

Band 4

Salary

£27,485 to £30,162 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

297-7433756

Job locations

IT Department

QE Hospital

Gateshead

NE9 6SX


Supporting documents

Privacy notice

Gateshead Health NHS Foundation Trust's privacy notice (opens in a new tab)