Senior Cyber Security Analyst

The Newcastle upon Tyne Hospitals NHS Foundation Trust

Information:

This job is now closed

Job summary

The Senior Cyber Security Analyst will support the Cyber Security Manager and act as the Trusts expert on cyber security protection, detection, response, and recovery. The Senior Cyber Security Analyst will support the strategic approach to cyber threat management and will help lead the strategic planning of current and future IT security solutions, researching and reviewing industry best practice and upcoming changes to technology.

  • Interview date: 22 September 2023
  • 37 hours 30 minutes/week
  • You will be redirected to Trac to apply for the vacancy. Please expand the job details section and read all of the information before applying for the vacancy.

Main duties of the job

  • Mentor and guide the Trust Cyber Security Team to provide the security assurance required by Legal and professional guidelines.
  • The Trust has in excess of 17,500 staff with access to information systems including the Internet and email.
  • There are over 15,000 desktop devices currently active within the Trust which require validation and security monitoring.
  • There is a requirement to provide a minimum of four training sessions monthly.

About us

Newcastle Hospitals NHS Foundation Trust is one of the busiest, largest and most successful teaching NHS foundation trusts in the country, with over 18,000 staff and an annual income of £1 billion.

Rated 'Outstanding' by theCQC for the second consecutive time in 2019, we have a long history of providing high quality care, clinical excellence, and innovation in medical research regionally, nationally and internationally.

We're also proud to be the second largest provider of specialised services in the country. This means we support people with a range of rare and complex medical, surgical and neurological conditions, cancers and genetic orders.

Our staff oversee around 1.84 million patients 'contacts' each year, delivering high standards of healthcare.

Please see attached information on what Staff Benefits we have to offer at our Trust.

We are committed to promoting equality and diversity and recognise the benefit in providing an inclusive environment. We value and respect the diversity of our employees and aim to recruit a workforce which reflects the communities we serve, and is equipped to deliver the best service to our patients. We welcome all applications irrespective of people's race, disability, gender, sexual orientation, religion or belief, age, gender identity, marriage and civil partnership, pregnancy and maternity and in particular those from under- represented groups.

Date posted

04 August 2023

Pay scheme

Agenda for change

Band

Band 7

Salary

£43,742 to £50,056 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

317-2023-30-047

Job locations

Regent Point

317 Regent Point

NE3 3HD


Job description

Job responsibilities

The Senior Cyber Security Analyst will support the Cyber Security Manager and act as the Trusts expert on cyber security protection, detection, response, and recovery. The Senior Cyber Security Analyst will support the strategic approach to cyber threat management and will help lead the strategic planning of current and future IT security solutions, researching and reviewing industry best practice and upcoming changes to technology.

The Senior Cyber Security Analyst will support the completion of the Data Security Assessment Toolkit in addition to working towards and maintaining Cyber Essentials certification.

This post will require the post holder to work in the Service Management Team under the direction of Head of IT Service Management.

Mentor and guide a team of Cyber Security Analysts

Support the Cyber Security Manager to lead the strategic planning of current andfuture cyber security solutions, researching and reviewing recognised best practice and upcoming changes to technology

Define and agree an appropriate target security posture with key stakeholders giving due regard to risks threats and vulnerabilities

Lead on audit and audit preparation relating to cyber security

Maintain compliance with various standards in place e.g., Data Security and Protection Toolkit, CareCERT, Cyber Essentials, Network, and Information Systems Regulations etc

Act as a Trusts advisor on cyber security protection, detection, response, and recovery

Analyse complex data and oversee the production of detailed information reports and develop processes to disseminate this information to all levels of the organisation

Develop and advise in the implementation of policies, procedures, and guidance documentation for all relevant cyber security related systems / process

Provide advice to the Head of IT Service Management to influence the creation of a robust cyber security service to support numerous data rich applications for use within the Trust both on-premises and cloud hosted

Work in conjunction with the technical teams to maintain security tools and technology

Educate individual departments to reduce cyber security risk

Undertake scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolved

Supporting wider IT functions in the evaluation and implementation of new technology and controls

Maintain the Cyber Security and IT security policies, procedures, and SOPs

Respond to High priority NHS Digital Care Cert alerts in line with NHS Digital requirements

Support the creation of a monthly cyber security report of KPIs to be made available to the CIO and wider Trust

Please note it is a requirement of The Newcastle upon Tyne Hospitals NHS Foundation Trust that all successful candidates who require a DBS for the post they have been offered pay for their DBS certificate.The method of payment is a salary deduction from your first months pay.

As a flexible working friendly organisation, we want to be sure that you can work in a way that is best for us and for our patients, and for you. Speak to us about how we might be able to accommodate a flexible working arrangement. If it works for the service, we will do our best to make it work for you.

Job description

Job responsibilities

The Senior Cyber Security Analyst will support the Cyber Security Manager and act as the Trusts expert on cyber security protection, detection, response, and recovery. The Senior Cyber Security Analyst will support the strategic approach to cyber threat management and will help lead the strategic planning of current and future IT security solutions, researching and reviewing industry best practice and upcoming changes to technology.

The Senior Cyber Security Analyst will support the completion of the Data Security Assessment Toolkit in addition to working towards and maintaining Cyber Essentials certification.

This post will require the post holder to work in the Service Management Team under the direction of Head of IT Service Management.

Mentor and guide a team of Cyber Security Analysts

Support the Cyber Security Manager to lead the strategic planning of current andfuture cyber security solutions, researching and reviewing recognised best practice and upcoming changes to technology

Define and agree an appropriate target security posture with key stakeholders giving due regard to risks threats and vulnerabilities

Lead on audit and audit preparation relating to cyber security

Maintain compliance with various standards in place e.g., Data Security and Protection Toolkit, CareCERT, Cyber Essentials, Network, and Information Systems Regulations etc

Act as a Trusts advisor on cyber security protection, detection, response, and recovery

Analyse complex data and oversee the production of detailed information reports and develop processes to disseminate this information to all levels of the organisation

Develop and advise in the implementation of policies, procedures, and guidance documentation for all relevant cyber security related systems / process

Provide advice to the Head of IT Service Management to influence the creation of a robust cyber security service to support numerous data rich applications for use within the Trust both on-premises and cloud hosted

Work in conjunction with the technical teams to maintain security tools and technology

Educate individual departments to reduce cyber security risk

Undertake scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolved

Supporting wider IT functions in the evaluation and implementation of new technology and controls

Maintain the Cyber Security and IT security policies, procedures, and SOPs

Respond to High priority NHS Digital Care Cert alerts in line with NHS Digital requirements

Support the creation of a monthly cyber security report of KPIs to be made available to the CIO and wider Trust

Please note it is a requirement of The Newcastle upon Tyne Hospitals NHS Foundation Trust that all successful candidates who require a DBS for the post they have been offered pay for their DBS certificate.The method of payment is a salary deduction from your first months pay.

As a flexible working friendly organisation, we want to be sure that you can work in a way that is best for us and for our patients, and for you. Speak to us about how we might be able to accommodate a flexible working arrangement. If it works for the service, we will do our best to make it work for you.

Person Specification

Qualifications & Education

Essential

  • Possess a higher degree / Masters OR has acquired skills and knowledge via an extensive portfolio of practical experience in Cyber Security

Desirable

  • Hold a security industry recognised qualification (HCISSP, CISSP, CISM, CISA, CRISC, CSSP)
  • Prince 2 Foundation
  • ITIL Foundation

Knowledge & Experience

Essential

  • Broad based technical knowledge covering all aspects of infrastructure from networking, end user devices through to servers and data centres
  • Understanding of Information Security principles
  • Knowledge of the Data Protection Act and associated regulations (NIS, CMA, GDPR)
  • Experience of producing business cases and executive papers
  • Good stakeholder management

Desirable

  • Experience of working in an NHS environment

Skills & Abilities

Essential

  • Ability to converse fluently, logically, and confidently with a wide range of levels of staff; possess good interpersonal and communication skills
  • Strong interpersonal and influencing skills
  • Strong presentation skills
  • Strong analytical skills are required to interpret, analyse, and present highly complex multi stranded information of varying quality from a number of diverse sources.
Person Specification

Qualifications & Education

Essential

  • Possess a higher degree / Masters OR has acquired skills and knowledge via an extensive portfolio of practical experience in Cyber Security

Desirable

  • Hold a security industry recognised qualification (HCISSP, CISSP, CISM, CISA, CRISC, CSSP)
  • Prince 2 Foundation
  • ITIL Foundation

Knowledge & Experience

Essential

  • Broad based technical knowledge covering all aspects of infrastructure from networking, end user devices through to servers and data centres
  • Understanding of Information Security principles
  • Knowledge of the Data Protection Act and associated regulations (NIS, CMA, GDPR)
  • Experience of producing business cases and executive papers
  • Good stakeholder management

Desirable

  • Experience of working in an NHS environment

Skills & Abilities

Essential

  • Ability to converse fluently, logically, and confidently with a wide range of levels of staff; possess good interpersonal and communication skills
  • Strong interpersonal and influencing skills
  • Strong presentation skills
  • Strong analytical skills are required to interpret, analyse, and present highly complex multi stranded information of varying quality from a number of diverse sources.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

The Newcastle upon Tyne Hospitals NHS Foundation Trust

Address

Regent Point

317 Regent Point

NE3 3HD


Employer's website

https://careers.nuth.nhs.uk/why-us (Opens in a new tab)

Employer details

Employer name

The Newcastle upon Tyne Hospitals NHS Foundation Trust

Address

Regent Point

317 Regent Point

NE3 3HD


Employer's website

https://careers.nuth.nhs.uk/why-us (Opens in a new tab)

For questions about the job, contact:

Head of IT Service Management

Gary Towns

Gary.towns@nhs.net

01912448786

Date posted

04 August 2023

Pay scheme

Agenda for change

Band

Band 7

Salary

£43,742 to £50,056 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

317-2023-30-047

Job locations

Regent Point

317 Regent Point

NE3 3HD


Supporting documents

Privacy notice

The Newcastle upon Tyne Hospitals NHS Foundation Trust's privacy notice (opens in a new tab)