Harrogate and District NHS Foundation Trust

Lead Cyber Security Analyst

Information:

This job is now closed

Job summary

Job title: Lead Cyber Security AnalystDepartment: IT InfrastructureHours: 37.5 hours per weekSalary: £43,742 to £50,056

We are looking for an experience IT professional to join our team as a Band 7 Lead Cyber Security Analyst.

Please see attached Job Description and Person Specification. For more details or please contact Jonathon Legg on jonathon.legg@nhs.net

Main duties of the job

Support the strategic approach to cyber threat management, help develop and lead strategy implementation plans, researching and reviewing industry best practice across cyber security protection, detection, response, and recovery.

Manage, train and support the cyber security team providing day to day coordination of the team's activities, aligning their Cyber technical, operational and soft skills to Trust and NHS National Cyber policies and procedures.

Ensure the identification and deployment of IT systems security updates, working with NHSE, Regional Cyber Leads and Trust IT teams to ensure the systems are secure, supported and comply with National or Trust policies and agreed Cyber Security KPI's.

Coordinate Cyber Security related projects activities, working directly with project managers to ensure new systems and IT services are implemented securely, with the correct levels of cyber related governance, documentation, technical controls and ongoing operational procedures

The post holder will be required to participate in the departmental on call rota.

About us

At Harrogate and District NHS Foundation Trust we provide outstanding care to both our patients and our staff. We support staff through benefits, health and wellbeing initiatives and opportunities for personal and professional development.

  • An inclusive and supportive culture our Trust encourages staff to bring their whole selves to work and active Staff Networks identify areas for improvement.
  • Staff Recognition - as well as regular appraisals, we recognise staff with our Making a Difference, Team of the Month Awards & Colleague Recognition Awards
  • Employee Support and wellbeing - we have a comprehensive Employee Assistance Programme, counselling service and fast track physiotherapy service for employees.
  • Staff Benefits - We have a range of staff benefits and schemes to support staff health, engagement, wellbeing and inclusion.

Details

Date posted

15 February 2024

Pay scheme

Agenda for change

Band

Band 7

Salary

£43,742 to £50,056 a year per annum pro rata

Contract

Permanent

Working pattern

Full-time

Reference number

421-CORP-0950M

Job locations

Harrogate District Hospital

Lancaster Park Road

Harrogate

HG2 7SX


Job description

Job responsibilities

  • Support strategic cyber security direction and security solution design across all core technologies including Cloud, Servers, Networking, Telecoms and Mobile devices.
  • Lead and motivate staff within the team to deliver and improve cyber security related services, mentor and train staff within the department
  • Ensure the IT systems security upgrades and patching processes are effective across automated deployments and any manual intervention required.
  • Assist with the development and implementation of cyber security related policies, procedures, and guidance documentation for relevant systems or control processes.
  • Lead in maintaining compliance with the DSPT, CareCERT or other accreditations, ensuring appropriate responses to NHSE, Cyber Auditors and any other 3rd parties.
  • Assist with the undertaking, scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolved.
  • Ensure the team provide robust cyber security support for the IT service desk, that all operational processes are followed and the required documentation is completed
  • Plan and lead on cyber security elements of Digital projects working directly with the Trusts project managers, manage the implementation of IT security projects.
  • Work with the communications team to implement regular effective cyber security awareness campaigns and other ad-hoc cyber security related communications.
  • Ensure timely and accurate information is provided to update the monthly cyber security KPIs, undertaking analysis and recommending improvements for any issues.
  • Engage in disaster recovery planning for all design aspects of technology working with the IT technical and support teams.
  • To provide cyber security advice for IT equipment and Medical Device procurement, operational management and life cycling.
  • Highlight areas of security practice that would benefit from review or improvement. Risk asses and implement cyber improvement suggestions or recommendations
  • Undertaking research and development initiatives on a range of emerging technologies and the security threat landscape, keep abreast of industry developments.
  • Review highly complex security information; ensure understanding of the complex detail, present the risks to technical and to non-technical staff groups within the trust.

  • Communicate a wide range of security issues which can be complex and multi-stranded to non-technical colleagues using appropriate and meaningful terminology.

  • Negotiate cyber security priorities with IT, Operational and Clinical managers to ensure an agreed balance between cyber security and operational requirements is met.

  • Help develop the Cyber Response and Business Continuity Plans working with IT, Operational, Emergency Planning and clinical staff groups.

  • Liaise with Regional partners and providers to ensure that the best practice cyber security techniques developed elsewhere can be utilised in the Trust, if appropriate

  • Post holder will be required to participate in callout procedures to ensure any cyber incidents are appropriately responded to.
  • Deputise for the IT Infrastructure & Cyber Security Manager on cyber security related matters as and when required.
  • Raise the profile of the IT service, in particular to establish a reputation for providing an effective, timely and responsive service.
  • Identify how each reported problem should be resolved, allocate resources if necessary and to ensure that all work is undertaken to the standard expected.

The post holder will be required to participate in the departmental on call rota.

Job description

Job responsibilities

  • Support strategic cyber security direction and security solution design across all core technologies including Cloud, Servers, Networking, Telecoms and Mobile devices.
  • Lead and motivate staff within the team to deliver and improve cyber security related services, mentor and train staff within the department
  • Ensure the IT systems security upgrades and patching processes are effective across automated deployments and any manual intervention required.
  • Assist with the development and implementation of cyber security related policies, procedures, and guidance documentation for relevant systems or control processes.
  • Lead in maintaining compliance with the DSPT, CareCERT or other accreditations, ensuring appropriate responses to NHSE, Cyber Auditors and any other 3rd parties.
  • Assist with the undertaking, scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolved.
  • Ensure the team provide robust cyber security support for the IT service desk, that all operational processes are followed and the required documentation is completed
  • Plan and lead on cyber security elements of Digital projects working directly with the Trusts project managers, manage the implementation of IT security projects.
  • Work with the communications team to implement regular effective cyber security awareness campaigns and other ad-hoc cyber security related communications.
  • Ensure timely and accurate information is provided to update the monthly cyber security KPIs, undertaking analysis and recommending improvements for any issues.
  • Engage in disaster recovery planning for all design aspects of technology working with the IT technical and support teams.
  • To provide cyber security advice for IT equipment and Medical Device procurement, operational management and life cycling.
  • Highlight areas of security practice that would benefit from review or improvement. Risk asses and implement cyber improvement suggestions or recommendations
  • Undertaking research and development initiatives on a range of emerging technologies and the security threat landscape, keep abreast of industry developments.
  • Review highly complex security information; ensure understanding of the complex detail, present the risks to technical and to non-technical staff groups within the trust.

  • Communicate a wide range of security issues which can be complex and multi-stranded to non-technical colleagues using appropriate and meaningful terminology.

  • Negotiate cyber security priorities with IT, Operational and Clinical managers to ensure an agreed balance between cyber security and operational requirements is met.

  • Help develop the Cyber Response and Business Continuity Plans working with IT, Operational, Emergency Planning and clinical staff groups.

  • Liaise with Regional partners and providers to ensure that the best practice cyber security techniques developed elsewhere can be utilised in the Trust, if appropriate

  • Post holder will be required to participate in callout procedures to ensure any cyber incidents are appropriately responded to.
  • Deputise for the IT Infrastructure & Cyber Security Manager on cyber security related matters as and when required.
  • Raise the profile of the IT service, in particular to establish a reputation for providing an effective, timely and responsive service.
  • Identify how each reported problem should be resolved, allocate resources if necessary and to ensure that all work is undertaken to the standard expected.

The post holder will be required to participate in the departmental on call rota.

Person Specification

Essential

Essential

  • Broad based technical knowledge covering all aspects of infrastructure from networking, end user devices through to servers and data centres.
  • Knowledge and practical experience in Microsoft Defender for Endpoint, Microsoft Sentinel, Microsoft Conditional Access policies, Microsoft Intune, Multi-Factor authentication and the M365 suite of products.
  • High level of interpersonal and organisational skills with the ability to plan tasks effectively, taking a structured and methodical approach to achieving outcomes
  • Experience of working on and providing support to major technology projects.

Desirable

  • Previous experience in a similar position within the NHS or healthcare provider supporting over 5,000 users
Person Specification

Essential

Essential

  • Broad based technical knowledge covering all aspects of infrastructure from networking, end user devices through to servers and data centres.
  • Knowledge and practical experience in Microsoft Defender for Endpoint, Microsoft Sentinel, Microsoft Conditional Access policies, Microsoft Intune, Multi-Factor authentication and the M365 suite of products.
  • High level of interpersonal and organisational skills with the ability to plan tasks effectively, taking a structured and methodical approach to achieving outcomes
  • Experience of working on and providing support to major technology projects.

Desirable

  • Previous experience in a similar position within the NHS or healthcare provider supporting over 5,000 users

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

Harrogate and District NHS Foundation Trust

Address

Harrogate District Hospital

Lancaster Park Road

Harrogate

HG2 7SX


Employer's website

https://www.hdft.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

Harrogate and District NHS Foundation Trust

Address

Harrogate District Hospital

Lancaster Park Road

Harrogate

HG2 7SX


Employer's website

https://www.hdft.nhs.uk/ (Opens in a new tab)

Employer contact details

For questions about the job, contact:

IT Infrastructure and Cyber Security Manager

Jon Legg

jonathon.legg@nhs.net

07392194034

Details

Date posted

15 February 2024

Pay scheme

Agenda for change

Band

Band 7

Salary

£43,742 to £50,056 a year per annum pro rata

Contract

Permanent

Working pattern

Full-time

Reference number

421-CORP-0950M

Job locations

Harrogate District Hospital

Lancaster Park Road

Harrogate

HG2 7SX


Supporting documents

Privacy notice

Harrogate and District NHS Foundation Trust's privacy notice (opens in a new tab)