Go back
NHS North East London

Senior Enterprise Security Manager

Information:

This job is now closed

Job summary

The Senior Enterprise Systems and Security Manager will be responsible for both the Cyber security of Enterprise Systems and management of the Enterprise Security team. The post holder will use the extensive knowledge gained through technical expertise, team management and service management to lead and take responsibility for maintaining, managing, and developing the infrastructure security position of both on-premise and cloud infrastructure.

The purpose of the team is to maximise service availability for all IT users by minimising threats to the organisations Infrastructure from cyber security, ensuring target service levels are met or exceeded, drive improvements to the Cyber security position whilst ensuring any new ICT service is future proof, efficient and compatible with corporate strategy and technical standards delivering a BAU support and project delivery service, the team are responsible for providing application deployment and management, patching, and end user compute management across the estate

Main duties of the job

The post holder will work flexibly between 8am and 6pm as required, during practice opening hours, including during practice extended opening hours, 8am-8pm, 7 days per week, including bank holidays. This may be covered by a rota or on call arrangements as appropriate.

About us

North East London is steeped in history and culture, and home to over two million people (and rising). It's the most diverse area of the UK; and because of that, one of the most exciting and vibrant places to work.

NHS North East London works with our health, social care, voluntary and community partners and residents) to plan and buy health services to meet our population's needs, making sure all parts of the local health and care system work effectively together. We work as part of the North East London Integrated Care System northeastlondonhcp.nhs.uk

We make sure residents and visitors have the best physical and mental health and have good access to high-quality health and care services. We have a vision to "work with and for all the people of North East London to create meaningful improvements in health, wellbeing and equity."

We serve eight local authority areas: Barking and Dagenham; City of London; Hackney; Havering; Newham; Redbridge; Tower Hamlets; and Waltham Forest.

Details

Date posted

04 January 2024

Pay scheme

Agenda for change

Band

Band 8b

Salary

£66,718 to £76,271 a year Per annum inclusive of Inner London HCAS

Contract

Permanent

Working pattern

Full-time

Reference number

161-NELICB-OC-0136-IS

Job locations

Unex Tower

5 Station Street

London

E15 1DA


Job description

Job responsibilities

Please see attached JD and PS for detailed job description and main responsibilities.

  • Postholder has responsibility and accountability for own work area and leads independently on this. Takes guidance from corporate or national policies and guidelines
  • Ensure that the team strategy is in line with business objectives and are fully cascaded
  • As senior work stream lead, works internally and externally to deliver projects, initiatives and services to time and in a cost-effective way
  • Support the identification and sharing of best practice in all matters of business and employee engagement
  • Operate in a highly political and sensitive environment.
  • Provide overall leadership to and management of the Enterprise Security Team
  • Personally lead, support and contribute to formal negotiations with senior staff from external stakeholders, providing a high level of negotiating expertise.
  • To lead on planning, developing, reviewing and updating/upgrading the organisations technical strategy for enterprise security and end point management.
  • Develop, Monitor, maintain the corporate end point management and monitoring suites to meet current and future needs of the organisation.
  • Ability to interpret, deliver to, author, publish and report against Operational Level Agreements (OLAs) and Service Level Agreements (SLAs)
  • Oversee the production of timely and value add reports in respect of the performance to agreed KPIs.
  • Accountable for ensuring care certs are managed, all mobile devices are encypted and all managed devices are protected by the required systems including anti-virus and appropriately patched
  • Responsible for devising and implementing a robust strategy that investigates the root cause of every major incident in line with area of responsibility, identifying reoccurring trends and making appropriate recommendations based on these outcomes
  • Responsible for the effective resolution of all customer escalations to the enterprise security team.
  • To develop an effective customer-focused enterprise security team that is fit for purpose, constantly looking for opportunities for improving efficiency and service levels.
  • Diagnose complex IT problems in dynamically changing IT situations.
  • Work with relevant peers to ensure the security of the IT systems and to identify any risks arising on-going.
  • Responsible for the on-going assessment of the toolsets and systems to ensure they are fit for purpose, resilient and reflects the organisations Business Continuity requirements.
  • Advise and enable technical teams to make security decisions. Provide consultancy and practical assistance on all cyber security risk and control matters.
  • Lead team to ensure attack-surface of existing and planned business services is reduced by identifying deficiencies and opportunities for improvement.
  • Balance the needs of operational support and project delivery across the team
  • Identify and/or create security architecture patterns and blueprints for cloud and on-premise infrastructure and applications.
  • Ensure cyber security solutions fit strategically in the organization enterprise architecture, existing technology standards, and aligns with the external security standards (GDPR, ISO 27001, Cyber Essential (Plus), and NCSC guidelines).

Job description

Job responsibilities

Please see attached JD and PS for detailed job description and main responsibilities.

  • Postholder has responsibility and accountability for own work area and leads independently on this. Takes guidance from corporate or national policies and guidelines
  • Ensure that the team strategy is in line with business objectives and are fully cascaded
  • As senior work stream lead, works internally and externally to deliver projects, initiatives and services to time and in a cost-effective way
  • Support the identification and sharing of best practice in all matters of business and employee engagement
  • Operate in a highly political and sensitive environment.
  • Provide overall leadership to and management of the Enterprise Security Team
  • Personally lead, support and contribute to formal negotiations with senior staff from external stakeholders, providing a high level of negotiating expertise.
  • To lead on planning, developing, reviewing and updating/upgrading the organisations technical strategy for enterprise security and end point management.
  • Develop, Monitor, maintain the corporate end point management and monitoring suites to meet current and future needs of the organisation.
  • Ability to interpret, deliver to, author, publish and report against Operational Level Agreements (OLAs) and Service Level Agreements (SLAs)
  • Oversee the production of timely and value add reports in respect of the performance to agreed KPIs.
  • Accountable for ensuring care certs are managed, all mobile devices are encypted and all managed devices are protected by the required systems including anti-virus and appropriately patched
  • Responsible for devising and implementing a robust strategy that investigates the root cause of every major incident in line with area of responsibility, identifying reoccurring trends and making appropriate recommendations based on these outcomes
  • Responsible for the effective resolution of all customer escalations to the enterprise security team.
  • To develop an effective customer-focused enterprise security team that is fit for purpose, constantly looking for opportunities for improving efficiency and service levels.
  • Diagnose complex IT problems in dynamically changing IT situations.
  • Work with relevant peers to ensure the security of the IT systems and to identify any risks arising on-going.
  • Responsible for the on-going assessment of the toolsets and systems to ensure they are fit for purpose, resilient and reflects the organisations Business Continuity requirements.
  • Advise and enable technical teams to make security decisions. Provide consultancy and practical assistance on all cyber security risk and control matters.
  • Lead team to ensure attack-surface of existing and planned business services is reduced by identifying deficiencies and opportunities for improvement.
  • Balance the needs of operational support and project delivery across the team
  • Identify and/or create security architecture patterns and blueprints for cloud and on-premise infrastructure and applications.
  • Ensure cyber security solutions fit strategically in the organization enterprise architecture, existing technology standards, and aligns with the external security standards (GDPR, ISO 27001, Cyber Essential (Plus), and NCSC guidelines).

Person Specification

Knowledge, Training and Experience

Essential

  • Educated to masters degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in this specialist technical area
  • Experience designing and delivering technical solutions to support a multi-client base
  • Strong understanding and working knowledge of key technical systems including: Infrastructure: MS Server, Active Directory, VMware, Microsoft Azure Infrastructure as a Service (IaaS), Nutanix, NetApp
  • Strong understanding and working knowledge of key technical systems including:Cloud security: Microsoft Intune, Office 365 Security, Conditional Access, Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), and Data Classification
  • Strong understanding and working knowledge of key technical systems including: Infrastructure and network security: Privilege Access Management (PAM), Identity and Access Management (IAM), Real Time Threat Management (RTTM), Content Filtering, Web Application Firewall (WAF), Next Generation Firewall (NGFW), Vulnerability Management, and Penetration Testing
  • Strong understanding and working knowledge of key technical systems including: Endpoint Mgmt: Next Generation Anti-Virus (NGAV), Advanced Threat Protection (ATP), Datto, Encryption, Active Directory Group Policies, and Sensitive Data Discovery
  • Strong understanding and working knowledge of key technical systems including: Security Monitoring: SIEM, Threat intelligence, and co-sourced SOC/ MSSP

Autonomy

Essential

  • Manage team (and indirectly, their teams) without need for supervision and in line with corporate and ICT objectives.

Other

Essential

  • Proven leadership and line management experience.
Person Specification

Knowledge, Training and Experience

Essential

  • Educated to masters degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in this specialist technical area
  • Experience designing and delivering technical solutions to support a multi-client base
  • Strong understanding and working knowledge of key technical systems including: Infrastructure: MS Server, Active Directory, VMware, Microsoft Azure Infrastructure as a Service (IaaS), Nutanix, NetApp
  • Strong understanding and working knowledge of key technical systems including:Cloud security: Microsoft Intune, Office 365 Security, Conditional Access, Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), and Data Classification
  • Strong understanding and working knowledge of key technical systems including: Infrastructure and network security: Privilege Access Management (PAM), Identity and Access Management (IAM), Real Time Threat Management (RTTM), Content Filtering, Web Application Firewall (WAF), Next Generation Firewall (NGFW), Vulnerability Management, and Penetration Testing
  • Strong understanding and working knowledge of key technical systems including: Endpoint Mgmt: Next Generation Anti-Virus (NGAV), Advanced Threat Protection (ATP), Datto, Encryption, Active Directory Group Policies, and Sensitive Data Discovery
  • Strong understanding and working knowledge of key technical systems including: Security Monitoring: SIEM, Threat intelligence, and co-sourced SOC/ MSSP

Autonomy

Essential

  • Manage team (and indirectly, their teams) without need for supervision and in line with corporate and ICT objectives.

Other

Essential

  • Proven leadership and line management experience.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

NHS North East London

Address

Unex Tower

5 Station Street

London

E15 1DA


Employer's website

https://northeastlondon.icb.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

NHS North East London

Address

Unex Tower

5 Station Street

London

E15 1DA


Employer's website

https://northeastlondon.icb.nhs.uk/ (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Head of Primary Care IT Services

Dave Game

dave.game@nhs.net

Details

Date posted

04 January 2024

Pay scheme

Agenda for change

Band

Band 8b

Salary

£66,718 to £76,271 a year Per annum inclusive of Inner London HCAS

Contract

Permanent

Working pattern

Full-time

Reference number

161-NELICB-OC-0136-IS

Job locations

Unex Tower

5 Station Street

London

E15 1DA


Supporting documents

Privacy notice

NHS North East London's privacy notice (opens in a new tab)