Job summary
Do you want to use your cyber skills to undertake a cyber security role at unprecedented scale that makes a real difference to healthcare in England?
Cyber Operation's purpose is to support safe care and build public trust by building NHS Englands cyber resilience and enabling the wider health system to be cyber resilient. It also has a key role in supporting the Transformation Directorates purpose of delivering the best care and outcomes for the NHS.
The Cyber Operations sub-directorate consists of 4 operational areas:
- Cyber Security Operations Unit (CSOU).
- Cyber Delivery Unit (CDU).
- Cyber Improvement.
- Chief Information Security Office Function (CISO).
The CISO Function consists of four operational teams:
- Security Strategy.
- Secure (by Design).
- Security Assurance.
- Security Governance, Risk & Compliance (GRC).
Main duties of the job
The Security Assurance function (part of the wider Chief Information Security (CISO) function) provides ongoing assurance that proportionate levels of cyber security are being maintained in all systems across the enterprise. This includesmaintaining and delivering a schedule of penetration tests across NHSE and the management of 3rdparty suppliers.
We are recruiting for a Cyber Security Advisor to sit within the Security Assurance function.
About us
We are a great place to work.What we do matters.
From April 2023, NHS England, Health Education England and NHS Digital became one single organisation, putting workforce, data, digital and technology at the heart of our plans to transform the NHS. Our mission, to use data and technology to improve lives remains and we are currently recruiting critical, priority roles. Successful applicants should be aware that roles may be subject to change in the new organisation.NHS England leads the NHS in England to deliver high quality care for all. We support NHS organisations to deliver better outcomes for our patients and communities, work to get the best possible value for taxpayers, and drive improvement across the NHS. This includes improving the health of the population and the quality of care, tackling inequalities, and delivering care more efficiently.Our outstanding teams are passionate about technology and public service, making use of everyones skills to improve peoples lives.
We collaborate to deliver world class tech and intelligence, so come and join us. We are committed to sustainability, diversity and inclusion; our people are at the heart of what we do.
To find out more about the type of work we do, please take a look at our website.
Job description
Job responsibilities
This is an exciting opportunity to help shape, guide and deliver NHS Englands Cyber Security Strategy, byproviding leadership teams with accurate information regarding cyber and information security risks in a timely manner.
Some tasks you will work on:
- Work with one or more of the following teams: Security Business Partners,Penetration Testing & Assurance, Protective Security, Critical National Infrastructure & Supply Chain Assurance.
- Engage diverse stakeholders across NHS England on continual security assurance activities to drive timely security improvements and resilience.
- Support the development and management of key security assurance metrics to enable evidenced-based decision making.
- Support assurance activities in line with applicable frameworks and legislation such asNCSC CAF, NIS Regulations, GovAssure, HMG Secure by Design, NIST Special Publication 800-53, ISO 27001/2 and the DSPT.
- Collate, analyse and summarise intelligence on security maturity indicators, audit actions and assurance reporting.
- Undertake line management responsibilities as required
Important:Please be aware there are residency requirements you need to meet:
- All NHS Digital/England Cyber Security personnel must hold security clearance SC level as a minimum.To meet National Security Vetting requirements,you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance.Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role - will still be considered. More information on SC clearance can be foundhere.
Please make sure you meet these requirements before applying for this role.You dont need to have SC already, however, failure to achieve the requirements for SC after offer, will result in the job offer being withdrawn.
Job description
Job responsibilities
This is an exciting opportunity to help shape, guide and deliver NHS Englands Cyber Security Strategy, byproviding leadership teams with accurate information regarding cyber and information security risks in a timely manner.
Some tasks you will work on:
- Work with one or more of the following teams: Security Business Partners,Penetration Testing & Assurance, Protective Security, Critical National Infrastructure & Supply Chain Assurance.
- Engage diverse stakeholders across NHS England on continual security assurance activities to drive timely security improvements and resilience.
- Support the development and management of key security assurance metrics to enable evidenced-based decision making.
- Support assurance activities in line with applicable frameworks and legislation such asNCSC CAF, NIS Regulations, GovAssure, HMG Secure by Design, NIST Special Publication 800-53, ISO 27001/2 and the DSPT.
- Collate, analyse and summarise intelligence on security maturity indicators, audit actions and assurance reporting.
- Undertake line management responsibilities as required
Important:Please be aware there are residency requirements you need to meet:
- All NHS Digital/England Cyber Security personnel must hold security clearance SC level as a minimum.To meet National Security Vetting requirements,you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance.Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role - will still be considered. More information on SC clearance can be foundhere.
Please make sure you meet these requirements before applying for this role.You dont need to have SC already, however, failure to achieve the requirements for SC after offer, will result in the job offer being withdrawn.
Person Specification
Qualifications
Essential
Desirable
Experience
Essential
Desirable
Additional Criteria
Essential
Desirable
Person Specification
Qualifications
Essential
Desirable
Experience
Essential
Desirable
Additional Criteria
Essential
Desirable
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
