Job summary
Here at NHS Business Services Authority (NHSBSA), we have an exciting opportunity for a student to join us on a placement year as an ICT Security Support Analyst.
In support of NHSBSA operations, the IT function develops, supports and operates services. The security function helps ensure these digital services remain confidential.
Our team will help you realise your potential, sharing their wealth of skills and experience with you. You'll gain from mentor support while in the workplace, providing you with all the guidance you willneed to build a successful career.
You could be part of it - earn and learn! It's an exciting and challenging time here at the NHSBSA, as we help to shape and deliver efficient digitised products and services that enable front line services to deliver better healthcare, underpinned by great technology!
The placement is 13 months: 1st August 2024 to 1st September 2025. You must be currently enrolled in a course which allows for a placement and be in your penultimate year at the time of starting.
What do we offer?
- 27 days leave (increasing with length of service) plus 8 bank holidays
- Flexible working (we are happy to discuss options such as compressed hours)
- Flexi time
- Hybrid working model
- Career development
- Active wellbeing and inclusion networks
- Excellent pension
- NHS Car lease scheme
- Access to a wide range of benefits and high street discounts!
Main duties of the job
You will be working within the Cyber Security Operations Team with the Cyber Security Analysts, Security Architects and Cyber Security Operations Manager.
The successful candidate will be professional, proactive, and dedicated. You'll be great at communication, hitting deadlines and capable of balancing priorities, with the discipline to study in your own time. You will be expected to self-achieve all of the on-going learning standards to becomea successful Cyber Security Analyst.
In this role, you will:
- Actively review security alerts and respond to requests
- Ensure timely technical security support is provided to satisfy business needs
- Understand and help shape security requirements
- Ensure that customer data and other assets are secured
- Assist with maintaining the organisations Security Operations functions
- Proactively assess and investigating potential items of risk
- Investigate vulnerabilities in the network.
- Enabling open and modern secure digital services.
- Working under general direction and within a clear framework of responsibility, and will exercise personal responsibility and autonomy to plan own workloads to meet objectives and delivery timeframes.
About us
Here at the NHS Business Services Authority (NHSBSA), what we do matters.
We manage the NHS Pension scheme, process prescription payments and much more. Our services are used by NHS organisations, contractors and the public: we take pride in being part of something so meaningful, that touches millions of lives.
Just as we design our services around the needs of our customers, we place our people at the heart of our organisation. That's why when you join us, you'll be empowered and given the right support to help your career grow.
As one of the UK's Best Big Companies to work for, we're all connected to our values: Collaborative, Adventurous, Reliable and Energetic. We care about our people, our purpose, and your progress.
We strive to offer a fantastic colleague experience, where every voice is heard, and every colleague is supported and respected. Wellbeing, diversity and inclusion is at the centre of this, so when you join us, you can connect with our Lived Experience Networks who help us to bring our authentic selves to work.
We welcome applications from people of all backgrounds and circumstances. We are committed and proud to be a flexible employer and will endeavour to offer a working pattern that suits you wherever possible, whether that be hybrid working, flexible hours, job sharing and more.
Ready to join us on our journey to be a catalyst for better health? Apply today and see where the NHSBSA can take you.
We are people connected to care.
Job description
Job responsibilities
Job purpose:
This role will be based in the NHSBSAs Security Operations Team organisationally and will cover both Information Security Operations & Security Architecture.
The ICT Security Student Placement will work closely supporting the Security Operations Manager to assist in the management of all aspects of ICTSecurity, and related processes, within the NHSBSA.
Main duties:
1. Assisting the Security Operations Manager in managing the organisations ISO27001 compliant Information Security Management System within ICT.2. Assist in ensuring all NHSBSA staff complies with Information Security policies and procedures. This will include assisting with the development,implementation and maintenance of the Information Security policies and procedures.3. Assist with the management of information security breaches and take the necessary remedial action to reduce the impact of such breaches.This will also include trend analysis, developing and presenting management information for the ISMS Management Group to review.4. Assists with the development and maintenance of the Information Asset Inventory.5. Monitors and measures compliance with applicable security and information assurance standards and policies across the organisation.6. Assists with the production of Assurance documentation based on the 14 cloud security principles7. Providing support to staff within the team to ensure the smooth running of daily activities and project work.8. Collating information from various systems to assist the Security Operations Manager in producing management reports.9. Ensuring that all controls are managed and maintained to ensure continued alignment to the Information Security Management StandardISO2700110. Maintaining a sound technical knowledge of IT Security products, systems and procedures used within the organisation.
Job description
Job responsibilities
Job purpose:
This role will be based in the NHSBSAs Security Operations Team organisationally and will cover both Information Security Operations & Security Architecture.
The ICT Security Student Placement will work closely supporting the Security Operations Manager to assist in the management of all aspects of ICTSecurity, and related processes, within the NHSBSA.
Main duties:
1. Assisting the Security Operations Manager in managing the organisations ISO27001 compliant Information Security Management System within ICT.2. Assist in ensuring all NHSBSA staff complies with Information Security policies and procedures. This will include assisting with the development,implementation and maintenance of the Information Security policies and procedures.3. Assist with the management of information security breaches and take the necessary remedial action to reduce the impact of such breaches.This will also include trend analysis, developing and presenting management information for the ISMS Management Group to review.4. Assists with the development and maintenance of the Information Asset Inventory.5. Monitors and measures compliance with applicable security and information assurance standards and policies across the organisation.6. Assists with the production of Assurance documentation based on the 14 cloud security principles7. Providing support to staff within the team to ensure the smooth running of daily activities and project work.8. Collating information from various systems to assist the Security Operations Manager in producing management reports.9. Ensuring that all controls are managed and maintained to ensure continued alignment to the Information Security Management StandardISO2700110. Maintaining a sound technical knowledge of IT Security products, systems and procedures used within the organisation.
Person Specification
Personal Qualities, Knowledge & Skills
Essential
- Knowledge of IT security issues
- Knowledge of risk management techniques and the application of a risk based approach to managing security
- Awareness of Information Security in several of the following areas: Information Security Management Systems ISO27001
- Risk Management Process
- Security monitoring and auditing
- Awareness managing Technical Security implementation's
- Awareness of implementing ISO security standards - including certification in an organisation
Desirable
- Knowledge of IT Security Management, including: Implementing IS best practices
- Understanding of the requirements of ISO 27001 standards and the practical application of them in the IS environment
- An understanding of the available tools and technologies available to protect and monitor IS
- IT Service Management best practice, including ISO2000
- ITIL V3 foundation level certification.
Experience
Desirable
- Experience in risk assessment and balancing technical security risks with business requirements.
- Involvement in implementing BS and/or ISO security standards - including certification in an organisation
- Experience of handling the consequences of a serious security breach and developing remedial actions.
- Information Security Audits against the ISO27001 framework
- Good knowledge of NCSC 14 Cloud Security principles
- Recognised Information Security experience
Qualifications
Essential
- At least five GCSE's (or equivalent) of grades A*-C (or new grading of 4-9) including Maths, English and IT / Science.
- Educated to level 3 e.g. A-levels, BTEC Level 3's, level 3 apprenticeships or
- An IT related qualification or
- Able to demonstrate significant experience in an IT profession
Person Specification
Personal Qualities, Knowledge & Skills
Essential
- Knowledge of IT security issues
- Knowledge of risk management techniques and the application of a risk based approach to managing security
- Awareness of Information Security in several of the following areas: Information Security Management Systems ISO27001
- Risk Management Process
- Security monitoring and auditing
- Awareness managing Technical Security implementation's
- Awareness of implementing ISO security standards - including certification in an organisation
Desirable
- Knowledge of IT Security Management, including: Implementing IS best practices
- Understanding of the requirements of ISO 27001 standards and the practical application of them in the IS environment
- An understanding of the available tools and technologies available to protect and monitor IS
- IT Service Management best practice, including ISO2000
- ITIL V3 foundation level certification.
Experience
Desirable
- Experience in risk assessment and balancing technical security risks with business requirements.
- Involvement in implementing BS and/or ISO security standards - including certification in an organisation
- Experience of handling the consequences of a serious security breach and developing remedial actions.
- Information Security Audits against the ISO27001 framework
- Good knowledge of NCSC 14 Cloud Security principles
- Recognised Information Security experience
Qualifications
Essential
- At least five GCSE's (or equivalent) of grades A*-C (or new grading of 4-9) including Maths, English and IT / Science.
- Educated to level 3 e.g. A-levels, BTEC Level 3's, level 3 apprenticeships or
- An IT related qualification or
- Able to demonstrate significant experience in an IT profession
Additional information
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
