Head of Cyber Security

University Hospital of North Midlands

Information:

This job is now closed

Job summary

Head of Cyber Security band 8b

The post holder will be the lead expert for Cyber Security with responsibility of ensuring the security of the organisations IT Infrastructure and patient data as well as working as an IM&T Operations Engineer. The Post holder will be responsible for seeking out any potential vulnerability both internally and externally and proposing / implementing solutions to prevent breaches of IT security.

Working as part of part of a team responsible for providing mission critical services ensuring a responsive technical service, involved in the design, development and security of IT systems. Due to the highly technical nature of this post there will be also a requirement to undertake configuration, tuning, troubleshooting, recovery fault resolution and in-depth technical fault diagnosis and problem solving

Main duties of the job

  • Represent Cyber Security interests at the IT Change Advisory Board, ensuring changes to technology have been appropriately considered
  • Develop and maintain relationships with other NHS organsations across the UK in relation to Cyber related incidents, findings and solutions
  • Ensure regular contact with external organisations such as NHS Digital keeping well-informed on security vulnerabilities and recommended solutions to mitigate risk
  • Promotes security awareness and strengthen relationships with business stakeholders
  • Post holder will act as the lead Incident Manager in the event of a Cyber Security breach ensuring that the correct approach is taken to identification, diagnostics and resolution.
  • To provide, understand and receive at an appropriate level, highly complex and technical issues / information and clearly communicate these issues at a level understandable by the audience.
  • Negotiating with clinicians, senior managers and third party suppliers in relation to new working practices and technical solutions. To agree design and development, priorities through the use of a project plan and the design of reporting tools.
  • Understand, disseminate and then presents highly complicated information, of an often contentious or sensitive nature to clinicians and senior levels of management.

About us

University Hospitals of North Midlands NHS Trust is one of the largest and most modern in the country. We serve around three million people and were highly regarded for our facilities, teaching and research. The Trust has around 1,450 inpatient beds across two sites in Stoke-on-Trent and Stafford. Our 11,000 strong workforce provide emergency treatment, planned operations and medical care from Royal Stoke University Hospital and County Hospital in Stafford.

We are the specialist centre for major trauma for the North Midlands and North Wales. We have put together a wide range of development packages aimed at ensuring that everyone has the opportunity to fulfil their potential. Our goal is to be a world-class centre of achievement, where patients receive the highest standards of care and the best people come to learn, work and research.

Date posted

23 December 2021

Pay scheme

Agenda for change

Band

Band 8b

Salary

£54,764 to £63,862 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

205-3754892

Job locations

Royal Stoke Hospital

Newcastle Road

Stoke on Trent

ST4 6QG


Job description

Job responsibilities

For more information on working for the Trust, please see the attached Job Description and Person Specification.

For more details on the post, please contact David Tudor

(see contact details)

Job description

Job responsibilities

For more information on working for the Trust, please see the attached Job Description and Person Specification.

For more details on the post, please contact David Tudor

(see contact details)

Person Specification

Education and qualifications

Essential

  • Qualified to Masters Degree level or equivalent experience gained or equivalent work experience
  • MCSE or MCSA qualification or equivalent specialist IT training

Desirable

  • Degree in Computer Sciences
  • CISSP qualification
  • CCNA, CCNP, CyberOps Cisco Network qualification

Experience

Essential

  • Significant experience of identifying potential IT security related threats
  • Significant experience in coordinating incidents relating to IT security breaches ensuring a methodical approach is taken to identification, diagnostics and resolution
  • In depth experience of liaising with national third party vendors ie NHS Digital
  • Experience of working within a mission critical IT services.
  • In-depth specialist knowledge of IM and T systems and procedures (expert in their field)
  • Significant exposure to building and configuring personal computers and associated peripherals.
  • In depth experience of building and configuring server systems and relating IT security to all new system infrastructure design and implementation
  • In depth experience of working in a server environment including building server systems from scratch. This includes clustered Email, database, web servers, VPN or Remote Working technologies, Network Attached Storage devices and storage area network equipment.
  • Experienced in providing assurance reports to senior stakeholders
  • Experienced with building and management of firewalls, IDS or IPS (eg Cisco ASA or Firepower, Fortinet, Palo Alto, Sophos XG or UTM)
  • Experienced in providing assurance reports to senior stakeholders
  • Experienced in investigation of Cyber Security matters

Desirable

  • Experience with Enterprise Cyber Security technologies eg Darktrace or Stealthwatch or Vectra or MS Defender for Endpoints or Sophos Central
  • Familiarity with current computing technologies
  • Configuration of all versions of Microsoft Server Platforms.
  • Good understanding of NHS working practices and standards including the Data Security and Protection Toolkit, Cyber Essentials plus and ISO 27001

Skills, Ability & Knowledge

Essential

  • Excellent Analytical skills in order to investigate and resolve complex issues.
  • The ability to plan and organise the implementation of complex and specialist systems/project. These systems impact across all clinical and non clinical areas of the Trust.
  • To take the lead on the design and development of major systems in line with Trust IT strategies and within budget requirements
  • To research new IT security tools, technologies and present proposals for better and more efficient ways of working.
  • To be responsible for ensuring that the infrastructure is in place for systems to run efficiently.
  • To take the lead and liaise with third party companies regarding Cyber Security and be responsible for the on-going maintenance
  • Committed to providing a customer focused IT service to the Trust and other relevant parties.
  • Ability to relate to system users at all levels and communicate technical issues in a non-technical manner.
  • Responsible for back-ups of Terabytes of critical patient and user data.
  • Excellent general communication and telephone skills.
  • Excellent customer relation skills.
  • Logical approach to problem solving.
  • Able to think clearly under pressure.
  • Able to work under pressure and to deadlines.
  • Ability to manage own time and priorities.
  • The ability to guide members of the team to help them solve problems, sometimes these are of a complex nature and require in depth research to resolve.
  • Knowledge and ability to manage and administer the Trust's and responsible for the security of the Trust applications and confidential patient data.
  • Responsible for the planning of updates and upgrades of business critical systems, infrastructure and information systems.
  • The ability to handle detailed, diverse and at times highly complex technical issues by yourself, including researching of a solution via the Internet where required.
  • The ability to maintain and repair a server and storage investment of some 1,000,000 pounds plus, ensuring a front line service is provided to over 10000 online users 24/7 x 365 days a year.
  • An in-depth understanding of the interactions Between server systems and networking systems.
  • Knowledge of server system administration and support.
  • General knowledge and understanding of LAN WAN networking and associated devices.
  • Routine monitoring, maintenance and configuration of servers and application software.
  • The physical installation and configuration of servers and operating systems from the ground up, including Windows 2012 and above.
  • Experience in supporting a mixed IT environment, incorporating servers, PCs, Storage devices, network equipment .

Desirable

  • Able to adapt to changing technologies
  • Windows Server administration and support

Personal Qualities

Essential

  • The ability to work to tight deadlines while still maintaining the flexibility to deal with day to day queries from end users and other colleagues from within the Department.
  • Ability to concentrate for long periods while designing and developing complex systems.
  • Able to work as part of a team.
  • Self motivated.
  • Completer / finisher.
  • Attention to detail.
  • Full Driving licence to drive Trust vehicles.
  • To participate in an on-call rota providing 24 hour cover Infrastructure related business critical issues
  • Working across both Royal Stoke and County Hospital - rotation on a regular basis
Person Specification

Education and qualifications

Essential

  • Qualified to Masters Degree level or equivalent experience gained or equivalent work experience
  • MCSE or MCSA qualification or equivalent specialist IT training

Desirable

  • Degree in Computer Sciences
  • CISSP qualification
  • CCNA, CCNP, CyberOps Cisco Network qualification

Experience

Essential

  • Significant experience of identifying potential IT security related threats
  • Significant experience in coordinating incidents relating to IT security breaches ensuring a methodical approach is taken to identification, diagnostics and resolution
  • In depth experience of liaising with national third party vendors ie NHS Digital
  • Experience of working within a mission critical IT services.
  • In-depth specialist knowledge of IM and T systems and procedures (expert in their field)
  • Significant exposure to building and configuring personal computers and associated peripherals.
  • In depth experience of building and configuring server systems and relating IT security to all new system infrastructure design and implementation
  • In depth experience of working in a server environment including building server systems from scratch. This includes clustered Email, database, web servers, VPN or Remote Working technologies, Network Attached Storage devices and storage area network equipment.
  • Experienced in providing assurance reports to senior stakeholders
  • Experienced with building and management of firewalls, IDS or IPS (eg Cisco ASA or Firepower, Fortinet, Palo Alto, Sophos XG or UTM)
  • Experienced in providing assurance reports to senior stakeholders
  • Experienced in investigation of Cyber Security matters

Desirable

  • Experience with Enterprise Cyber Security technologies eg Darktrace or Stealthwatch or Vectra or MS Defender for Endpoints or Sophos Central
  • Familiarity with current computing technologies
  • Configuration of all versions of Microsoft Server Platforms.
  • Good understanding of NHS working practices and standards including the Data Security and Protection Toolkit, Cyber Essentials plus and ISO 27001

Skills, Ability & Knowledge

Essential

  • Excellent Analytical skills in order to investigate and resolve complex issues.
  • The ability to plan and organise the implementation of complex and specialist systems/project. These systems impact across all clinical and non clinical areas of the Trust.
  • To take the lead on the design and development of major systems in line with Trust IT strategies and within budget requirements
  • To research new IT security tools, technologies and present proposals for better and more efficient ways of working.
  • To be responsible for ensuring that the infrastructure is in place for systems to run efficiently.
  • To take the lead and liaise with third party companies regarding Cyber Security and be responsible for the on-going maintenance
  • Committed to providing a customer focused IT service to the Trust and other relevant parties.
  • Ability to relate to system users at all levels and communicate technical issues in a non-technical manner.
  • Responsible for back-ups of Terabytes of critical patient and user data.
  • Excellent general communication and telephone skills.
  • Excellent customer relation skills.
  • Logical approach to problem solving.
  • Able to think clearly under pressure.
  • Able to work under pressure and to deadlines.
  • Ability to manage own time and priorities.
  • The ability to guide members of the team to help them solve problems, sometimes these are of a complex nature and require in depth research to resolve.
  • Knowledge and ability to manage and administer the Trust's and responsible for the security of the Trust applications and confidential patient data.
  • Responsible for the planning of updates and upgrades of business critical systems, infrastructure and information systems.
  • The ability to handle detailed, diverse and at times highly complex technical issues by yourself, including researching of a solution via the Internet where required.
  • The ability to maintain and repair a server and storage investment of some 1,000,000 pounds plus, ensuring a front line service is provided to over 10000 online users 24/7 x 365 days a year.
  • An in-depth understanding of the interactions Between server systems and networking systems.
  • Knowledge of server system administration and support.
  • General knowledge and understanding of LAN WAN networking and associated devices.
  • Routine monitoring, maintenance and configuration of servers and application software.
  • The physical installation and configuration of servers and operating systems from the ground up, including Windows 2012 and above.
  • Experience in supporting a mixed IT environment, incorporating servers, PCs, Storage devices, network equipment .

Desirable

  • Able to adapt to changing technologies
  • Windows Server administration and support

Personal Qualities

Essential

  • The ability to work to tight deadlines while still maintaining the flexibility to deal with day to day queries from end users and other colleagues from within the Department.
  • Ability to concentrate for long periods while designing and developing complex systems.
  • Able to work as part of a team.
  • Self motivated.
  • Completer / finisher.
  • Attention to detail.
  • Full Driving licence to drive Trust vehicles.
  • To participate in an on-call rota providing 24 hour cover Infrastructure related business critical issues
  • Working across both Royal Stoke and County Hospital - rotation on a regular basis

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

University Hospital of North Midlands

Address

Royal Stoke Hospital

Newcastle Road

Stoke on Trent

ST4 6QG


Employer's website

https://www.uhnm.nhs.uk (Opens in a new tab)

Employer details

Employer name

University Hospital of North Midlands

Address

Royal Stoke Hospital

Newcastle Road

Stoke on Trent

ST4 6QG


Employer's website

https://www.uhnm.nhs.uk (Opens in a new tab)

For questions about the job, contact:

Head of Service Delivery

David Tudor

david.tudor@uhnm.nhs.uk

01782671510

Date posted

23 December 2021

Pay scheme

Agenda for change

Band

Band 8b

Salary

£54,764 to £63,862 a year per annum

Contract

Permanent

Working pattern

Full-time

Reference number

205-3754892

Job locations

Royal Stoke Hospital

Newcastle Road

Stoke on Trent

ST4 6QG


Supporting documents

Privacy notice

University Hospital of North Midlands's privacy notice (opens in a new tab)