Job summary
The Digital Health Department is looking to recruit two Cyber Security Specialists into its small security team. The ideal candidate will be a team player with drive and enthusiasm; someone who understands the value of providing outstanding customer service and is able to effectively balance the need for improved cyber security with the operational needs of a large, busy hospital.
You must be able to work proactively and independently under pressure and deliver against individual and team Key Performance Indicators. We are looking for a candidate that has third line technical knowledge with experience of server and networking infrastructure.
We can promise you a varied, challenging and rewarding role as a Cyber Security Specialist. Twenty seven days annual leave, plus bank holidays, with an excellent pension scheme.
Onboarding incentives are available.
Advert closing: 5th June 2023
Interview date: 19th - 22nd June 2023 (TBC)
Full time: 37.5 hours per week (mix of on site / home / remote working)
Main duties of the job
You will provide cyber security support for Digital Health daily operations by managing the trusts cyber defence tools, provide cyber security support on trust projects and support tickets where Digital Health is involved; you will therefore work closely with other Digital Health technical teams, trust end users and other third parties; strong written, verbal communication and interpersonal skills are therefore essential.
As a cyber security specialist, you will provide expert guidance on the selection, design, justification, implementation and the operation of cyber security strategies, technologies, processes, procedures and standards to maintain the safety, confidentiality, integrity, availability and security of the Trust's digital infrastructure and systems; including the protection of Trust and patient data and informationstored and processed by infrastructure or systems managed by, or under the control of the Trust.
You will be expected to identify areas in which the Trust is inadequately covered by cyber security policies, procedures and technologies where in consultation with stakeholders, develop or implement new policies, procedures and technologies to cover these areas. You will be required to support senior IT managers in presenting these developments to the relevant non-technical stakeholders and partner organisations.
You will support the retention of compliance standards including DSPT and Secure Email Accreditation and support the acquirement of NIS compliance.
About us
Join us at the Norfolk and Norwich University Hospital and be part of a workforce of over 10,000 staff!
The NNUH is one of the largest NHS trusts in the UK, providing first-class acute care for around one million people, living in Norfolk and surrounding areas. We are a teaching and research hospital, at the forefront of innovation, home to state-of-the-art facilities, such as the Quadram Institute. We are pleased to work closely with the University of East Anglia, providing teaching opportunities for our staff and placement opportunities for their students. We attract some of the best and leading professionals from across the country and are proud that our workforce represents 94 countries from across the world.
We are a friendly, collaborative hospital, working with local services and home to N&N Hospitals Charity
We can offer you the full range of NHS benefits/discounts and in addition:
- Flexible working hours
- Fast Track Staff Physiotherapy Service
- Multi Faith prayer room
- Discounted gym memberships
- Excellent pension scheme and annual leave entitlement
- Wagestream - access up to 40% of your pay as you earn it
- Free Park & Ride service direct to NNUH site
- Free 24-hours confidential counselling support
- On-site Nursery
- On-site cafes offering staff discounts
- Support in career development
- Flexible staff bank
- Salary Sacrifice schemes including lease cars, Cycle to Work scheme and home electronics
Job description
Job responsibilities
- To act as the designated technical specialist on Cyber Security for the Trust, providing an expert specialist advice service, in accordance with national and local Cyber Security standards, best practice and appropriate legislation.
- Research and evaluate emerging Cyber Security threats and ways to manage them, providing reports and/or presentations where appropriate to senior stakeholders.
- Monitor Trust systems for attacks, intrusions and unusual, unauthorised or illegal activity, reporting findings to the Digital Health Security Manager.
- Use advanced analytic tools (artificial intelligence) to determine emerging threat patterns and vulnerabilities.
- Analyses, investigates and resolves very complex Cyber Security queries, issues and problems.
- Liaise with various stakeholders from all levels within the Trust in relation to Cyber Security issues and provide future recommendations for improvements and mitigation measures.
- Provides and receives highly complex, sensitive, and at times, contentious information. Able to effectively communicate said information and/or a range of Cyber Security issues which can be very complex and/or multi-stranded to relevant technical and nontechnical stakeholders and audiences.
- To liaise with the Counter Fraud Service, the Police, external organisations and senior managers, as required, when investigating Cyber Security related incidents, ensuring absolute discretion at all times.
- Engage in 'ethical hacking' and other security exercises, for example, simulating security breaches and report on findings.
Please see the attached job description for full details.
Job description
Job responsibilities
- To act as the designated technical specialist on Cyber Security for the Trust, providing an expert specialist advice service, in accordance with national and local Cyber Security standards, best practice and appropriate legislation.
- Research and evaluate emerging Cyber Security threats and ways to manage them, providing reports and/or presentations where appropriate to senior stakeholders.
- Monitor Trust systems for attacks, intrusions and unusual, unauthorised or illegal activity, reporting findings to the Digital Health Security Manager.
- Use advanced analytic tools (artificial intelligence) to determine emerging threat patterns and vulnerabilities.
- Analyses, investigates and resolves very complex Cyber Security queries, issues and problems.
- Liaise with various stakeholders from all levels within the Trust in relation to Cyber Security issues and provide future recommendations for improvements and mitigation measures.
- Provides and receives highly complex, sensitive, and at times, contentious information. Able to effectively communicate said information and/or a range of Cyber Security issues which can be very complex and/or multi-stranded to relevant technical and nontechnical stakeholders and audiences.
- To liaise with the Counter Fraud Service, the Police, external organisations and senior managers, as required, when investigating Cyber Security related incidents, ensuring absolute discretion at all times.
- Engage in 'ethical hacking' and other security exercises, for example, simulating security breaches and report on findings.
Please see the attached job description for full details.
Person Specification
Qualifications
Essential
- Educated to degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in Information Security.
- Qualification in Information Security for example GIAC GSEC, ISC2, CISSP etc.
Experience
Essential
- Extensive experience of developing and delivering an Information Security service to a large complex organisation using confidential and/or sensitive information
- Demonstrated significant experience of co-ordinating projects in complex and challenging environments.
- Demonstrates extensive experience of working within a technical discipline e.g. Cloud Services, Active Directory Administration, Group Policy Object creation, virtualisation, firewall support, digital security tools and general 3rd line support activities.
Skills
Essential
- Experience of setting up and implementing organisational policies, processes and procedures
Attitude, aptitude
Essential
- Effective role model, demonstrating NNUH's PRIDE values of People focussed, Respect, Integrity, Dedication and Excellence
- Demonstrates understanding and commitment to Equality, Diversity and Inclusion
Person Specification
Qualifications
Essential
- Educated to degree level in relevant subject or equivalent level qualification or significant experience of working at a similar level in Information Security.
- Qualification in Information Security for example GIAC GSEC, ISC2, CISSP etc.
Experience
Essential
- Extensive experience of developing and delivering an Information Security service to a large complex organisation using confidential and/or sensitive information
- Demonstrated significant experience of co-ordinating projects in complex and challenging environments.
- Demonstrates extensive experience of working within a technical discipline e.g. Cloud Services, Active Directory Administration, Group Policy Object creation, virtualisation, firewall support, digital security tools and general 3rd line support activities.
Skills
Essential
- Experience of setting up and implementing organisational policies, processes and procedures
Attitude, aptitude
Essential
- Effective role model, demonstrating NNUH's PRIDE values of People focussed, Respect, Integrity, Dedication and Excellence
- Demonstrates understanding and commitment to Equality, Diversity and Inclusion
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
