Job summary
Band 8B (Subject to Evaluation)
Dartford & Gravesham Information Communication Technology Department has a vacancy for an ICT Cyber Security and Network Manager.
The role of Cyber Security and Network Manager is responsible for ensuring the technical completeness (fit-for-purpose) of the Trust IT network infrastructure and ensuring a good cyber posture for the Trust. The position provides technical leadership and consulting across the organisation, incorporating all relevant IT technologies from strategic decision making to technical project planning and deployment.
The network Infrastructure team will provide expert-level technical support to over 3000 clinical and administrative colleagues using IT services, across multiple sites Darent Valley, Queen Marys Sidcup, Erith and Gravesend plus a number of community based clinical staff.
This role requires a hands on technical manager with expert Cyber skills and network infrastructure knowledge with an ability to lead two specialist teams to meet the Trusts operational developments and architect and implement new solutions. The post holder will also be responsible for maintaining network management systems, system diagrams, specification and testing of network hardware, development of processes and procedures and management of hardware support contracts.
If you are looking for a challenge and want to join a dynamic team in a friendly and pro-active Trust then this might be the role for you.
Main duties of the job
Reporting to the Head of ICT the post-holder will:
lead the Cyber Security function and assist setting the ICT strategy and direction for the ICT Department and Trust
ensure the technical completeness (fit-for-purpose) of the Trust IT network infrastructure, specifically in the area of Network Technology, security and Support.
provide technical leadership and consulting across the organisation, incorporating all relevant IT technologies from strategic decision making to technical project planning and deployment
provide expert-level technical support to over 3000 clinical and administrative colleagues using IT services, across multiple sites plus a number of community based clinical staff.
manage the Cyber Security team embedded within the IT function
be responsible for ensuring that all work being completed across the various disciplines in IT are assessed in terms of vulnerabilities and exposure to internal or external attack.
maintain network management systems, system diagrams, specification and testing of network hardware, development of processes and procedures and management of hardware support contracts.
be responsible for meeting the performance objectives and ensuring the delivery of excellent support services while seeking to implement efficiencies and improve practice within the systems teams
The role will form an integral part of the Trust's Innovation Group who evaluate any new systems implementations.
About us
We are committed to being an inclusive and diverse employer. We strive to employ people who reflect the communities we serve, and aim to create an inclusive culture where everyone can reach their full potential. Whatever your race, ethnicity, belief, generation, sexual orientation, gender or gender identity, disability or experience, you'll appreciate the opportunities we give you to work in an inclusive atmosphere. We welcome applications from people of diverse backgrounds, perspectives and experiences to build on the progress we've achieved to make our Trust diverse and the best place to work. We celebrate the diversity of thought, viewpoints and ideas that help us overcome challenges and embrace new possibilities. We have signed the Armed Forces Covenant Pledge and have a commitment to the Armed Forces Community.
If you are considering applying for a role, please be aware that as an NHS Employee you may have contact with vulnerable service users. We strongly encourage that all our staff are vaccinated against COVID-19 and are vaccinated annually against Flu, in order to protect the health and safety of our staff and patients. Your commitment will help us to put the safety and care of our patients first, as well as helping us to protect you and your colleagues.
Job description
Job responsibilities
General Management:
To provide effective leadership and management to staff, promoting high performance standards both individually and as a team, in alignment with the Trust's objectives and priorities. All Team Leaders should actively contribute to embedding good employment practices throughout the organization.
The postholder is expected to:
Understand the Trust's and IT department's key priorities and translate them into actionable objectives.
Ensure roles are well-defined and effective.
Manage staff in accordance with Trust HR Policies to achieve equality, equity, and optimal performance.
Conduct annual appraisals for all staff reflecting these priorities, and ensure access to appropriate training and development.
Manage staff performance and disciplinary matters as required, following Trust policies.
Maintain regular communication with teams and individuals, fostering two-way feedback.
Promote an effective team ethos with a proactive approach to delivering quality services.
Champion equality, diversity, and rights, treating all with dignity and respect and tailoring services to the specific needs of protected characteristics.
Actively contribute to promoting equality, diversity, and Human Rights in working practices, ensuring fair treatment and equality of opportunity.
Comply with legislation and organizational policies regarding equality, diversity, and human rights.
Please see attached job description for further information.
Job description
Job responsibilities
General Management:
To provide effective leadership and management to staff, promoting high performance standards both individually and as a team, in alignment with the Trust's objectives and priorities. All Team Leaders should actively contribute to embedding good employment practices throughout the organization.
The postholder is expected to:
Understand the Trust's and IT department's key priorities and translate them into actionable objectives.
Ensure roles are well-defined and effective.
Manage staff in accordance with Trust HR Policies to achieve equality, equity, and optimal performance.
Conduct annual appraisals for all staff reflecting these priorities, and ensure access to appropriate training and development.
Manage staff performance and disciplinary matters as required, following Trust policies.
Maintain regular communication with teams and individuals, fostering two-way feedback.
Promote an effective team ethos with a proactive approach to delivering quality services.
Champion equality, diversity, and rights, treating all with dignity and respect and tailoring services to the specific needs of protected characteristics.
Actively contribute to promoting equality, diversity, and Human Rights in working practices, ensuring fair treatment and equality of opportunity.
Comply with legislation and organizational policies regarding equality, diversity, and human rights.
Please see attached job description for further information.
Person Specification
Education and Training
Essential
- Educated to Master's level or proven equivalent experience
- Certified Information Systems Security Professional (CISSP) or equivalent.
- One of the following Certifications: GIAC Web Application Penetration Tester, Certified Ethical Hacker, Offensive Security Certified Professional (OSCP)
- Evidence of continuing professional development
- IT Infrastructure Library (ITIL) Foundation Level
- Cisco CCNA Certification (Switching & Routing).
- Cisco CCNP Certification (Switching & Routing)
Desirable
Knowledge and Skills
Essential
- In-depth understanding of ISO27001, PCI DSS, Management, CISSP, Security, Strategy, Pen Testing
- In-depth knowledge of OWASP Top 10, CWE/SANS Top 25, WASC
- Demonstrates understanding of vulnerability remediation
- Expert knowledge in IT security best practice and solutions.
- Good understanding of IT infrastructure
- Good understanding of software development practices and coding.
- Understanding of log analysis and security forensics
- Mobile security testing
- Extensive knowledge of IT standards and system management methodologies
- General knowledge of Project Management methodology
- Good knowledge of MS Office and project specific software
- Expert knowledge on Security/VPN's, SDWAN etc.
- Expert knowledge on network switching & routing in a multi-site environment.
- Expert knowledge and understanding of key protocols like OSPF, EIGRP, RIP, BGP etc
- Expert knowledge of firewall configuration and management, including firewall security.
- Expert knowledge of proxy servers.
- Thorough understanding of LANS, WANS,WLANS, SDWANS etc
- Expert Knowledge in a range of Network tools covering Lan/Wan, , Wireless and firewall performance, capacity, and security monitoring and analysis.
Experience
Essential
- Substantial experience in a technical environment with proven experience as a senior technician.
- Ethical Hacking experience.
- Consultancy, risk management, solution design and issue resolution
- Resource management and vendor management, working with vendors to get the right people in place
- Secure code review and experience using automated toolsets
- Conducting and working with 3rd party suppliers to conduct penetration tests, both software and hardware.
- Exposure to ISO 27001, 9001
- Engaging 3rd party security specialists to provide additional assurance
Desirable
Personal Attributes
Essential
- Logical and methodical approach to issues and problem-solving
- Able to manage conflicting priorities in a demanding environment
- Approachable
- Leads by example
- Resilient
- Ability to concentrate for long periods of time, e.g. when resolving cyberthreats
- Able to remain calm in crisis situations such as a cyberattack
Person Specification
Education and Training
Essential
- Educated to Master's level or proven equivalent experience
- Certified Information Systems Security Professional (CISSP) or equivalent.
- One of the following Certifications: GIAC Web Application Penetration Tester, Certified Ethical Hacker, Offensive Security Certified Professional (OSCP)
- Evidence of continuing professional development
- IT Infrastructure Library (ITIL) Foundation Level
- Cisco CCNA Certification (Switching & Routing).
- Cisco CCNP Certification (Switching & Routing)
Desirable
Knowledge and Skills
Essential
- In-depth understanding of ISO27001, PCI DSS, Management, CISSP, Security, Strategy, Pen Testing
- In-depth knowledge of OWASP Top 10, CWE/SANS Top 25, WASC
- Demonstrates understanding of vulnerability remediation
- Expert knowledge in IT security best practice and solutions.
- Good understanding of IT infrastructure
- Good understanding of software development practices and coding.
- Understanding of log analysis and security forensics
- Mobile security testing
- Extensive knowledge of IT standards and system management methodologies
- General knowledge of Project Management methodology
- Good knowledge of MS Office and project specific software
- Expert knowledge on Security/VPN's, SDWAN etc.
- Expert knowledge on network switching & routing in a multi-site environment.
- Expert knowledge and understanding of key protocols like OSPF, EIGRP, RIP, BGP etc
- Expert knowledge of firewall configuration and management, including firewall security.
- Expert knowledge of proxy servers.
- Thorough understanding of LANS, WANS,WLANS, SDWANS etc
- Expert Knowledge in a range of Network tools covering Lan/Wan, , Wireless and firewall performance, capacity, and security monitoring and analysis.
Experience
Essential
- Substantial experience in a technical environment with proven experience as a senior technician.
- Ethical Hacking experience.
- Consultancy, risk management, solution design and issue resolution
- Resource management and vendor management, working with vendors to get the right people in place
- Secure code review and experience using automated toolsets
- Conducting and working with 3rd party suppliers to conduct penetration tests, both software and hardware.
- Exposure to ISO 27001, 9001
- Engaging 3rd party security specialists to provide additional assurance
Desirable
Personal Attributes
Essential
- Logical and methodical approach to issues and problem-solving
- Able to manage conflicting priorities in a demanding environment
- Approachable
- Leads by example
- Resilient
- Ability to concentrate for long periods of time, e.g. when resolving cyberthreats
- Able to remain calm in crisis situations such as a cyberattack
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
