Job summary
Are you a hardworking, pro-active, highly able team player with drive and enthusiasm? Someone who understands the value of providing outstanding customer service and with a keen interest in Cyber Security? Who has proven themselves in their current role and wants to expand their horizons further?
Then, we need you!
An exciting opportunity has arisen, and we are looking to recruit a Cyber Security Engineer into an expanding Cyber Security team, supporting over 10,000 Healthcare users to work securely, effectively, and efficiently and utilise a continually evolving suite of digital tools, systems, and services. To also enhance our cyber security readiness and capabilities, to tackle emerging cyber risks.
The ideal candidate will have an array of skills and knowledge, through a combination of working experience, education, and self-learning, enabling them to play a central role in handling diverse cyber security activities in a complex and highly dynamic NHS Trust environment. The post is perfect for a motivated, proficient, values-driven Cyber Security/IT professional, hungry for a new challenge.
Main duties of the job
The post holder's primary objective is to ensure the Trust's IT Infrastructure, digital services, Person Identifiable Data (PID) and other sensitive data types are protected from cyber threats. Workingcollaboratively with internal and external stake holders, helping to check or develop security aspects of design, build, implementation, operation, process, and policy, to ensure they are secure, resilient, andcompliant with local and national standards.
They will provide or assist with Cyber Security incident detection, response and recovery as well as the development, implementation, maintenance and testing of the Trust's Cyber Incident Response Plan (CIRP) and Security Strategy.
They will work on and be actively involved with the development, implementation and maintenance of cyber security policies, controls, threat analysis, testing, assessments, auditing, reporting, detailed documentation, training, and other security activities.
They will promote cyber security awareness, good practice and compliance amidst end users, Trust service leads and other stake holders, helping to identify the risks, statutory requirements, and benefits, to ensure that high standards of cyber security are continually, efficiently, and effectively applied across the Trust.
Required to periodically attend and facilitate regional meetings, cyber exercises, panels, and other activities as and when required, in person, not just virtually.
About us
Oxford Health NHS Foundation Trust provides physical, mental health and social care for people of all ages across Oxfordshire, Buckinghamshire, Swindon, Wiltshire, Bath and North East Somerset.
Our services are delivered at community bases, hospitals, clinics and people's homes, delivering care as close to home as possible
Our vision is that no matter who you are or where you are, you will tell us that you receive:"Outstanding care delivered by an outstanding team"
Our values are:"Caring, safe and excellent"
At Oxford Health we offer a wide range of benefits designed to support your career and wellbeing. These include:
- Excellent opportunities for career progression
- Access to tailored individual and Trust wide learning and development
- 27 days annual leave, plus bank holidays, rising to 33 days with continuous service
- NHS Discount across a wide range of shops, restaurants and retailers
- Competitive pension scheme
- Lease car scheme
- Cycle to work scheme
- Employee Assistance Programme
- Mental Health First Aiders
- Staff accommodation (please note waiting lists may apply)
- Staff networking and support groups hosted by our Equality, Diversity & Inclusion team
Job description
Job responsibilities
For the main duties and responsibilities of this role please read the attached Job Description and Person Specification.
When completing your application please ensure your supporting statement reflects the criteria set out in these documents, by showing how your experience, knowledge and skills apply to this post.
Please also note that this post is currently subject to job evaluation.
Job description
Job responsibilities
For the main duties and responsibilities of this role please read the attached Job Description and Person Specification.
When completing your application please ensure your supporting statement reflects the criteria set out in these documents, by showing how your experience, knowledge and skills apply to this post.
Please also note that this post is currently subject to job evaluation.
Person Specification
Qualifications
Essential
- Degree or equivalent level of demonstratable experience, with specialisms in Cyber Security or IT.
- Entry level Cyber Security Certification (ISC2 CC, CompTIA Security+ or other)
Desirable
- Advanced Cyber Security Certifications (CISSP, SSCP, CCSP, CGRC, CISM, CRISC or other)
- Project Management Certification
Knowledge
Essential
- Cyber Security Technologies/Principles/Methodologies
- Networking Methodologies/Principles
- Digital Forensics/Root Cause Analysis
- Computing Technologies/Principles
- Information Governance/GDPR
- Advanced MS Server/Client/O365
- Web and Mail Filters
- Cyber Security Tools
- OWASP Standard
- Networking Tools
Desirable
- NHS/Healthcare Systems
- Networking Technologies
- MS Defender Endpoints
- Cyber Security Auditing
- ISO 27001/SOC2/CE+
- ForcePoint Web Filter
- Mimecast Mail Filter
- Penetration Testing
- NCSC WebCheck
- Qualys SSL Labs
- N3 HSCN/VLANs
- SIEM Solution(s)
- NHS DSPT
Uncertified Training/Skills
Essential
- Advanced Cyber Security or Associated Uncertified Training
Desirable
- Work-based Technical Troubleshooting Skills
- Work-based Cyber Security or Digital Forensics Skills
Experience
Essential
- Significant working experience providing technical or troubleshooting IT support or Cyber Security services
- Using Cyber Security Software/Tools
- Producing Structured Documentation
- Providing end user or peer Training
- Work based Management of Technical Projects through to successful delivery
- Work based Digital Forensics and RCA
- Work based Research and Analysis
- Work based Report Writing
- Working to Agreed Timescales
- Working with Confidential Data
Desirable
- Former Cyber Security or Advanced IT NHS role
- Working experience using Cyber Security Tools & Penetration Testing
- Working experience of Evidence Provision for NHS DSPT, ISO27001 or CE+
- Working experience of Protection and Monitoring solutions such as AV, SIEM, Mail/Web Filters, MS 365
- Creating Training Material
Personal Qualities
Essential
- Demonstrates excellent interpersonal skills, with the ability to communicate clearly and effectively with a wide variety of stakeholders
- Actively maintains a current knowledge of Cyber Security and can rapidly familiarise with new technologies, concepts, standards, and methodologies
- Analytical skills, with the ability to interpret, analyse and present complex information from diverse sources
- High level of work organisation, self-motivation and self-management, drive for performance and improvement, flexible in approach and manner
- Organisational and documentation skills, with an attention to confidentiality, detail and accuracy
- Energy, enthusiasm, and ability to work calmly and logically under pressure, delivering excellent customer service
- Ability to take the initiative, identify and resolve problems in an analytical, structured, controlled, and creative way
- Ability to think conceptually and laterally
- Ability to work alone or as part of a team, and work with a wide range of people with different skills and needs
Desirable
- Ability to analyse highly complex information, identifying trends
- Demonstratable contributor to Cyber Associates Network or other NHS security or technology forums
- Demonstratable contributor to popular non-NHS security or technology forums
- Passionate and enthusiastic about Cyber Security
- Ability to effectively train or mentor a wide range of people with different skills, abilities and needs
- Ability to make timely and effective risk-based decisions, often involving complex multi stranded information and scenarios
- Ability to challenge positively, with justification and maintain credibility
- Ability to influence and negotiate with a wide variety of stakeholders
Contractual
Essential
- Ability to physically attend and facilitate regional meetings, cyber exercises, panels, and other activities, as required
- Flexibility in working hours
Desirable
- Full UK Driving License with access to own transport
Person Specification
Qualifications
Essential
- Degree or equivalent level of demonstratable experience, with specialisms in Cyber Security or IT.
- Entry level Cyber Security Certification (ISC2 CC, CompTIA Security+ or other)
Desirable
- Advanced Cyber Security Certifications (CISSP, SSCP, CCSP, CGRC, CISM, CRISC or other)
- Project Management Certification
Knowledge
Essential
- Cyber Security Technologies/Principles/Methodologies
- Networking Methodologies/Principles
- Digital Forensics/Root Cause Analysis
- Computing Technologies/Principles
- Information Governance/GDPR
- Advanced MS Server/Client/O365
- Web and Mail Filters
- Cyber Security Tools
- OWASP Standard
- Networking Tools
Desirable
- NHS/Healthcare Systems
- Networking Technologies
- MS Defender Endpoints
- Cyber Security Auditing
- ISO 27001/SOC2/CE+
- ForcePoint Web Filter
- Mimecast Mail Filter
- Penetration Testing
- NCSC WebCheck
- Qualys SSL Labs
- N3 HSCN/VLANs
- SIEM Solution(s)
- NHS DSPT
Uncertified Training/Skills
Essential
- Advanced Cyber Security or Associated Uncertified Training
Desirable
- Work-based Technical Troubleshooting Skills
- Work-based Cyber Security or Digital Forensics Skills
Experience
Essential
- Significant working experience providing technical or troubleshooting IT support or Cyber Security services
- Using Cyber Security Software/Tools
- Producing Structured Documentation
- Providing end user or peer Training
- Work based Management of Technical Projects through to successful delivery
- Work based Digital Forensics and RCA
- Work based Research and Analysis
- Work based Report Writing
- Working to Agreed Timescales
- Working with Confidential Data
Desirable
- Former Cyber Security or Advanced IT NHS role
- Working experience using Cyber Security Tools & Penetration Testing
- Working experience of Evidence Provision for NHS DSPT, ISO27001 or CE+
- Working experience of Protection and Monitoring solutions such as AV, SIEM, Mail/Web Filters, MS 365
- Creating Training Material
Personal Qualities
Essential
- Demonstrates excellent interpersonal skills, with the ability to communicate clearly and effectively with a wide variety of stakeholders
- Actively maintains a current knowledge of Cyber Security and can rapidly familiarise with new technologies, concepts, standards, and methodologies
- Analytical skills, with the ability to interpret, analyse and present complex information from diverse sources
- High level of work organisation, self-motivation and self-management, drive for performance and improvement, flexible in approach and manner
- Organisational and documentation skills, with an attention to confidentiality, detail and accuracy
- Energy, enthusiasm, and ability to work calmly and logically under pressure, delivering excellent customer service
- Ability to take the initiative, identify and resolve problems in an analytical, structured, controlled, and creative way
- Ability to think conceptually and laterally
- Ability to work alone or as part of a team, and work with a wide range of people with different skills and needs
Desirable
- Ability to analyse highly complex information, identifying trends
- Demonstratable contributor to Cyber Associates Network or other NHS security or technology forums
- Demonstratable contributor to popular non-NHS security or technology forums
- Passionate and enthusiastic about Cyber Security
- Ability to effectively train or mentor a wide range of people with different skills, abilities and needs
- Ability to make timely and effective risk-based decisions, often involving complex multi stranded information and scenarios
- Ability to challenge positively, with justification and maintain credibility
- Ability to influence and negotiate with a wide variety of stakeholders
Contractual
Essential
- Ability to physically attend and facilitate regional meetings, cyber exercises, panels, and other activities, as required
- Flexibility in working hours
Desirable
- Full UK Driving License with access to own transport
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
