Job summary
A new and exciting opportunity has arisen to join the
Digital Services Operations team as a Digital Cyber Security Specialist at The
Mid Yorkshire Teaching NHS Trust.
The Digital Operations Team support the trust Cyber
Security, Servers, Network and Data Storage, along with the implementation and
support of new systems.
The successful candidate will lead the implementation of
security enhancements, ensure compliance with relevant standards (such as the
DSP Toolkit and Cyber Essentials Plus), and liaise with external stakeholders
to uphold the security and confidentiality of Trust systems and data.
We are looking for a friendly, motivated and enthusiastic
individual who is passionate to deliver high-quality services and contribute to
its ongoing development.
Experience of working in a high-pressured NHS IT service
environment with the ability to communicate with confidence to staff and
customers at all levels, would be advantageous.
Main duties of the job
The Cyber Security Specialist will be a key member of the
Digital Services team, responsible for ensuring the security, integrity, and
resilience of the Trusts digital infrastructure, systems, and data. This
includes safeguarding clinical and corporate systems against cyber security
threats while enabling secure and reliable access for staff and partner
organisations.
The role involves managing, maintaining, and continuously
improving the Trust's cyber security posture in line with industry standards,
legal requirements, and NHS guidelines. The post holder will provide expert
technical advice and operational support on cyber security matters across the
organisation, including risk assessments, threat mitigation, and incident
response.
Working closely with other Digital Services teams, the Cyber
Security Specialist will play a vital role in supporting the Trusts digital
strategy, implementing security solutions, and promoting awareness of cyber
security best practices across all disciplines and departments.
About us
We are an acute trust caring for over half a million people in Wakefield and Kirklees. Our 10,000 staff work in patients homes, the community, and our three hospitals in Pontefract, Dewsbury, and Pinderfields (Wakefield). We prioritise our people and values so we can deliver the best possible care to patients. Our team is friendly, passionate, and innovative, always seeking better ways to work.
We support work-life balance and foster a diverse, inclusive environment where everyone belongs. Our staff networks offer safe spaces to share ideas and concerns so we can increase awareness and appreciation of equality, diversity, and inclusion. We welcome applicants from all backgrounds and especially encourage members of the LGBTQ+ community, ethnic minority groups, and people with disabilities or neurodivergence to apply, as they are currently underrepresented in the Trust.
If you value caring, high standards, improvement, and respect, join the MY team to make a difference every day.
Application guidance: We understand that more applicants are using AI technology to help with their applications. While these tools can be useful, they cannot fully capture your skills, knowledge, and experience. Its important that you personalise your application. Relying solely on AI is not recommended, as it may reduce your chances of success. Our screening process is thorough, so if you have used AI, please make sure to disclose this on your application form.
Job description
Job responsibilities
Key Responsibilities
Provide specialist knowledge and technical expertise in
cyber security to protect the Trust's digital assets.
Monitor, analyse, and respond to security threats and
vulnerabilities, ensuring effective incident response and recovery.
Develop and maintain cyber security policies, processes, and
documentation to align with NHS and industry standards.
Conduct security risk assessments and audits to identify
gaps, recommend improvements, and ensure compliance.
Work collaboratively with technical teams to secure systems,
networks, and endpoints while supporting digital initiatives.
Lead the implementation and maintenance of key security
controls and technologies, including antivirus, encryption, and intrusion
detection systems.
Promote cyber security awareness and deliver training to
staff, fostering a culture of security and vigilance.
Liaise with external partners and agencies to ensure
effective coordination in managing cyber security risks and incidents.
Expected to work flexibly to meet the needs of our 24/7
workforce. This may mean, on occasion, working outside the core office hours
MAIN DUTIES:
Cyber Security Operations
Monitor and manage the Trust's security tools, including
firewalls, intrusion detection/prevention systems, antivirus software, and
encryption tools.
Identify, analyse, and respond to cyber threats,
vulnerabilities, and incidents, ensuring timely containment and resolution.
Conduct regular security assessments, vulnerability scans,
and penetration tests to maintain a secure digital environment.
Policy and Compliance
Develop, review, and maintain cyber security policies,
procedures, and documentation to ensure alignment with NHS and legal standards,
including the DSP Toolkit and Cyber Essentials Plus.
Ensure compliance with data protection laws (e.g., GDPR) and
NHS requirements, providing assurance on security measures to internal and
external stakeholders.
Risk Management
Perform security risk assessments for new and existing
systems, projects, and processes, providing expert recommendations to mitigate
identified risks.
Develop and manage a robust security risk register, ensuring
risks are tracked, monitored, and reported to the appropriate governance
forums.
Incident Management and Response
Act as a key point of contact for managing and investigating
security incidents, coordinating with internal teams and external partners
where necessary.
Develop and test incident response plans to ensure the
organisation can effectively respond to cyber security breaches.
Collaboration and Stakeholder Engagement
Work closely with other Digital Services teams to implement
secure configurations and technologies that support operational and clinical
needs.
Liaise with external agencies, including NHS organisations,
cyber security bodies, and law enforcement, to ensure effective threat
intelligence sharing and incident coordination.
Security Awareness and Training
Deliver training and awareness programmes to staff at all
levels to foster a culture of vigilance and good cyber security practice.
Provide advice and guidance to users and departments on
maintaining security, including safe handling of sensitive data and recognising
potential threats.
Continuous Improvement
Monitor emerging threats, technologies, and best practices
to enhance the organisation's cyber security posture.
Lead the implementation of new security tools, systems, and
processes, ensuring they integrate seamlessly with the Trusts digital
infrastructure.
Reporting and Documentation
Prepare reports for senior management on security
performance, risks, incidents, and compliance status.
Maintain accurate and up-to-date documentation of security
systems, processes, and incidents to support operational and audit
requirements.
The role requires a proactive approach to safeguarding the
Trusts digital environment, ensuring systems are resilient, secure, and fit
for purpose to support the delivery of high-quality healthcare.
Job description
Job responsibilities
Key Responsibilities
Provide specialist knowledge and technical expertise in
cyber security to protect the Trust's digital assets.
Monitor, analyse, and respond to security threats and
vulnerabilities, ensuring effective incident response and recovery.
Develop and maintain cyber security policies, processes, and
documentation to align with NHS and industry standards.
Conduct security risk assessments and audits to identify
gaps, recommend improvements, and ensure compliance.
Work collaboratively with technical teams to secure systems,
networks, and endpoints while supporting digital initiatives.
Lead the implementation and maintenance of key security
controls and technologies, including antivirus, encryption, and intrusion
detection systems.
Promote cyber security awareness and deliver training to
staff, fostering a culture of security and vigilance.
Liaise with external partners and agencies to ensure
effective coordination in managing cyber security risks and incidents.
Expected to work flexibly to meet the needs of our 24/7
workforce. This may mean, on occasion, working outside the core office hours
MAIN DUTIES:
Cyber Security Operations
Monitor and manage the Trust's security tools, including
firewalls, intrusion detection/prevention systems, antivirus software, and
encryption tools.
Identify, analyse, and respond to cyber threats,
vulnerabilities, and incidents, ensuring timely containment and resolution.
Conduct regular security assessments, vulnerability scans,
and penetration tests to maintain a secure digital environment.
Policy and Compliance
Develop, review, and maintain cyber security policies,
procedures, and documentation to ensure alignment with NHS and legal standards,
including the DSP Toolkit and Cyber Essentials Plus.
Ensure compliance with data protection laws (e.g., GDPR) and
NHS requirements, providing assurance on security measures to internal and
external stakeholders.
Risk Management
Perform security risk assessments for new and existing
systems, projects, and processes, providing expert recommendations to mitigate
identified risks.
Develop and manage a robust security risk register, ensuring
risks are tracked, monitored, and reported to the appropriate governance
forums.
Incident Management and Response
Act as a key point of contact for managing and investigating
security incidents, coordinating with internal teams and external partners
where necessary.
Develop and test incident response plans to ensure the
organisation can effectively respond to cyber security breaches.
Collaboration and Stakeholder Engagement
Work closely with other Digital Services teams to implement
secure configurations and technologies that support operational and clinical
needs.
Liaise with external agencies, including NHS organisations,
cyber security bodies, and law enforcement, to ensure effective threat
intelligence sharing and incident coordination.
Security Awareness and Training
Deliver training and awareness programmes to staff at all
levels to foster a culture of vigilance and good cyber security practice.
Provide advice and guidance to users and departments on
maintaining security, including safe handling of sensitive data and recognising
potential threats.
Continuous Improvement
Monitor emerging threats, technologies, and best practices
to enhance the organisation's cyber security posture.
Lead the implementation of new security tools, systems, and
processes, ensuring they integrate seamlessly with the Trusts digital
infrastructure.
Reporting and Documentation
Prepare reports for senior management on security
performance, risks, incidents, and compliance status.
Maintain accurate and up-to-date documentation of security
systems, processes, and incidents to support operational and audit
requirements.
The role requires a proactive approach to safeguarding the
Trusts digital environment, ensuring systems are resilient, secure, and fit
for purpose to support the delivery of high-quality healthcare.
Person Specification
Qualifications
Essential
- Educated to degree level or equivalent or able to demonstrate equivalent level of experience
Desirable
- Specialist qualification IT
- ITIL
Skills and Abilities
Essential
- High levels of concentration required.
- Ability to learn and develop skills further.
- Troubleshooting.
- Resolve second line support problems.
- Ability to prioritise workload.
- Excellent organisational skills.
- Excellent written and verbal communication skills.
- Able to liaise with technical and non-technical staff.
- Good negotiating skills.
- Good people skills.
Experience
Essential
- Previous work experience in the NHS.
- Previous experience of managing staff.
- Extensive experience of setting up and configuring cyber systems and associated functionality.
- Significant knowledge of working practices within technical/cyber security
- Working with suppliers.
- Defining Trust security requirements and interpreting them to system suppliers.
- Advanced knowledge of Microsoft Office applications.
Desirable
- Working as part of a team involved in delivery and management of technical security and information governance.
- Knowledge of project methodology.
- Knowledge of NHS data definitions, standards etc and ability to interpret NHS policy and provide advice and guidance.
Knowledge and Awareness
Essential
- An excellent knowledge of confidentiality and data security.
- Highly computer literate.
- Awareness of own limitations.
Desirable
- Knowledge and awareness of different systems used within an NHS Trust.
- Awareness of regional collaborations for cyber security approaches.
Personal Attributes
Essential
- Ability to work as part of a team and alone.
- Resourceful and flexible.
- Effective team player.
- Excellent organisational and time management skills, able to work accurately under pressure to meet deadlines.
- The ability to maintain and enhance own skills and knowledge through research.
- Availability to work sometimes at short notice on other sites to cover absence.
- Ability to work on own initiative, to prioritise and plan workloads.
- Self-motivated and the ability to motivate others.
- Adaptable to change.
- A good listener communicator.
- Honesty and integrity.
- Able to multi-task effectively.
- Proven ability to work under own initiative with none or minimal supervision.
Desirable
- Flexibility in the hours covered if required.
Person Specification
Qualifications
Essential
- Educated to degree level or equivalent or able to demonstrate equivalent level of experience
Desirable
- Specialist qualification IT
- ITIL
Skills and Abilities
Essential
- High levels of concentration required.
- Ability to learn and develop skills further.
- Troubleshooting.
- Resolve second line support problems.
- Ability to prioritise workload.
- Excellent organisational skills.
- Excellent written and verbal communication skills.
- Able to liaise with technical and non-technical staff.
- Good negotiating skills.
- Good people skills.
Experience
Essential
- Previous work experience in the NHS.
- Previous experience of managing staff.
- Extensive experience of setting up and configuring cyber systems and associated functionality.
- Significant knowledge of working practices within technical/cyber security
- Working with suppliers.
- Defining Trust security requirements and interpreting them to system suppliers.
- Advanced knowledge of Microsoft Office applications.
Desirable
- Working as part of a team involved in delivery and management of technical security and information governance.
- Knowledge of project methodology.
- Knowledge of NHS data definitions, standards etc and ability to interpret NHS policy and provide advice and guidance.
Knowledge and Awareness
Essential
- An excellent knowledge of confidentiality and data security.
- Highly computer literate.
- Awareness of own limitations.
Desirable
- Knowledge and awareness of different systems used within an NHS Trust.
- Awareness of regional collaborations for cyber security approaches.
Personal Attributes
Essential
- Ability to work as part of a team and alone.
- Resourceful and flexible.
- Effective team player.
- Excellent organisational and time management skills, able to work accurately under pressure to meet deadlines.
- The ability to maintain and enhance own skills and knowledge through research.
- Availability to work sometimes at short notice on other sites to cover absence.
- Ability to work on own initiative, to prioritise and plan workloads.
- Self-motivated and the ability to motivate others.
- Adaptable to change.
- A good listener communicator.
- Honesty and integrity.
- Able to multi-task effectively.
- Proven ability to work under own initiative with none or minimal supervision.
Desirable
- Flexibility in the hours covered if required.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
