Job summary
The North Middlesex Digital team are looking to recruit a Cyber Security Analyst to protect North Mid's computer systems, networks, and sensitive data from security breaches, cyber attacks, and other digital threats.
You will be responsible for analysing the security measures in place, identify vulnerabilities, implement security solutions, and respond to incidents to ensure the integrity, confidentiality, and availability of information.
Main duties of the job
The core purpose of this role is to provide specialist advice to the Trust on cyber security risk and recommend actions to address the risks and bring expertise to provide assurance that existing controls are maintained and monitored in line with the required regulations. The role will also be required to develop the required training so that all staff are able to protect themselves and others from fraud and cyber crime.
The Cyber Security Analyst will monitor and triage vulnerabilities from various sources and based on relevance and criticality, identify mitigations for the vulnerabilities, and provide guidance on the implementation plan.
The Cyber Security Analyst will be responsible for developing and maintaining policies and procedures for technical and non-technical staff in line with the Trust IT policies.
The Cyber Security Analyst will also be required to analyse complex data to identify potential threat actors, collate threat analysis and create cyber security management reports to communicate the threat and severity to the Digital Management team and support the continued development of policies and procedures for both technical and non-technical personnel.
About us
North Mid is part of North Central London integrated care system - consisting of the NHS and Local authority organisations in Camden, Islington, Barnet, Enfield and Haringey. As with other ICS's, we are working increasingly closely with partners and indeed many of our financial and performance objectives are measured at this system level. Whilst all organisations remain as standalone, statutory bodies we have an ICS infrastructure for making shared decisions and agreeing shared approaches.
We are proud of our staff and want to ensure their training allows them to provide excellent clinical care. We are also a training unit for medical students from UCL and St George's University Grenada, and for nursing and midwifery students from Middlesex and City Universities.
Take a tour of our hospital here
Job description
Job responsibilities
Act as a key stakeholder in planning, creating and reviewing policy, strategy, standards and procedures ensuring they align with the goals of the organisation and the compliance requirements placed upon the trust (GDPR/DSPT). Maintain a register of external system suppliers used within the trust, reviewing system security policies and supporting system owners in their compliance with trust standards and the IT Security Policy. Be an active member in providing subject matter expertise to the Head of IT when planning Strategy & Policy. Work Closely with members of IT in the rollout of IT systems to ensure their secure configuration and best practice. Provide expert IT Security advice regarding IT policies, procedures, relevant legislation and good practices to all staff. Develop, document and implement IT standard Operating Procedures where they pertain to Cyber Security. Lead on compliance with the technical elements of the Data Security Protection Toolkit (DSPT). Provide training and advice on all cyber security matters to any level of staff. Track and monitor CareCerts and ensure the appropriate system owners are informed. Advise and assist system owners in remediating and ensure the completion of remediations. Produce reports on key performance indicators of the trusts cyber security posture and report on cyber security activity to the monthly Cyber Security meeting. Arrange & be a key presenter in the Monthly Cyber Security Meeting, produce and distribute the agenda, key reporting documents, transcribe and circulate minutes from the meeting. Lead on working with external auditors in relation to cyber security to allow access, provide key evidence and provide any expertise knowledge of the trusts processes/systems/network required. Produce and distribute cyber security related communications and training materials. Provide IT Security Leadership and promote a good cyber security culture within the department and larger trust. Responsible for the operational management and maintenance of the systems that fall under cyber security. Responsible for overseeing that all trust assets are registered and managed within the security systems including SIEM/ATP/MECM/SNOW . Develop highly complex analysis of the network and the trust systems to ensure their security and identify anomalous behaviour. Work to continuously improve the maturity of the monitoring and alerting regime and ensure that alerting remains relevant as the nature of the network changes. Monitor trends in events and security information and alerts/inform processes as appropriate. Analyse and interpret highly complex data to inform future decision making and improve the trust cyber security posture. Responding to alerts raised by the central NHS England CSOC and play a pivotal role in the response to High severity Alerts. Responding to cyber security alerts within the ITSM tool and play a pivotal role in the response and resolution. Triage alerts, conducting initial investigations and escalating incidents in accordance with the Incident Response plan, DR plan and BCP plan. Review and respond to calls on the service desk and communicate with staff politely to resolve IT & Cyber Security related issues. Provide expertise and lead on cyber related investigations to provide accurate analysis of alerts and logs from the Trust SIEM and security systems. Led on the development of internal vulnerability management capabilities working with third parties to develop the required toolset. Conduct regular vulnerability scans using the trusts vulnerability tools and produce a prioritised action point list for remediation. Work with third parties to run automated penetration testing or our external and internal assets and produce recommendations and plan remediation. Run regular password strength tests and develop/maintain processes to request users to improve their passwords. Use external monitoring tools to produce remediation reports and plan mitigations. Develop and maintain process to regularly scan the network and ensure documentation regarding network attached devices up to date and only secure and known devices can connect. Create and implement systems to report on key metrics required for DSPT compliance and audits. Stay up to date of new and emerging technologies. Recommend appropriate new solutions to the trust. Identify gaps in current Cyber Security measures. Research, develop and plan the deployment of technologies to close these gaps and liaise with suppliers to arrange Proof of concept trials. Provide risk based analysis of security mitigations/process/policies & technologies and align business needs with the risk appetite of the organisation. Produce documentation for the secure configuration of endpoints and network technology. Implement security hardening of endpoints. Implement processes to monitor and maintain the compliance of devices with required baselines (Patching/AV updates/Usage) Maintain and develop new automation processes utilising scripting technologies. Work closely with colleagues in the Network Team/Desktop Team to further improve automation of IT operations. Be responsible for monitoring, documenting and reporting of your own work streams and projects. Arrange regular quarterly tests of the backups. Actively monitor the Cyber Associates Network and participate in discussions with other cyber security staff from partner organisations and other NHS trusts. Monitor news sources and threat feeds to provide early warnings regarding emerging threats and zero day vulnerabilities Stay up to date on current NHS England, NCSC & general Cyber Security best practices.
Job description
Job responsibilities
Act as a key stakeholder in planning, creating and reviewing policy, strategy, standards and procedures ensuring they align with the goals of the organisation and the compliance requirements placed upon the trust (GDPR/DSPT). Maintain a register of external system suppliers used within the trust, reviewing system security policies and supporting system owners in their compliance with trust standards and the IT Security Policy. Be an active member in providing subject matter expertise to the Head of IT when planning Strategy & Policy. Work Closely with members of IT in the rollout of IT systems to ensure their secure configuration and best practice. Provide expert IT Security advice regarding IT policies, procedures, relevant legislation and good practices to all staff. Develop, document and implement IT standard Operating Procedures where they pertain to Cyber Security. Lead on compliance with the technical elements of the Data Security Protection Toolkit (DSPT). Provide training and advice on all cyber security matters to any level of staff. Track and monitor CareCerts and ensure the appropriate system owners are informed. Advise and assist system owners in remediating and ensure the completion of remediations. Produce reports on key performance indicators of the trusts cyber security posture and report on cyber security activity to the monthly Cyber Security meeting. Arrange & be a key presenter in the Monthly Cyber Security Meeting, produce and distribute the agenda, key reporting documents, transcribe and circulate minutes from the meeting. Lead on working with external auditors in relation to cyber security to allow access, provide key evidence and provide any expertise knowledge of the trusts processes/systems/network required. Produce and distribute cyber security related communications and training materials. Provide IT Security Leadership and promote a good cyber security culture within the department and larger trust. Responsible for the operational management and maintenance of the systems that fall under cyber security. Responsible for overseeing that all trust assets are registered and managed within the security systems including SIEM/ATP/MECM/SNOW . Develop highly complex analysis of the network and the trust systems to ensure their security and identify anomalous behaviour. Work to continuously improve the maturity of the monitoring and alerting regime and ensure that alerting remains relevant as the nature of the network changes. Monitor trends in events and security information and alerts/inform processes as appropriate. Analyse and interpret highly complex data to inform future decision making and improve the trust cyber security posture. Responding to alerts raised by the central NHS England CSOC and play a pivotal role in the response to High severity Alerts. Responding to cyber security alerts within the ITSM tool and play a pivotal role in the response and resolution. Triage alerts, conducting initial investigations and escalating incidents in accordance with the Incident Response plan, DR plan and BCP plan. Review and respond to calls on the service desk and communicate with staff politely to resolve IT & Cyber Security related issues. Provide expertise and lead on cyber related investigations to provide accurate analysis of alerts and logs from the Trust SIEM and security systems. Led on the development of internal vulnerability management capabilities working with third parties to develop the required toolset. Conduct regular vulnerability scans using the trusts vulnerability tools and produce a prioritised action point list for remediation. Work with third parties to run automated penetration testing or our external and internal assets and produce recommendations and plan remediation. Run regular password strength tests and develop/maintain processes to request users to improve their passwords. Use external monitoring tools to produce remediation reports and plan mitigations. Develop and maintain process to regularly scan the network and ensure documentation regarding network attached devices up to date and only secure and known devices can connect. Create and implement systems to report on key metrics required for DSPT compliance and audits. Stay up to date of new and emerging technologies. Recommend appropriate new solutions to the trust. Identify gaps in current Cyber Security measures. Research, develop and plan the deployment of technologies to close these gaps and liaise with suppliers to arrange Proof of concept trials. Provide risk based analysis of security mitigations/process/policies & technologies and align business needs with the risk appetite of the organisation. Produce documentation for the secure configuration of endpoints and network technology. Implement security hardening of endpoints. Implement processes to monitor and maintain the compliance of devices with required baselines (Patching/AV updates/Usage) Maintain and develop new automation processes utilising scripting technologies. Work closely with colleagues in the Network Team/Desktop Team to further improve automation of IT operations. Be responsible for monitoring, documenting and reporting of your own work streams and projects. Arrange regular quarterly tests of the backups. Actively monitor the Cyber Associates Network and participate in discussions with other cyber security staff from partner organisations and other NHS trusts. Monitor news sources and threat feeds to provide early warnings regarding emerging threats and zero day vulnerabilities Stay up to date on current NHS England, NCSC & general Cyber Security best practices.
Person Specification
Education and qualifications
Essential
- Master's Degree or equivalent professional technical qualification
- Evidence of continuous professional development
Desirable
- CCP/CISSP (or other relevant security certification)
- ITIL Security Management
Skills and abilities
Essential
- Understanding of, and practical experience of applying the GDPR or Data Protection Act (1998) and other related legislation, standards, and codes of practice
- A good working knowledge of information security including ISO/IEC 27001 Information Security Management Standard Good analytical skills for spotting or anticipating weaknesses in processes (manual or system), along with the ability to organise and implement correction.
- Ability to support and deliver change and contribute to culture change successfully to improve the Trust security posture.
- Ability to influence at Senior levels on matters relating to security and information risk.
- Good working knowledge of information risk analysis/management
- Proven ability to articulate and communicate highly complex ideas to a wide range of audiences, on a one to one basis or in small or large groups, often in a pressured & politically sensitive environment.
- Proven ability to achieve targets and objectives within a demanding and pressured environment against challenging deadlines.
- Able to interpret legislation, national guidance as appropriate to the role.
- Excellent oral and written communication skills when dealing with highly complex and sensitive information.
- Ability to coach, develop and empower staff.
- Ability to work on own initiative and organise own workload and that of the team to operate effectively.
Experience
Essential
- Proven experience in an IT security role within a complex organization
- Experience in conducting internal and external security audits.
- Experience of implementing technical security Controls to mitigate and monitor threats and vulnerabilities based on IT and security best practice approaches and frameworks (ISO27001/2, SSAE16, ITIL, NIST Cybersecurity Framework).
- Experience of investigating suspected and actual security incidents and ability to diagnose and prioritise incidents, find resolutions, and reporting on security breaches.
- Ability to demonstrate good understanding of vulnerability assessments, penetration test and security audits and be able to explain why they are important.
Desirable
- Previous experience in a similar role in another NHS organisation.
Values
Essential
- Demonstrable ability to meet Trust values
Person Specification
Education and qualifications
Essential
- Master's Degree or equivalent professional technical qualification
- Evidence of continuous professional development
Desirable
- CCP/CISSP (or other relevant security certification)
- ITIL Security Management
Skills and abilities
Essential
- Understanding of, and practical experience of applying the GDPR or Data Protection Act (1998) and other related legislation, standards, and codes of practice
- A good working knowledge of information security including ISO/IEC 27001 Information Security Management Standard Good analytical skills for spotting or anticipating weaknesses in processes (manual or system), along with the ability to organise and implement correction.
- Ability to support and deliver change and contribute to culture change successfully to improve the Trust security posture.
- Ability to influence at Senior levels on matters relating to security and information risk.
- Good working knowledge of information risk analysis/management
- Proven ability to articulate and communicate highly complex ideas to a wide range of audiences, on a one to one basis or in small or large groups, often in a pressured & politically sensitive environment.
- Proven ability to achieve targets and objectives within a demanding and pressured environment against challenging deadlines.
- Able to interpret legislation, national guidance as appropriate to the role.
- Excellent oral and written communication skills when dealing with highly complex and sensitive information.
- Ability to coach, develop and empower staff.
- Ability to work on own initiative and organise own workload and that of the team to operate effectively.
Experience
Essential
- Proven experience in an IT security role within a complex organization
- Experience in conducting internal and external security audits.
- Experience of implementing technical security Controls to mitigate and monitor threats and vulnerabilities based on IT and security best practice approaches and frameworks (ISO27001/2, SSAE16, ITIL, NIST Cybersecurity Framework).
- Experience of investigating suspected and actual security incidents and ability to diagnose and prioritise incidents, find resolutions, and reporting on security breaches.
- Ability to demonstrate good understanding of vulnerability assessments, penetration test and security audits and be able to explain why they are important.
Desirable
- Previous experience in a similar role in another NHS organisation.
Values
Essential
- Demonstrable ability to meet Trust values
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
