Harrogate and District NHS Foundation Trust

Cyber Security Analyst

Information:

This job is now closed

Job summary

Job title: Cyber Security AnalystDepartment: Cyber SecurityHours: 37.5 hours per weekSalary: £28,407 to £34,581

We are looking for an experience IT professional to join our team as a Band 5 Cyber Security Analyst.

Please see attached Job Description and Person Specification. For more details or please contact Jonathon Legg on jonathon.legg@nhs.net

Main duties of the job

Responsible for monitoring, detecting, analysing cyber information, vulnerabilities and incidents to mitigate risks and protect systems and data from known issues, unauthorised access, disclosure, or manipulation.

To identify and automatically deploy IT systems security updates including manual intervention when required, working with NHSE, Regional Cyber Leads and Trust IT teams to ensure the systems are secure, supported and comply with NHS or Trust policies.

Provide cyber security expertise to the IT service desk and other IT teams for reactive support and proactive monitoring of operational processes including the purchasing, maintenance and life cycling of IT Equipment and Medical Devices.

Assist with the implementation and monitoring of cyber security related policies, procedures, and guidance documentation for IT systems or control processes, working with the communications team to implement regular effective cyber security staff awareness and other campaigns.

About us

At Harrogate and District NHS Foundation Trust we provide outstanding care to both our patients and our staff. We support staff through benefits, health and wellbeing initiatives and opportunities for personal and professional development.

  • An inclusive and supportive culture our Trust encourages staff to bring their whole selves to work and active Staff Networks identify areas for improvement.
  • Staff Recognition - as well as regular appraisals, we recognise staff with our Making a Difference, Team of the Month Awards & Colleague Recognition Awards
  • Employee Support and wellbeing - we have a comprehensive Employee Assistance Programme, counselling service and fast track physiotherapy service for employees.
  • Staff Benefits - We have a range of staff benefits and schemes to support staff health, engagement, wellbeing and inclusion.

Details

Date posted

16 February 2024

Pay scheme

Agenda for change

Band

Band 5

Salary

£28,407 to £34,581 a year per annum pro rata

Contract

Permanent

Working pattern

Full-time

Reference number

421-CORP-0954R

Job locations

Harrogate and District NHS Foundation Trust

Harrogate

HG27SX


Job description

Job responsibilities

  • Ensure the IT systems security upgrades and patching processes are effective across automated deployments and any manual intervention required.
  • Assist with the development and implementation of cyber security related policies, procedures, and guidance documentation for relevant systems or control processes.
  • Assist in maintaining compliance with the DSPT, CareCERT or other accreditations, providing appropriate responses to NHSE, Cyber Auditors and any other 3rd parties.
  • Assist with the undertaking and delivery of penetration tests and respond to actions from vulnerability assessments working to resolution.
  • To provide Cyber Security assistance and advice on non-Windows / Android devices, including Mobile Phones, Tablets, IOT devices and Medical Devices.
  • Aid the training and development of staff working in the service areas, when assisting them with Cyber Security.
  • Review cyber security threat notifications using a variety of software utilities, logs and software management tools to identify potential threats and eliminate false-positives.
  • Analyse security incidents and alerts, using Security Incident and Event Management software to ensure they are resolved quickly by the appropriate team
  • Provide robust cyber security support for the IT service desk, that all operational processes are followed and the required documentation is completed.
  • Carry out proactive analysis and regular operational maintenance tasks to deliver improvements to the Trusts Cyber Security systems, procedures and overall posture.
  • Work on cyber security elements of Digital projects working directly with the Trusts project managers and other IT Teams.
  • Work with the communications team to implement regular effective cyber security awareness campaigns and other ad-hoc cyber security related communications.
  • Provide timely and accurate information to update the monthly cyber security KPIs, undertaking analysis for any issues.
  • To provide cyber security advice for IT equipment and Medical Device procurement, operational management and life cycling.
  • Highlight areas of security practice that would benefit from review or improvement. Risk asses and implement cyber improvement suggestions or recommendations
  • Undertaking research and development initiatives on a range of emerging technologies and the security threat landscape, keep abreast of industry developments.
  • Assist in maintaining the Cyber Response and Business Continuity Plans working with IT, Operational, Emergency Planning and clinical staff groups.
  • Post holder will be required to participate in callout procedures to ensure any cyber incidents are appropriately responded to. 19.
  • Deputise for the Lead Cyber Security Analyst on cyber security related matters as and when required. Ensure that all hardware and software being installed meets agreed standards, is fully compatible with the established base, and allows a successful transition from the previous platform or process.
  • Raise the profile of the IT service, in particular to establish a reputation for providing an effective, timely and responsive service.
  • Identify how each reported problem should be resolved, allocate resources if necessary and to ensure that all work is undertaken to the standard expected.

Please see attached Job Description and Person Specification. For more details or please contact Jonathon Legg on jonathon.legg@nhs.net

Job description

Job responsibilities

  • Ensure the IT systems security upgrades and patching processes are effective across automated deployments and any manual intervention required.
  • Assist with the development and implementation of cyber security related policies, procedures, and guidance documentation for relevant systems or control processes.
  • Assist in maintaining compliance with the DSPT, CareCERT or other accreditations, providing appropriate responses to NHSE, Cyber Auditors and any other 3rd parties.
  • Assist with the undertaking and delivery of penetration tests and respond to actions from vulnerability assessments working to resolution.
  • To provide Cyber Security assistance and advice on non-Windows / Android devices, including Mobile Phones, Tablets, IOT devices and Medical Devices.
  • Aid the training and development of staff working in the service areas, when assisting them with Cyber Security.
  • Review cyber security threat notifications using a variety of software utilities, logs and software management tools to identify potential threats and eliminate false-positives.
  • Analyse security incidents and alerts, using Security Incident and Event Management software to ensure they are resolved quickly by the appropriate team
  • Provide robust cyber security support for the IT service desk, that all operational processes are followed and the required documentation is completed.
  • Carry out proactive analysis and regular operational maintenance tasks to deliver improvements to the Trusts Cyber Security systems, procedures and overall posture.
  • Work on cyber security elements of Digital projects working directly with the Trusts project managers and other IT Teams.
  • Work with the communications team to implement regular effective cyber security awareness campaigns and other ad-hoc cyber security related communications.
  • Provide timely and accurate information to update the monthly cyber security KPIs, undertaking analysis for any issues.
  • To provide cyber security advice for IT equipment and Medical Device procurement, operational management and life cycling.
  • Highlight areas of security practice that would benefit from review or improvement. Risk asses and implement cyber improvement suggestions or recommendations
  • Undertaking research and development initiatives on a range of emerging technologies and the security threat landscape, keep abreast of industry developments.
  • Assist in maintaining the Cyber Response and Business Continuity Plans working with IT, Operational, Emergency Planning and clinical staff groups.
  • Post holder will be required to participate in callout procedures to ensure any cyber incidents are appropriately responded to. 19.
  • Deputise for the Lead Cyber Security Analyst on cyber security related matters as and when required. Ensure that all hardware and software being installed meets agreed standards, is fully compatible with the established base, and allows a successful transition from the previous platform or process.
  • Raise the profile of the IT service, in particular to establish a reputation for providing an effective, timely and responsive service.
  • Identify how each reported problem should be resolved, allocate resources if necessary and to ensure that all work is undertaken to the standard expected.

Please see attached Job Description and Person Specification. For more details or please contact Jonathon Legg on jonathon.legg@nhs.net

Person Specification

Application and Interview

Essential

  • Excellent communication skills (including presentation skills) appropriate to a wide range of diverse audiences, at all levels of seniority inside and outside the organisation.
  • Ability to communicate with technical colleagues, to communicate and understand complex technical situations.
  • A desire to work at the fore front of security and compliance within the NHS.
  • Ability to identify threats and act accordingly.

Desirable

  • Degree or equivalent experience in a cyber-security or relevant IT related subject
Person Specification

Application and Interview

Essential

  • Excellent communication skills (including presentation skills) appropriate to a wide range of diverse audiences, at all levels of seniority inside and outside the organisation.
  • Ability to communicate with technical colleagues, to communicate and understand complex technical situations.
  • A desire to work at the fore front of security and compliance within the NHS.
  • Ability to identify threats and act accordingly.

Desirable

  • Degree or equivalent experience in a cyber-security or relevant IT related subject

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

Harrogate and District NHS Foundation Trust

Address

Harrogate and District NHS Foundation Trust

Harrogate

HG27SX


Employer's website

https://www.hdft.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

Harrogate and District NHS Foundation Trust

Address

Harrogate and District NHS Foundation Trust

Harrogate

HG27SX


Employer's website

https://www.hdft.nhs.uk/ (Opens in a new tab)

Employer contact details

For questions about the job, contact:

IT Infrastructure and Cyber Security Manager

Jon Legg

jonathon.legg@nhs.net

07392194034

Details

Date posted

16 February 2024

Pay scheme

Agenda for change

Band

Band 5

Salary

£28,407 to £34,581 a year per annum pro rata

Contract

Permanent

Working pattern

Full-time

Reference number

421-CORP-0954R

Job locations

Harrogate and District NHS Foundation Trust

Harrogate

HG27SX


Supporting documents

Privacy notice

Harrogate and District NHS Foundation Trust's privacy notice (opens in a new tab)