Job summary
The NHS Counter Fraud Authority (NHSCFA) is the national body responsible for all matters relating to the prevention, detection and investigation of economic crime across the NHS. Further information about our work and annual plan for delivering this is available on our website.
An exciting opportunity has arisen for an Information & Cyber Security Analyst. Applicants must have a proven background in an IT related discipline, preferably security, along with a flexible 'can do' approach to work. The post holder will be tasked with identifying vulnerabilities, proactively monitoring system logs and alerts, remediating security threats, and potentially performing penetration tests. To support this function the post holder will have a good working knowledge of mainstream operating systems and IT Security technologies such as firewalls, WAF, email security gateway, proxy and SIEM solutions. The post holder will also have experience of Information Security Management systems (ISO 27001) and Risk Management.
Potential applicants can contact Simon Clark at simon.clark@nhscfa.gov.uk for an informal chat if they have any questions regarding the role.
In addition to the advertised salary working in the London area will attract High-Cost Area Supplement where appropriate
We reserve the right to close this vacancy before the advertised closing date should we receive a significant number of applications.
Main duties of the job
Working as part of the Information Security team to actively monitor, maintain, and develop systems and processes to ensure the security of NHS Counter Fraud Authority ICT infrastructure and information systems.
To manage and report on processes and systems that ensure the security of the IT network infrastructure and information systems.
The post-holder will assist the team with identifying and resolving security incidents, vulnerabilities and risks. This can include, but is not limited to, proactively monitoring ICT systems, analysing firewall rules and performing penetration tests.
They will maintain a solid knowledge of the information security principles and practices, ensuring that timely technical support is provided to satisfy the organisation's business needs.
About us
We have offices based in Coventry, Newcastle and London and also offer flexible and home-based working. The NHSCFA values and respects the diversity of its employees and aims to recruit a workforce which reflects our diverse communities. We welcome applications irrespective of people's age, disability, gender, race or ethnicity, religion or belief, sexual orientation, or other personal circumstances. We have policies and procedures in place to ensure that all applicants are treated fairly and consistently at every stage of the recruitment process, including an invitation to the first stage of the selection process and consideration of reasonable adjustments for people who have a disability. If you are applying to undertake this role on a secondment basis you should have agreement to being released from your current role in principle, prior to submitting an application form. When you apply for this role, you will be redirected to our recruitment system TRAC. Please apply without delay as we reserve the right to close any vacancies from further submissions when we have received sufficient applications from which to make a shortlist. The NHSCFA does not hold a sponsor licence in respect of skilled worker visas and so is unable to employ candidates requiring sponsorship.
Job description
Job responsibilities
Manage, monitor, and develop NHSCFA cyber security operations and ICT security infrastructure to manage and reduce cyber risk and mitigate cyber threats.
Actively monitor NHSCFA ICT systems:
manage and operate IT security monitoring tools and systems ; review IT system alerts ; triage to eliminate false positives ; Identify threats that have entered the network.
Evaluate and address system generated and user-reported security incidents ; identify affected systems and scope of the incident ; analyse running processes and configurations on affected systems ; carry out in-depth threat intelligence analysis to identify an attack type, source, entry point, and possible remediation ; implement remediation or escalate incident.
Please see full Job Description and Person Specification.
Job description
Job responsibilities
Manage, monitor, and develop NHSCFA cyber security operations and ICT security infrastructure to manage and reduce cyber risk and mitigate cyber threats.
Actively monitor NHSCFA ICT systems:
manage and operate IT security monitoring tools and systems ; review IT system alerts ; triage to eliminate false positives ; Identify threats that have entered the network.
Evaluate and address system generated and user-reported security incidents ; identify affected systems and scope of the incident ; analyse running processes and configurations on affected systems ; carry out in-depth threat intelligence analysis to identify an attack type, source, entry point, and possible remediation ; implement remediation or escalate incident.
Please see full Job Description and Person Specification.
Person Specification
Knowledge and Experience
Essential
- Experience of the following: Minimum 2 years' experience of 1st-3rd level technical support of IT infrastructure or security, both in person and remote.
- Demonstrate detailed knowledge of: oIT system monitoring (SIEM). oSecurity Incident Management. Demonstrate detailed knowledge of Information Security in several of the following areas: oIntrusion detection and prevention systems. oVulnerability Management. oNetwork technology and operations. oWindows 10 and Windows Server. oSUSE Linux. oMicrosoft365. oInformation Security Management Systems ISO27001. oRisk Management Process. oIT system auditing Experience with IT security architectures.
Desirable
- Min. 1 year experience as a SOC Analyst, Tier 1 or Tier 2.
- Demonstrate knowledge of Information. Security in several of the following areas in addition to those matching Essential criteria: oWindows 10 and Server. oSUSE Linux. oMicrosoft365. oInformation Security Management Systems ISO27001. oRisk Management Process. oPublic Services Network (PSN) and NHS N3. oDatabase Security. oMicrosoft Sentinel
- Experience with software security architecture and software security testing.
Specialist Knowledge
Essential
- Knowledge of IT security and Data protection issues.
- IT Service Management best practice, including ITIL and ISO20000
- Demonstrate knowledge in some of the following areas: oEncryption Systems. oSecurity Products (Authentication, Data Loss Prevention, SEIM). oFirewall/WAF administration
Desirable
- Demonstrate knowledge of HMG Infosec standards and Good Practice Guides, including IS1
- ITIL foundation level certification.
- Demonstrate knowledge of current best practice in obtaining electronic evidence. Knowledge of one or more digital forensic tools.
Qualifications
Essential
- Degree in computer science, information technology, or a related field OR equivalent experience in a related field, e.g. network operations plus specialist security certification(s).
Desirable
- Recognised qualification in area of specialisation: oEC-Council Certified SOC Analyst (CSA) oEC-Council Certified Ethical Hacker ?CompTIA Security+ ?CompTIA Network+
Communication Skills
Essential
- Good communication and interpersonal skills.
Person Specification
Knowledge and Experience
Essential
- Experience of the following: Minimum 2 years' experience of 1st-3rd level technical support of IT infrastructure or security, both in person and remote.
- Demonstrate detailed knowledge of: oIT system monitoring (SIEM). oSecurity Incident Management. Demonstrate detailed knowledge of Information Security in several of the following areas: oIntrusion detection and prevention systems. oVulnerability Management. oNetwork technology and operations. oWindows 10 and Windows Server. oSUSE Linux. oMicrosoft365. oInformation Security Management Systems ISO27001. oRisk Management Process. oIT system auditing Experience with IT security architectures.
Desirable
- Min. 1 year experience as a SOC Analyst, Tier 1 or Tier 2.
- Demonstrate knowledge of Information. Security in several of the following areas in addition to those matching Essential criteria: oWindows 10 and Server. oSUSE Linux. oMicrosoft365. oInformation Security Management Systems ISO27001. oRisk Management Process. oPublic Services Network (PSN) and NHS N3. oDatabase Security. oMicrosoft Sentinel
- Experience with software security architecture and software security testing.
Specialist Knowledge
Essential
- Knowledge of IT security and Data protection issues.
- IT Service Management best practice, including ITIL and ISO20000
- Demonstrate knowledge in some of the following areas: oEncryption Systems. oSecurity Products (Authentication, Data Loss Prevention, SEIM). oFirewall/WAF administration
Desirable
- Demonstrate knowledge of HMG Infosec standards and Good Practice Guides, including IS1
- ITIL foundation level certification.
- Demonstrate knowledge of current best practice in obtaining electronic evidence. Knowledge of one or more digital forensic tools.
Qualifications
Essential
- Degree in computer science, information technology, or a related field OR equivalent experience in a related field, e.g. network operations plus specialist security certification(s).
Desirable
- Recognised qualification in area of specialisation: oEC-Council Certified SOC Analyst (CSA) oEC-Council Certified Ethical Hacker ?CompTIA Security+ ?CompTIA Network+
Communication Skills
Essential
- Good communication and interpersonal skills.
Additional information
UK Registration
Applicants must have current UK professional registration. For further information please see
NHS Careers website (opens in a new window).
