Senior Security Specialist

Digital Health and Care Wales

The closing date is 24 April 2025

Apply for this job

Job summary

The Cyber Security team is looking to recruit a Senior Security Specialist to join our Security Operations Centre (SOC), which is responsible for monitoring and responding to cyber incidents affecting IT systems and applications used across the organisation and the wider NHS in Wales.

We are seeking a committed and experienced professional to play a key role in supporting the delivery of cyber security services across NHS Wales.

This position demands strong analytical thinking and information-gathering capabilities, with the ability to break down complex problems and develop effective, practical solutions.

Candidates must demonstrate adaptability in learning and applying new technologies, along with the interpersonal skills required to work effectively with a wide range of teams and disciplines.

Excellent communication, collaborative working, and the ability to tailor approaches to suit different audiences are essential.

The ideal candidate will bring a proactive and resilient mindset, helping to strengthen the cyber security posture of NHS Wales in an ever-evolving digital landscape.

Main duties of the job

As a Senior Security Specialist, you will lead and support the investigation, analysis, and resolution of complex cyber security incidents, using a wide range of tools and techniques to identify threats, assess their impact, and implement effective responses.

You will provide specialist advice across a variety of technical and operational areas, ensuring that systems are developed and maintained securely, in line with national guidance and good practice.

You will also support the ongoing improvement of security procedures, contribute to threat intelligence activities, and help ensure critical national infrastructure and information remain protected.

About us

Digital Health and Care Wales (DHCW) is an expert national body and part of NHS Wales. We work in partnership with NHS Wales colleagues and other key stakeholders to provide national digital and data services which support the delivery of health and social care in Wales. Modern health and care services depend on good digital tools, data and information. DHCW runs or works with more than 100 services and delivers major national digital transformation programmes to support this. In addition, DHCW provides expert advice in relation to cyber security and information governance. We give frontline staff the digital tools which help them provide safer and more efficient care. We are also giving patients and the public digital tools to better manage their own health and wellbeing, empowering people to live healthier lives. We put people at the heart of what we do, working to the highest standards to deliver quality and make digital a force for good in health and care.

Working for DHCW offers lots of employee benefits, including flexible working, a competitive salary, 28 days of annual leave plus Bank Holidays and opportunities for career development. We are committed to recognising and celebrating our staff as the most valuable part of our organisation.

Date posted

16 April 2025

Pay scheme

Agenda for change

Band

Band 6

Salary

£37,898 to £45,637 a year per annum

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

025-AC078-0425-A

Job locations

Hybrid working

Location to be confirmed at interview

CF11 9AD


Job description

Job responsibilities

You will be responsible for leading cyber security initiatives across planning, incident response, system monitoring, stakeholder engagement, and technical development.

This includes managing escalations, delivering training and awareness sessions, developing SOC processes, conducting threat hunting and proactive investigations, and advising on compliance with relevant frameworks such as ISO 27001 and NCSCs Cyber Assessment Framework.

You will also be expected to communicate effectively with a range of technical and non-technical stakeholders, contribute to policy and strategy development, and ensure all activity supports the wider goals of Digital Health and Care Wales and NHS Wales.

Job description

Job responsibilities

You will be responsible for leading cyber security initiatives across planning, incident response, system monitoring, stakeholder engagement, and technical development.

This includes managing escalations, delivering training and awareness sessions, developing SOC processes, conducting threat hunting and proactive investigations, and advising on compliance with relevant frameworks such as ISO 27001 and NCSCs Cyber Assessment Framework.

You will also be expected to communicate effectively with a range of technical and non-technical stakeholders, contribute to policy and strategy development, and ensure all activity supports the wider goals of Digital Health and Care Wales and NHS Wales.

Person Specification

Qualifications

Essential

  • A Postgraduate degree (or equivalent qualification / experience) in an associated professional field.
  • Practical experience, working at this level, across the range of work procedures and practices.
  • Evidence of continuous professional development.

Desirable

  • Theoretical and specialist knowledge, gained within one or more of the following: o Professional Cyber Security qualification. o ITIL practitioner, or equivalent qualification. o Leadership experience or qualification.

Experience

Essential

  • Experience of working within a successful team, preferably in a large complex digital organisation, monitoring and responding to cyber incidents affecting IT systems and applications.
  • Proficient in analysing and investigating the nature, impact and root cause of cyber threats, and implementing mitigation and remediation actions.
  • Proficient in the identification, monitoring and interpretation of information logs and alerts detected by an organisation's tools and systems.
  • Familiar with supporting audits and risk assessments, producing complex reports and analysing data within set timescales.
  • Familiar with developing training materials to effectively accommodate participants with differing learning styles.
  • Familiar with any tool or system which provides security access control (i.e. prevents unauthorised access to systems).
  • Familiar with incident management tools, including interrogation of incident database, creation of parent and child incidents, creation of queries to seek trends and use of known error logs/ databases.
  • Aware of the planning and management of the interaction between two or more networking systems, computers or other intelligent devices.
  • Proficient in methods and techniques for making effective use of own time.
  • Familiar with applying standards, practices and codes relevant to the IT industry, and the specific organisation or business domain.

Desirable

  • Experience of writing clear and effective Standard Operational Procedures and processes.

Skills and Attributes

Essential

  • Analytical Thinking skills to acquire a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated.
  • Information Acquisition skills to identify gaps in the available information required to understand a problem or situation and devise a means of resolving them.
  • Technical Adaptability skills to learn and assess new methodologies or technologies quickly, understanding their wider implications and where appropriate implement them.
  • Interacting with People skills to establish relationships, contribute to an open culture and maintain contacts with people from a variety of backgrounds and disciplines. Effective, approachable and sensitive communicator in different communities and cultures.
  • Adaptability skills to adapt style and approach to meet the needs of different audiences.
  • Teamwork skills to work collaboratively with others to achieve a common goal.

Desirable

  • Welsh language skills are desirable, at level 1 or above, in understanding, speaking, reading and writing in Welsh.
  • Knowledge of NHS Wales or the Health sector.
Person Specification

Qualifications

Essential

  • A Postgraduate degree (or equivalent qualification / experience) in an associated professional field.
  • Practical experience, working at this level, across the range of work procedures and practices.
  • Evidence of continuous professional development.

Desirable

  • Theoretical and specialist knowledge, gained within one or more of the following: o Professional Cyber Security qualification. o ITIL practitioner, or equivalent qualification. o Leadership experience or qualification.

Experience

Essential

  • Experience of working within a successful team, preferably in a large complex digital organisation, monitoring and responding to cyber incidents affecting IT systems and applications.
  • Proficient in analysing and investigating the nature, impact and root cause of cyber threats, and implementing mitigation and remediation actions.
  • Proficient in the identification, monitoring and interpretation of information logs and alerts detected by an organisation's tools and systems.
  • Familiar with supporting audits and risk assessments, producing complex reports and analysing data within set timescales.
  • Familiar with developing training materials to effectively accommodate participants with differing learning styles.
  • Familiar with any tool or system which provides security access control (i.e. prevents unauthorised access to systems).
  • Familiar with incident management tools, including interrogation of incident database, creation of parent and child incidents, creation of queries to seek trends and use of known error logs/ databases.
  • Aware of the planning and management of the interaction between two or more networking systems, computers or other intelligent devices.
  • Proficient in methods and techniques for making effective use of own time.
  • Familiar with applying standards, practices and codes relevant to the IT industry, and the specific organisation or business domain.

Desirable

  • Experience of writing clear and effective Standard Operational Procedures and processes.

Skills and Attributes

Essential

  • Analytical Thinking skills to acquire a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated.
  • Information Acquisition skills to identify gaps in the available information required to understand a problem or situation and devise a means of resolving them.
  • Technical Adaptability skills to learn and assess new methodologies or technologies quickly, understanding their wider implications and where appropriate implement them.
  • Interacting with People skills to establish relationships, contribute to an open culture and maintain contacts with people from a variety of backgrounds and disciplines. Effective, approachable and sensitive communicator in different communities and cultures.
  • Adaptability skills to adapt style and approach to meet the needs of different audiences.
  • Teamwork skills to work collaboratively with others to achieve a common goal.

Desirable

  • Welsh language skills are desirable, at level 1 or above, in understanding, speaking, reading and writing in Welsh.
  • Knowledge of NHS Wales or the Health sector.

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Additional information

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).

Employer details

Employer name

Digital Health and Care Wales

Address

Hybrid working

Location to be confirmed at interview

CF11 9AD


Employer's website

https://nwis.nhs.wales/ (Opens in a new tab)

Employer details

Employer name

Digital Health and Care Wales

Address

Hybrid working

Location to be confirmed at interview

CF11 9AD


Employer's website

https://nwis.nhs.wales/ (Opens in a new tab)

For questions about the job, contact:

Head of Cyber

Julian Jones

julian.jones@wales.nhs.uk

Date posted

16 April 2025

Pay scheme

Agenda for change

Band

Band 6

Salary

£37,898 to £45,637 a year per annum

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

025-AC078-0425-A

Job locations

Hybrid working

Location to be confirmed at interview

CF11 9AD


Supporting documents

Privacy notice

Digital Health and Care Wales's privacy notice (opens in a new tab)