NHS Resolution

IT Security Engineer

Information:

This job is now closed

Job summary

We are recruiting for an IT Security Engineer to join our Digital, Data, Technology & Transformation Team.

As part of that programme of work, DDaTT is delivering projects to improve the way theorganisation operates and handles its information. To support this goal, working closely within the Engineering team, as IT Security Engineer you will be responsible for maintaining the organisations developing cloud infrastructure and implementing plans and project tasks. You will also be responsible for the provision of support to the Service Desk function as well as NHS Resolutions legacy Infrastructure.

To be considered for this opportunity your background and experience will include implementing and maintaining any security controls and technologies, vulnerability management and resolution, and the ability to work effectively as part of a team.

A written assessment will form part of the selection process and may be used for further shortlisting.

Interviews and further assessments will be held Teams.

Main duties of the job

Led by the organisations Chief Information Officer, the Digital, Data and Technology Directorate, (DDaT) is an exciting high performing function with a challenging programme of work and a department structure aimed at progression, development and high operational and strategic outputs.

As part of that programme of work, DDaT is delivering projects and programmes to improve the way the organisation operates and handles its information. To support this goal and working under the direction of the Lead IT Engineer, the Security Engineer is primarily responsible for maintaining the organisations developing security posture and contributing to implementing any security controls and technologies. The Security Engineer is also responsible for the provision of support to the Service Desk function as well as NHS Resolutions legacy Infrastructure.

The post-holder should demonstrate a strong commitment to continuous service improvement and development and ensure the values of NHS Resolution are demonstrated by the Engineering Team.

For those that wish to work from home, we ask that you check you are able to access an average internet speed (per personworking from that location) of 10 Mbps download speed and at least 2 Mbps upload speed so that you can access and use our systems

Please see the attached Job description and Person specification for more information.

About us

NHS Resolution is an Arms Length Body of the Department of Health & Social Care. As a not for profit part of the NHS, our purpose is to provide expertise to the NHS to resolve concerns fairly, share learning for improvement and preserve resources for patients. We have four key service areas:

Claims Management: delivering expertise in handling clinical and non-clinical claims to members of our Indemnity Schemes.

Practitioner Performance Advice: providing advice, support and interventions in relation to concerns about the individual performance of Doctors, Dentists and Pharmacists.

Primary Care Appeals: offering an impartial tribunal service for the fair handling of Primary Care contracting services.

Safety and Learning: supporting the NHS to better understand and learn from claims, concerns and disputes; to target safety activity while sharing learning across the NHS.

What do we have to offer?

At NHS Resolution, we strive to be an employer of choice. Some of the benefits we offer include access to the NHS Pension Scheme and a minimum of 27 days Annual Leave. We are also committed to support individuals in having a work and life balance, offering flexible working arrangements. Furthermore, we can offer a chance to gain extra skills and training and with regular reviews and a clear plan, all employees can develop to their full potential.

Details

Date posted

15 September 2023

Pay scheme

Agenda for change

Band

Band 7

Salary

£43,742 to £50,056 a year HCAS if appropriate

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

M9912-NHSR-2023-98

Job locations

8th Floor, 10 South Colonnade

Canary Wharf

London

E14 4PU


NHS Resolution

Primary Care Appeals service, 7&8 Wellington Place,

Leeds

LS1 4AP


Job description

Job responsibilities

Job Description

Job Title: Security Engineer

Pay Band: AfC Band 7

Hours: 37.5

Accountable to: Lead IT Engineer

Location: NHS Resolution Offices

Purpose:

Values:

The post holder is expected to fully understand, embrace and uphold NHS Resolutions Purpose and Values:

To provide expertise to the NHS on resolving concerns fairly, share learning for improvement and preserve resources for patient care.

Professional

Being an organisation which operates to the highest possible professional standards.

Expert

Being the centre of expertise for resolving claims, disputes and concerns about performance.

Ethical

Having high standards and doing the right thing.

Respectful

Dealing with customers, colleagues, patients and the public in a considerate and respectful way.

Key Working Relationships

Internal

All NHS Resolution staff

External

Panel firms and other external stakeholders

IT consultants and support contractors

Other technical professionals

NHS Digital

Job Summary

Led by the organisations Chief Information Officer, the Digital, Data and Technology Directorate, (DDaT) is an exciting high performing function with a challenging programme of work and a department structure aimed at progression, development and high operational and strategic outputs.

As part of that programme of work, DDaT is delivering projects and programmes to improve the way the organisation operates and handles its information. To support this goal and working under the direction of the Lead IT Engineer, the Security Engineer is primarily responsible for maintaining the organisations developing security posture and contributing to implementing any security controls and technologies. The Security Engineer is also responsible for the provision of support to the Service Desk function as well as NHS Resolutions legacy Infrastructure.

The post-holder should demonstrate a strong commitment to continuous service improvement and development and ensure the values of NHS Resolution are demonstrated by the Engineering Team.

Main Duties and Responsibilities

Communicates Effectively

Will be explaining highly complex technical issues with end users which may involve converting technical terms into everyday language, for both IT and non-IT staff

As a project resource or subject matter expert, the post holder will be expected to attend meetings where highly developed communication skills will be essential. The post holder must be able to express and describe highly complex, multi-stranded or contentious technical information effectively as well as produce and understand technical architecture diagrams and illustrations using Microsoft Visio and other platforms

Work with other subject matter experts on projects and programmes

Act as an ambassador for the team by developing and maintaining good working relationships across the organisation

Communicate and liaise with staff at all levels within the directorate including senior members of DDaT as well as external staff to resolve IT specific faults across the organisation.

Provide advice and assistance on the organisations developing security infrastructure

Providing out of hours technical support and emergency technical assistance on an ad-hoc basis

Analytical and Judgemental Skills

Undertake security analysis, interpretation and comparison of highly complex problems and technical issues across a wide range of technologies projects and infrastructures (cloud and legacy)

Manage a multiplicity of targets and objectives, whilst ensuring that expert judgements support and advice is provided at all times

Make judgements on complex system configurations and implementations

Ensure any system changes are planned and controlled effectively so as not to compromise the stability of any IT systems or NHS Resolution business processes

Ensure focus is maintained in minimising the impact of problems that have the potential of affecting services that are provided to stakeholders

Analyses where the breaches of security are, anticipate issues and sources solutions

Planning and Organisation

Contributes to the long term strategic planning relating to cyber security issues, and its solutions

Priorities and triage issues as to their priority to be resolved

Policy and Service Development

Assist the Lead IT Engineer on technical aspects of ongoing and future IT cyber security developments

Contributes and implements new and improved ways of working, resulting in streamlining procedures, and enhancing the departments reputation

Financial and Physical Resources Responsibilities

Assist with appropriate 3rd party contract service management such as maintenance/managed services/security, including obtaining best value for money when renewing or sourcing potential suppliers

Responsible for expensive equipment safely used by others by sharing knowledge ensuring staff can identify cyber-attacks are minimal, including fire wall installation

Maintenance and repairs on expensive equipment

Information Resources

Maintain expert knowledge of IT and information security procedures as well as security and technical standards.

Assist and provide input into the formulation of security initiatives and procedures

Develop and support software solutions using a range of technologies and tools, requested by others.

Maintain a good understanding of NHS Resolution departmental objectives, ensuring the provision of integrated solutions and user objectives are met and achieved

Adapts and designs several systems to ensure security is maintained.

Implement systems adhering to local and national NHS standard including but not limited to National Cyber Security Centre

Responsible for the implementation of cyber security standards and controls and that security process are maintained and kept up-to-date

Proactively monitor the network infrastructure and its systems to ensure that services and systems remain secure and operational

Responsible for ensuring that NHS Resolution remains compliant with appropriate licence agreements and software asset management

Research and Development

Assists in the provision of sustainability audits and remedial actions in regards to cyber security

Tests all systems to ensure continuity of services is maintained on a regular basis as a major part of the role

Freedom to Act

Acts in accordance with policy

Contributes and suggests revisions in internal technical processes

Makes decisions in the best interest of the projects

Leads on research and produce option appraisals on new IT technologies, tools and standards and their application, in order to advise in the formulation of projects and programmes

Leads on testing new systems

Leading on security projects and implementing changes with the Lead Engineer

Develops Self, Others and Team

Participate in the Annual Performance Appraisal process, sourcing and undertaking training as identified in the Personal Development Plan

Post holder will be responsible for helping to identify their own continued professional development needs and undertaking such training to support this as agreed with the Lead IT Engineer

Responsible for participating in own training and professional development as encouraged by the directorate

Ensure that appropriate departmental KPIs are met

Trains staff throughout the organisation on how to maintain cyber security by sourcing and/or designing training

Demonstrate to members of the help desk how to resolve issues on an as-and-when basis

Physical Effort

Post requires the post holder to sit in a restricted position for the majority of the working day; the post holder will be required to move and carry IT equipment on an occasional basis

The role requires physical skills such as speed and accuracy when producing technical documentations, Server and network configuration and project planning documentation within tight deadlines

Lifting heavy equipment

Mental Effort

Frequent long periods of intense concentration required for meticulous detailed analysis of complex and sometimes sensitive IT issues. Analysing complex streams of information in order to diagnose and design technical solutions.

The post holder will be required to deal with unpredictable interruptions on a daily basis

Works in a fast paced environment

Working Conditions

Normal office or remote working conditions with a requirement to use a computer for the majority of the working day. The post holder will be required to travel to attend external meetings on an occasional basis

The post holder will have occasional exposure to unpleasant working conditions (ie dust, noise etc) when installing and maintaining IT equipment

Job description

Job responsibilities

Job Description

Job Title: Security Engineer

Pay Band: AfC Band 7

Hours: 37.5

Accountable to: Lead IT Engineer

Location: NHS Resolution Offices

Purpose:

Values:

The post holder is expected to fully understand, embrace and uphold NHS Resolutions Purpose and Values:

To provide expertise to the NHS on resolving concerns fairly, share learning for improvement and preserve resources for patient care.

Professional

Being an organisation which operates to the highest possible professional standards.

Expert

Being the centre of expertise for resolving claims, disputes and concerns about performance.

Ethical

Having high standards and doing the right thing.

Respectful

Dealing with customers, colleagues, patients and the public in a considerate and respectful way.

Key Working Relationships

Internal

All NHS Resolution staff

External

Panel firms and other external stakeholders

IT consultants and support contractors

Other technical professionals

NHS Digital

Job Summary

Led by the organisations Chief Information Officer, the Digital, Data and Technology Directorate, (DDaT) is an exciting high performing function with a challenging programme of work and a department structure aimed at progression, development and high operational and strategic outputs.

As part of that programme of work, DDaT is delivering projects and programmes to improve the way the organisation operates and handles its information. To support this goal and working under the direction of the Lead IT Engineer, the Security Engineer is primarily responsible for maintaining the organisations developing security posture and contributing to implementing any security controls and technologies. The Security Engineer is also responsible for the provision of support to the Service Desk function as well as NHS Resolutions legacy Infrastructure.

The post-holder should demonstrate a strong commitment to continuous service improvement and development and ensure the values of NHS Resolution are demonstrated by the Engineering Team.

Main Duties and Responsibilities

Communicates Effectively

Will be explaining highly complex technical issues with end users which may involve converting technical terms into everyday language, for both IT and non-IT staff

As a project resource or subject matter expert, the post holder will be expected to attend meetings where highly developed communication skills will be essential. The post holder must be able to express and describe highly complex, multi-stranded or contentious technical information effectively as well as produce and understand technical architecture diagrams and illustrations using Microsoft Visio and other platforms

Work with other subject matter experts on projects and programmes

Act as an ambassador for the team by developing and maintaining good working relationships across the organisation

Communicate and liaise with staff at all levels within the directorate including senior members of DDaT as well as external staff to resolve IT specific faults across the organisation.

Provide advice and assistance on the organisations developing security infrastructure

Providing out of hours technical support and emergency technical assistance on an ad-hoc basis

Analytical and Judgemental Skills

Undertake security analysis, interpretation and comparison of highly complex problems and technical issues across a wide range of technologies projects and infrastructures (cloud and legacy)

Manage a multiplicity of targets and objectives, whilst ensuring that expert judgements support and advice is provided at all times

Make judgements on complex system configurations and implementations

Ensure any system changes are planned and controlled effectively so as not to compromise the stability of any IT systems or NHS Resolution business processes

Ensure focus is maintained in minimising the impact of problems that have the potential of affecting services that are provided to stakeholders

Analyses where the breaches of security are, anticipate issues and sources solutions

Planning and Organisation

Contributes to the long term strategic planning relating to cyber security issues, and its solutions

Priorities and triage issues as to their priority to be resolved

Policy and Service Development

Assist the Lead IT Engineer on technical aspects of ongoing and future IT cyber security developments

Contributes and implements new and improved ways of working, resulting in streamlining procedures, and enhancing the departments reputation

Financial and Physical Resources Responsibilities

Assist with appropriate 3rd party contract service management such as maintenance/managed services/security, including obtaining best value for money when renewing or sourcing potential suppliers

Responsible for expensive equipment safely used by others by sharing knowledge ensuring staff can identify cyber-attacks are minimal, including fire wall installation

Maintenance and repairs on expensive equipment

Information Resources

Maintain expert knowledge of IT and information security procedures as well as security and technical standards.

Assist and provide input into the formulation of security initiatives and procedures

Develop and support software solutions using a range of technologies and tools, requested by others.

Maintain a good understanding of NHS Resolution departmental objectives, ensuring the provision of integrated solutions and user objectives are met and achieved

Adapts and designs several systems to ensure security is maintained.

Implement systems adhering to local and national NHS standard including but not limited to National Cyber Security Centre

Responsible for the implementation of cyber security standards and controls and that security process are maintained and kept up-to-date

Proactively monitor the network infrastructure and its systems to ensure that services and systems remain secure and operational

Responsible for ensuring that NHS Resolution remains compliant with appropriate licence agreements and software asset management

Research and Development

Assists in the provision of sustainability audits and remedial actions in regards to cyber security

Tests all systems to ensure continuity of services is maintained on a regular basis as a major part of the role

Freedom to Act

Acts in accordance with policy

Contributes and suggests revisions in internal technical processes

Makes decisions in the best interest of the projects

Leads on research and produce option appraisals on new IT technologies, tools and standards and their application, in order to advise in the formulation of projects and programmes

Leads on testing new systems

Leading on security projects and implementing changes with the Lead Engineer

Develops Self, Others and Team

Participate in the Annual Performance Appraisal process, sourcing and undertaking training as identified in the Personal Development Plan

Post holder will be responsible for helping to identify their own continued professional development needs and undertaking such training to support this as agreed with the Lead IT Engineer

Responsible for participating in own training and professional development as encouraged by the directorate

Ensure that appropriate departmental KPIs are met

Trains staff throughout the organisation on how to maintain cyber security by sourcing and/or designing training

Demonstrate to members of the help desk how to resolve issues on an as-and-when basis

Physical Effort

Post requires the post holder to sit in a restricted position for the majority of the working day; the post holder will be required to move and carry IT equipment on an occasional basis

The role requires physical skills such as speed and accuracy when producing technical documentations, Server and network configuration and project planning documentation within tight deadlines

Lifting heavy equipment

Mental Effort

Frequent long periods of intense concentration required for meticulous detailed analysis of complex and sometimes sensitive IT issues. Analysing complex streams of information in order to diagnose and design technical solutions.

The post holder will be required to deal with unpredictable interruptions on a daily basis

Works in a fast paced environment

Working Conditions

Normal office or remote working conditions with a requirement to use a computer for the majority of the working day. The post holder will be required to travel to attend external meetings on an occasional basis

The post holder will have occasional exposure to unpleasant working conditions (ie dust, noise etc) when installing and maintaining IT equipment

Person Specification

Qualifications

Essential

  • Computer science/information management and technology degree at Masters level, or equivalent relevant, experience, knowledge and expertise.
  • Microsoft Certified Engineer or equivalent
  • CISMP/CISSP qualified, or equivalent Information Security qualification
  • ITIL Certified or equivalent
  • Understanding of ISO27001

Experience

Essential

  • Experience of leading and managing a team of experts
  • Experience of implementing inter-connected projects
Person Specification

Qualifications

Essential

  • Computer science/information management and technology degree at Masters level, or equivalent relevant, experience, knowledge and expertise.
  • Microsoft Certified Engineer or equivalent
  • CISMP/CISSP qualified, or equivalent Information Security qualification
  • ITIL Certified or equivalent
  • Understanding of ISO27001

Experience

Essential

  • Experience of leading and managing a team of experts
  • Experience of implementing inter-connected projects

Employer details

Employer name

NHS Resolution

Address

8th Floor, 10 South Colonnade

Canary Wharf

London

E14 4PU


Employer's website

https://resolution.nhs.uk/careers/ (Opens in a new tab)

Employer details

Employer name

NHS Resolution

Address

8th Floor, 10 South Colonnade

Canary Wharf

London

E14 4PU


Employer's website

https://resolution.nhs.uk/careers/ (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Lead IT Engineer

Ayodeji Akande

ayodeji.akande@nhs.net

Details

Date posted

15 September 2023

Pay scheme

Agenda for change

Band

Band 7

Salary

£43,742 to £50,056 a year HCAS if appropriate

Contract

Permanent

Working pattern

Full-time, Flexible working

Reference number

M9912-NHSR-2023-98

Job locations

8th Floor, 10 South Colonnade

Canary Wharf

London

E14 4PU


NHS Resolution

Primary Care Appeals service, 7&8 Wellington Place,

Leeds

LS1 4AP


Supporting documents

Privacy notice

NHS Resolution's privacy notice (opens in a new tab)