Mae Trac yn falch o bweru recriwtio ar gyfer
Gloucestershire Hospitals NHS Foundation Trust
Gwybodaeth
Join us at an exciting time for Gloucestershire Hospitals NHS Foundation Trust! We have an ambitious plan for our journey to Outstanding and are looking for aspirational, committed individuals to join us, making a real difference to both staff and patients.
As a former winner of England for excellence award: Tourism destination of the year, the beautiful city of Gloucester and the scenic regency spa town of Cheltenham are fantastic places to work and live.
As a hospital Trust we are currently involved in over 100 clinical trials and studies, whilst also providing acute elective and specialist services to a population of over 620,000.
By joining Gloucestershire Hospitals NHS Foundation Trust new colleagues can look forward to a warm welcome and a future full of opportunities and support.
Cyber Security Officer, Band 5
Closed for applications on: 23-Rhag-2024 00:04
Statws y swydd wag: Closed
Closed for applications on: 23-Rhag-2024 00:04
Manylion allweddol
Lleoliad
- Gwefan
- Trustwide
- Tref
- Gloucestershire (Gloucester, Cheltenham)
- Cod post
- GL1 3NN
- Major / Minor Region
- Swydd Gaerloyw
Math o gontract a phatrwm gwaith
- Contract
- Parhaol
- Oriau
- Llawnamser - 37.5 awr yr wythnos
Cyflog
- Cyflog
- £29,970 - £36,483 per annum
- Cyfnod cyflog
- Yn flynyddol
- Gradd
- (Band 5)
Arbenigedd
- Prif leoliad
- Cyber Security
Join us at an exciting time for Gloucestershire Hospitals NHS Foundation Trust! We have an ambitious plan for our journey to Outstanding and are looking for aspirational, committed individuals to join us, making a real difference to both staff and patients.
As a former winner of England for excellence award: Tourism destination of the year, the beautiful city of Gloucester and the scenic regency spa town of Cheltenham are fantastic places to work and live.
As a hospital Trust we are currently involved in over 100 clinical trials and studies, whilst also providing acute elective and specialist services to a population of over 620,000.
By joining Gloucestershire Hospitals NHS Foundation Trust new colleagues can look forward to a warm welcome and a future full of opportunities and support.
Trosolwg o'r swydd
The Cyber Security Officer will work within the Cyber Security Team and will be responsible for the proactive scanning, monitoring, triage and response to cyber vulnerabilities identified across the Gloucestershire Integrated Care System (ICS).
You will take ownership of diverse incidents and service requests presented via our service management tool and see them through to completion.
The post holder will proactively seek out, report on and remediate vulnerabilities within the Gloucestershire ICS environment, using a diverse suite of security tools.
You will assist with audits against the Data Security & Protection Toolkit, ISO 27001 and related standards
You will flag new and inventive ways to protect the confidentiality, integrity and accessibility of ICS information assets and be integral to any associated proof of concept work.
The post-holder will be expected to convey a positive, professional image, representing the Digital Team. They must demonstrate a proactive approach to meet requests for support, and exercise appropriate initiative in a high profile and busy environment and be able to demonstrate the ability to liaise effectively and confidently with people at all levels.
Advert
- Experience proactively & reactively monitor the organizations network for any signs of security breaches, intrusions, or suspicious activity using tools like Antivirus software, intrusion detection systems (IDS), intrusion prevention systems (IPS) & security information & event management (SIEM), Endpoint Detection Response (EDR) & vulnerability monitoring & management platforms. Compliance monitoring tools.
- Experience in investigating & analysing security alerts to determine their severity & the appropriate response.
- Experience in regularly scanning the network & systems for vulnerabilities using Vulnerability management tools. E.g. Microsoft Defender for Endpoints, Nessus.
- Experience in responding to & mitigating security incidents like malware infections, or network intrusions.
- Identifying & assessing cybersecurity risks to the organization’s data, applications, & infrastructure. Recommending mitigation strategies & tools to reduce those risks.
- Documenting security incidents, investigations, & resolutions. Creating reports for management to assess the security posture & the effectiveness of cybersecurity measures.
- Working closely with other IT professionals, such as network team Endpoints Compute, Server Team, Applications team to address security concerns & implement security measures in the Trust infrastructure.
- Keeping up with the latest cybersecurity trends, tools, & best practices by attending workshops & staying updated on emerging threats.
Gweithio i'n sefydliad
We take pride in placing people at the centre of everything we do, working together as a united team. Driven by a shared ambition to continually grow, develop, and learn, we recognise and value every contribution. By combining our experience and skills, we not only support our vibrant, diverse communities, but also support one another.
With a team of over 9,000 employees, we are proud to be the largest employer in Gloucestershire and rank among the top 10 largest Trusts in the South West region. By joining our Trust, you will benefit from an excellent package that includes exclusive benefits, flexible working opportunities and the chance to gain valuable experience in one of our innovative hospitals. As well as generous annual leave allowance, access to the excellent NHS pension scheme, competitive bank rates, discounts at local shops and restaurants, access to two on-site nurseries, discounted public transport, reward and recognition and a range of health and wellbeing initiatives to support you.
Swydd-ddisgrifiad a phrif gyfrifoldebau manwl
Maintain, further develop and assist in implementation of Information Security Management Systems in use within the ICS in line with the requirements of Data Security and Protection Toolkit, National Guidelines and Security Best practice
Support the development of good practice and workable security operating procedures in relation to cyber security across the system and provide specialist knowledge and analyse to improve the safety and stability of systems.
Propose changes and improvements to IT security policies and procedures, implementing changes under the direction of Cyber Security Lead
Provide proactive monitoring, review, analysis and interpretation of security incidents and alerts using security technologies such as Sophos Central management console, Microsoft Defender for Endpoint and other security platforms, to ensure that alerts are resolved quickly by the appropriate team
Act as a senior member of the team responsible for the monitoring, detection and response to cyber security events, ensuring the appropriate technical response and timely remediation of threat alerts
Act as an escalation and co-ordination point for cyber related incidents. investigate suspected and actual breaches of IT security and undertake reporting/remedial action as required
Be part of an on call rota to cover security related events outside of working hours alongside the wider CITS 24\7 service.
Maintain detailed logs of any security events, incidents and remedial recommendations and actions taken
Perform ongoing IT Security risk assessments and audits to ensure that IT Systems are adequately protected
Coordinate work with the wider IT operational and project teams, information asset owners and system managers to ensure all solutions utilise IT Security best practices
Work with vendors, outside consultants and other 3rd parties to improve IT security within the organisation
Help facilitate regular penetration testing exercises of the Trust’s perimeter network, to gather intelligence from these exercises and use these to generate lessons learned and drive Continuous Improvement
Collaborate with cyber security team colleagues to prepare operational security reports and KPIs, including security event and security incident alerts from network, infrastructure, end point, database, application and data security controls.
Responsible for ensuring that at all times, the highest standards of customer service are delivered.
Provide advice and act, where necessary, in response to Audit findings and recommendations in respect of information security
Review and advise on IT Security patches, software updates and vulnerabilities according to best practices
Identify threats to the confidentiality, integrity, availability, accountability and relevant compliance for information systems and provide authoritative advice and guidance on the application and operation of all types of security controls.
Work closely with organisation information governance teams to maintain legislative and regulatory requirements in regards to data protection and records management
Maintain currency with security and security enhancing technologies and brief colleagues as needed to enable measures, to be implemented where and when necessary or desirable
Ensure that access control, disaster recovery, business continuity, incident response and risk management needs are appropriately addressed
Review cyber security threat notifications received from the NHS Digital Carecert service, using detailed log information, a variety of software utilities and software management tools to identify potential threats and eliminate false positives
Demonstrate a detailed knowledge and experience of the installation, configuration and maintenance of PCs and mobile devices and an understanding of network protocols, including TCP/IP, and their use in relation to network operating systems and perimeter security
Apply a comprehensive knowledge of best practice in relation to cyber-security, malware prevention and critical security updates and a knowledge of Microsoft Windows server technologies and Active Directory infrastructure and be able to communicate requirements to a wide variety of users
Ensure personal prioritisation and management of allocated tasks and workload
Manyleb y person
Qualifications
Meini prawf hanfodol
- Relevant Degree or in IT Field or Stem subject or equivalent experience
- ITIL Foundation Certificate
- Evidence of continued professional development within the field of cyber security
Meini prawf dymunol
- CISSP or equivalent qualification
- ISACA CISM/CISA Certification
Experience
Meini prawf hanfodol
- Substantial to Extensive experience working in a Security Operations Centre or similar environment
- Experience of working in a high-pressured front-line environment
- Experience using IT Systems & Microsoft Office
Meini prawf dymunol
- Working knowledge of IT systems in a healthcare environment
- Experience of working in a multidisciplinary team
Knowledge / Skills
Meini prawf hanfodol
- Detailed knowledge and experience in cyber-security threat analysis and the use of software utilities to identify potential threats and eliminate false positives
- Detailed knowledge and experience leading, coordinating or being actively involved in the investigation and remediation of security incidents
- Detailed knowledge and experience in the investigation and remediation of Virus/Malware infections and outbreaks
- Good knowledge of Network protocols, including TCP/IP and their use in relation to operating systems and perimeter security.
- Understanding of the requirements for Business Continuity /Disaster Recovery and practical experience
Rhagor o fanylion / cyswllt ar gyfer ymweliadau anffurfiol
- Enw
- Walter Inumah
- Teitl y swydd
- Cyber Security Ops Lead
- Cyfeiriad ebost
- [email protected]
- Rhif ffôn
- 0300 422 2686
Ddim yn derbyn ceisiadau mwyach
Ymddiheuriadau, ond nid yw'r swydd wag hon yn derbyn ceisiadau mwyach.
Gallwch chwilio am swyddi tebyg ar fwrdd swyddi'r cyflogwr, neu fynd i'n bwrdd swyddi cenedlaethol Health Jobs UK.