Job summary Responsible for the preparation and evidence gathering for the Data Security Protection Toolkit, and other assurance and IG requirements. Manage the task list for DSPT and IG tasks and allocate as appropriate.To contribute within Informatics Merseyside, Trusts and ICB Assurance and Information Security and Governance best practice. Main duties of the job 1. The post holder will have a broad understanding of IM&T technologies and broad knowledge of key technologies such as firewalls, email filters, anti-virus and intrusion detection technologies.2. Contribute to the development of the monthly Cyber Dashboard report.3. To contribute to the development of information security and technical plans that will feed into the wider Partner Organisations, and Informatics Merseyside strategies.4. Assist in the formulation and development of information security plans and strategies to enable the successful completion and implementation of new systems. This might include logistics forequipment and software delivery and installation, scheduling human resources for training and configuration tasks and change control to minimise potential down time.5. Assist with the develop of information security policies and procedures that will be required the secure operation of systems built by the IT Security team. The policies will have far ranging impact across Informatics Merseyside and Partner Organisations. About us Mersey Care is one of the largest trusts providing physical health and mental health services in the North West, serving more than 1.4 million people across our region and are also commissioned for services that cover the North West, North Wales and the Midlands. We offer specialist inpatient and community services that support physical and mental health and specialist inpatient mental health, learning disability, addiction and brain injury services. Mersey Care is one of only three trusts in the UK that offer high secure mental health facilities. At the heart of all we do is our commitment to 'perfect care' - care that is safe, effective, positively experienced, timely, equitable and efficient. We support our staff to do the best job they can and work alongside service users, their families, and carers to design and develop future services together. We're currently delivering a programme of organisational and service transformation to significantly improve the quality of the services we provide and safely reduce cost as we do so. Flexible working requests will be considered for all roles. Date posted 17 February 2025 Pay scheme Agenda for change Band Band 6 Salary £37,338 to £44,962 a year per annum Contract Permanent Working pattern Full-time Reference number 350-TWS7000410 Job locations Informatics Merseyside, Saturn House School Lane Knowsley L34 9GJ Job description Job responsibilities 1. Assist with the design and implementation of information security solutions that meet the needs either specified by users or by senior team members. Would be expected to be capable of undertaking the analysis of an existing system for further development.2. The post holder will need to be aware of the development of legislation making sure that as the laws and guidelines change, information security strategies and policies keep in step.3. Regularly devote time to the research of newly discovered internet threats, software vulnerabilities and issues arising from poor information security practice. Using this information develop strategies for mitigating the potential risk. Either through procedural change or implementation of new software and hardware tools.4. The post holder will work to agreed guidelines and targets but will have the freedom to work in a way they deem fit. Can give advice and support without referring to line management. May be a lead specialist in specific technologies.5. There may be a requirement to attend meetings for the Deputy Cyber & IT Security Manager. Job description Job responsibilities 1. Assist with the design and implementation of information security solutions that meet the needs either specified by users or by senior team members. Would be expected to be capable of undertaking the analysis of an existing system for further development.2. The post holder will need to be aware of the development of legislation making sure that as the laws and guidelines change, information security strategies and policies keep in step.3. Regularly devote time to the research of newly discovered internet threats, software vulnerabilities and issues arising from poor information security practice. Using this information develop strategies for mitigating the potential risk. Either through procedural change or implementation of new software and hardware tools.4. The post holder will work to agreed guidelines and targets but will have the freedom to work in a way they deem fit. Can give advice and support without referring to line management. May be a lead specialist in specific technologies.5. There may be a requirement to attend meetings for the Deputy Cyber & IT Security Manager. Person Specification Qualifications Essential Relevant degree or equivalent IT work experience Evidence of on-going professional development. Certified in Cybersecurity (CC) Desirable Have, or working towards SSCP Have, or working towards cloud security qualifications such as AZ-500 Knowledge/Experience Essential Significant experience of using Microsoft Office applications Specialist knowledge and expertise of IT systems and infrastructure; this should include knowledge and expertise in design, systems implementation, IT security, IT standards and best practice Wide ranging knowledge and experience of software packages related to the entire range of IT systems provision Experience of successful collaborative and partnership working and ability to encourage others likewise Understanding of risk management, business continuity management, procurement, corporate governance, and corporate performance reporting principles Working knowledge of internet security devices such as firewalls, web proxies, email filters and intrusion detection devices Working knowledge of Network Detect and Respond, Cloud Security, M365 Secure Score, EndPoint protection Desirable Knowledge and experience of web, software packages, operating systems, networking, and IT security technologies including MS Windows, all versions, Unix and other server operating systems and networking and networking standards including IPv4 Understanding of Cyber frameworks such as, cyber-kill chain, Mitre Att&ck Framework, NIST, ISO, CE, CIS, CAF Cloud technologies and Security benchmarking Values Essential Continuous Improvement Accountability Respectfulness Enthusiasm Support High professional standards Responsive to service users Engaging leadership style Strong customer service belief Transparency and honesty Discreet Change oriented Skills Essential Excellent communication skills Excellent organisational skills Advanced Excel skills Attention to detail Ability to travel Strong customer service skills Ability to explain technical issues in a non-technical and non-threatening way to users Ability to work unsupervised and prioritise workloads to maximise productivity of self and the team Ability to maintain a professional and courteous manner at all times Person Specification Qualifications Essential Relevant degree or equivalent IT work experience Evidence of on-going professional development. Certified in Cybersecurity (CC) Desirable Have, or working towards SSCP Have, or working towards cloud security qualifications such as AZ-500 Knowledge/Experience Essential Significant experience of using Microsoft Office applications Specialist knowledge and expertise of IT systems and infrastructure; this should include knowledge and expertise in design, systems implementation, IT security, IT standards and best practice Wide ranging knowledge and experience of software packages related to the entire range of IT systems provision Experience of successful collaborative and partnership working and ability to encourage others likewise Understanding of risk management, business continuity management, procurement, corporate governance, and corporate performance reporting principles Working knowledge of internet security devices such as firewalls, web proxies, email filters and intrusion detection devices Working knowledge of Network Detect and Respond, Cloud Security, M365 Secure Score, EndPoint protection Desirable Knowledge and experience of web, software packages, operating systems, networking, and IT security technologies including MS Windows, all versions, Unix and other server operating systems and networking and networking standards including IPv4 Understanding of Cyber frameworks such as, cyber-kill chain, Mitre Att&ck Framework, NIST, ISO, CE, CIS, CAF Cloud technologies and Security benchmarking Values Essential Continuous Improvement Accountability Respectfulness Enthusiasm Support High professional standards Responsive to service users Engaging leadership style Strong customer service belief Transparency and honesty Discreet Change oriented Skills Essential Excellent communication skills Excellent organisational skills Advanced Excel skills Attention to detail Ability to travel Strong customer service skills Ability to explain technical issues in a non-technical and non-threatening way to users Ability to work unsupervised and prioritise workloads to maximise productivity of self and the team Ability to maintain a professional and courteous manner at all times Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name Mersey Care NHS Foundation Trust Address Informatics Merseyside, Saturn House School Lane Knowsley L34 9GJ Employer's website https://www.merseycare.nhs.uk/ (Opens in a new tab)