Key Responsibilities Provide specialist knowledge and technical expertise in cyber security to protect the Trust's digital assets. Monitor, analyse, and respond to security threats and vulnerabilities, ensuring effective incident response and recovery. Develop and maintain cyber security policies, processes, and documentation to align with NHS and industry standards. Conduct security risk assessments and audits to identify gaps, recommend improvements, and ensure compliance. Work collaboratively with technical teams to secure systems, networks, and endpoints while supporting digital initiatives. Lead the implementation and maintenance of key security controls and technologies, including antivirus, encryption, and intrusion detection systems. Promote cyber security awareness and deliver training to staff, fostering a culture of security and vigilance. Liaise with external partners and agencies to ensure effective coordination in managing cyber security risks and incidents. Expected to work flexibly to meet the needs of our 24/7 workforce. This may mean, on occasion, working outside the core office hours MAIN DUTIES: Cyber Security Operations Monitor and manage the Trust's security tools, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools. Identify, analyse, and respond to cyber threats, vulnerabilities, and incidents, ensuring timely containment and resolution. Conduct regular security assessments, vulnerability scans, and penetration tests to maintain a secure digital environment. Policy and Compliance Develop, review, and maintain cyber security policies, procedures, and documentation to ensure alignment with NHS and legal standards, including the DSP Toolkit and Cyber Essentials Plus. Ensure compliance with data protection laws (e.g., GDPR) and NHS requirements, providing assurance on security measures to internal and external stakeholders. Risk Management Perform security risk assessments for new and existing systems, projects, and processes, providing expert recommendations to mitigate identified risks. Develop and manage a robust security risk register, ensuring risks are tracked, monitored, and reported to the appropriate governance forums. Incident Management and Response Act as a key point of contact for managing and investigating security incidents, coordinating with internal teams and external partners where necessary. Develop and test incident response plans to ensure the organisation can effectively respond to cyber security breaches. Collaboration and Stakeholder Engagement Work closely with other Digital Services teams to implement secure configurations and technologies that support operational and clinical needs. Liaise with external agencies, including NHS organisations, cyber security bodies, and law enforcement, to ensure effective threat intelligence sharing and incident coordination. Security Awareness and Training Deliver training and awareness programmes to staff at all levels to foster a culture of vigilance and good cyber security practice. Provide advice and guidance to users and departments on maintaining security, including safe handling of sensitive data and recognising potential threats. Continuous Improvement Monitor emerging threats, technologies, and best practices to enhance the organisation's cyber security posture. Lead the implementation of new security tools, systems, and processes, ensuring they integrate seamlessly with the Trusts digital infrastructure. Reporting and Documentation Prepare reports for senior management on security performance, risks, incidents, and compliance status. Maintain accurate and up-to-date documentation of security systems, processes, and incidents to support operational and audit requirements. The role requires a proactive approach to safeguarding the Trusts digital environment, ensuring systems are resilient, secure, and fit for purpose to support the delivery of high-quality healthcare.