The Cyber Security Officer will work within the Cyber Security Team and will be responsible for the proactive scanning, monitoring, triage and response to cyber vulnerabilities identified across the Gloucestershire Integrated Care System (ICS).
You will take ownership of diverse incidents and service requests presented via our service management tool and see them through to completion.
The post holder will proactively seek out, report on and remediate vulnerabilities within the Gloucestershire ICS environment, using a diverse suite of security tools.
You will assist with audits against the Data Security & Protection Toolkit, ISO 27001 and related standards.
You will flag new and inventive ways to protect the confidentiality, integrity and accessibility of ICS information assets and be integral to any associated proof of concept work.
The post-holder will be expected to convey a positive, professional image, representing the Digital Team. They must demonstrate a proactive approach to meet requests for support, and exercise appropriate initiative in a high profile and busy environment and be able to demonstrate the ability to liaise effectively and confidently with people at all levels.
Main duties of the job
1. Experience proactively & reactively monitor the organization's network for any signs of security breaches, intrusions, or suspicious activity using tools like Antivirus software, intrusion detection systems (IDS), intrusion prevention systems (IPS) & security information & event management (SIEM), Endpoint Detection Response (EDR) & vulnerability monitoring & management platforms. Compliance monitoring tools.
2. Experience in investigating & analysing security alerts to determine their severity & the appropriate response.
3. Experience in regularly scanning the network & systems for vulnerabilities using Vulnerability management tools. E.g. Microsoft Defender for Endpoints, Nessus.
4. Experience in responding to & mitigating security incidents like malware infections, or network intrusions.
5. Identifying & assessing cybersecurity risks to the organization's data, applications, & infrastructure. Recommending mitigation strategies & tools to reduce those risks.
6. Documenting security incidents, investigations, & resolutions. Creating reports for management to assess the security posture & the effectiveness of cybersecurity measures.
7. Working closely with other IT professionals, such as network team Endpoints Compute, Server Team, Applications team to address security concerns & implement security measures in the Trust infrastructure.
8. Keeping up with the latest cybersecurity trends, tools, & best practices by attending workshops & staying updated on emerging threats.
About us
We take pride in placing people at the centre of everything we do, working together as a united team. Driven by a shared ambition to continually grow, develop, and learn, we recognise and value every contribution. By combining our experience and skills, we not only support our vibrant, diverse communities, but also support one another.
With a team of over 9,000 employees, we are proud to be the largest employer in Gloucestershire and rank among the top 10 largest Trusts in the South West region. By joining our Trust, you will benefit from an excellent package that includes exclusive benefits, flexible working opportunities and the chance to gain valuable experience in one of our innovative hospitals. As well as generous annual leave allowance, access to the excellent NHS pension scheme, competitive bank rates, discounts at local shops and restaurants, access to two on-site nurseries, discounted public transport, reward and recognition and a range of health and wellbeing initiatives to support you.
Job description
Job responsibilities
1. Maintain, further develop and assist in implementation of Information Security Management Systems in use within the ICS in line with the requirements of Data Security and Protection Toolkit, National Guidelines and Security Best practice.
2. Support the development of good practice and workable security operating procedures in relation to cyber security across the system and provide specialist knowledge and analysis to improve the safety and stability of systems.
3. Propose changes and improvements to IT security policies and procedures, implementing changes under the direction of Cyber Security Lead.
4. Provide proactive monitoring, review, analysis and interpretation of security incidents and alerts using security technologies such as Sophos Central management console, Microsoft Defender for Endpoint and other security platforms, to ensure that alerts are resolved quickly by the appropriate team.
5. Act as a senior member of the team responsible for the monitoring, detection and response to cyber security events, ensuring the appropriate technical response and timely remediation of threat alerts.
6. Act as an escalation and co-ordination point for cyber related incidents. investigate suspected and actual breaches of IT security and undertake reporting/remedial action as required.
7. Be part of an on call rota to cover security related events outside of working hours alongside the wider CITS 24/7 service.
8. Maintain detailed logs of any security events, incidents and remedial recommendations and actions taken.
9. Perform ongoing IT Security risk assessments and audits to ensure that IT Systems are adequately protected.
10. Coordinate work with the wider IT operational and project teams, information asset owners and system managers to ensure all solutions utilise IT Security best practices.
11. Work with vendors, outside consultants and other 3rd parties to improve IT security within the organisation.
12. Help facilitate regular penetration testing exercises of the Trusts perimeter network, to gather intelligence from these exercises and use these to generate lessons learned and drive Continuous Improvement.
13. Collaborate with cyber security team colleagues to prepare operational security reports and KPIs, including security event and security incident alerts from network, infrastructure, end point, database, application and data security controls.
14. Responsible for ensuring that at all times, the highest standards of customer service are delivered.
15. Provide advice and act, where necessary, in response to Audit findings and recommendations in respect of information security.
16. Review and advise on IT Security patches, software updates and vulnerabilities according to best practices.
17. Identify threats to the confidentiality, integrity, availability, accountability and relevant compliance for information systems and provide authoritative advice and guidance on the application and operation of all types of security controls.
18. Work closely with organisation information governance teams to maintain legislative and regulatory requirements in regards to data protection and records management.
19. Maintain currency with security and security enhancing technologies and brief colleagues as needed to enable measures, to be implemented where and when necessary or desirable.
20. Ensure that access control, disaster recovery, business continuity, incident response and risk management needs are appropriately addressed.
21. Review cyber security threat notifications received from the NHS Digital Carecert service, using detailed log information, a variety of software utilities and software management tools to identify potential threats and eliminate false positives.
22. Demonstrate a detailed knowledge and experience of the installation, configuration and maintenance of PCs and mobile devices and an understanding of network protocols, including TCP/IP, and their use in relation to network operating systems and perimeter security.
23. Apply a comprehensive knowledge of best practice in relation to cyber-security, malware prevention and critical security updates and a knowledge of Microsoft Windows server technologies and Active Directory infrastructure and be able to communicate requirements to a wide variety of users.
24. Ensure personal prioritisation and management of allocated tasks and workload.
Person Specification
Qualifications
Essential
* Relevant Degree or in IT Field or Stem subject or equivalent experience.
* ITIL Foundation Certificate.
* Evidence of continued professional development within the field of cyber security.
Desirable
* CISSP or equivalent qualification.
* ISACA CISM/CISA Certification.
Experience
Essential
* Substantial to Extensive experience working in a Security Operations Centre or similar environment.
* Experience of working in a high-pressured front-line environment.
* Experience using IT Systems & Microsoft Office.
Desirable
* Working knowledge of IT systems in a healthcare environment.
* Experience of working in a multidisciplinary team.
Knowledge / Skills
Essential
* Detailed knowledge and experience in cyber-security threat analysis and the use of software utilities to identify potential threats and eliminate false positives.
* Detailed knowledge and experience leading, coordinating or being actively involved in the investigation and remediation of security incidents.
* Detailed knowledge and experience in the investigation and remediation of Virus/Malware infections and outbreaks.
* Good knowledge of Network protocols, including TCP/IP and their use in relation to operating systems and perimeter security.
* Understanding of the requirements for Business Continuity /Disaster Recovery and practical experience.
Employer details
Employer name
Gloucestershire Hospitals NHS Foundation Trust
Address
Trustwide
Gloucestershire (Gloucester, Cheltenham)
GL1 3NN
Any attachments will be accessible after you click to apply.
318-24-COR-T1986
#J-18808-Ljbffr