Keystream are seeking an experienced and proactive Cyber Security Engineer to joinone of ourNHS Trusts Digital & IT team's in London. This pivotal role will be responsible for supporting and enhancing the cyber security within the NHS by overseeing patch management, leading phishing simulation exercises, managing cyber dashboards. The ideal candidate will bring a strong background in technical cyber operations, risk management, and policy writing, with a working knowledge of NHS and public sector cyber frameworks. The role is INSIDE IR35 and will require on site working a minimum of twice a month, in London. Key Responsibilities: Patch Management Oversight Ensure timely and effective patch deployment using Datto or similar tools. Report on patch compliance and trends. Cyber Security Reporting Generate regular reports on cyber posture and vulnerabilities. Chair the monthly Cyber Working Group, driving the agenda and outcomes. Phishing Simulation Management Plan, execute, and report on phishing simulation exercises. Provide analysis and recommendations to improve staff awareness. Cyber Dashboards Management Maintain and monitor dashboards using tools such as ITHealth, Netwrix Auditor, Microsoft Defender for Endpoint (MDE), and Sophos. Investigate and respond to anomalies or incidents. Penetration Test Remediation Oversight Coordinate the remediation of findings from internal and external penetration tests. Track progress and escalate unresolved issues. Cybersecurity Policy Development Draft, review, and update cyber-related policies to reflect current best practices and compliance standards. Support Cybersecurity Objectives Contribute to the Trusts broader cyber objectives and strategies. Support cyber awareness initiatives and training where needed. Technical Design Authority (TDA) Input Provide cyber security input and risk assessments into TDA decisions and projects. Risk Identification & Management Identify, assess, and raise cyber risks through appropriate governance channels. Maintain a risk register and work closely with IG and risk teams. Cyber Essentials Plus (CE) While currently on hold, familiarity with the CE accreditation process is desirable If you have the skillsets for this role please send your cv for immediate review. Please note, due to the high number of cv's expected for this role, if you do not hear back within 2 weeks please assume your appliacation was not succesful.