Digital cyber security specialist

Job summary A new and exciting opportunity has arisen to join the Digital Services Operations team as a Digital Cyber Security Specialist at The Mid Yorkshire Teaching NHS Trust. The Digital Operations Team support the trust Cyber Security, Servers, Network and Data Storage, along with the implementation and support of new systems. The successful candidate will lead the implementation of security enhancements, ensure compliance with relevant standards (such as the DSP Toolkit and Cyber Essentials Plus), and liaise with external stakeholders to uphold the security and confidentiality of Trust systems and data. We are looking for a friendly, motivated and enthusiastic individual who is passionate to deliver high-quality services and contribute to its ongoing development. Experience of working in a high-pressured NHS IT service environment with the ability to communicate with confidence to staff and customers at all levels, would be advantageous. Main duties of the job The Cyber Security Specialist will be a key member of the Digital Services team, responsible for ensuring the security, integrity, and resilience of the Trusts digital infrastructure, systems, and data. This includes safeguarding clinical and corporate systems against cyber security threats while enabling secure and reliable access for staff and partner organisations. The role involves managing, maintaining, and continuously improving the Trust's cyber security posture in line with industry standards, legal requirements, and NHS guidelines. The post holder will provide expert technical advice and operational support on cyber security matters across the organisation, including risk assessments, threat mitigation, and incident response. Working closely with other Digital Services teams, the Cyber Security Specialist will play a vital role in supporting the Trusts digital strategy, implementing security solutions, and promoting awareness of cyber security best practices across all disciplines and departments. About us We are an acute trust caring for over half a million people in Wakefield and Kirklees. Our 10,000 staff work in patients homes, the community, and our three hospitals in Pontefract, Dewsbury, and Pinderfields (Wakefield). We prioritise our people and values so we can deliver the best possible care to patients. Our team is friendly, passionate, and innovative, always seeking better ways to work. We support work-life balance and foster a diverse, inclusive environment where everyone belongs. Our staff networks offer safe spaces to share ideas and concerns so we can increase awareness and appreciation of equality, diversity, and inclusion. We welcome applicants from all backgrounds and especially encourage members of the LGBTQ community, ethnic minority groups, and people with disabilities or neurodivergence to apply, as they are currently underrepresented in the Trust. If you value caring, high standards, improvement, and respect, join the MY team to make a difference every day. Application guidance: We understand that more applicants are using AI technology to help with their applications. While these tools can be useful, they cannot fully capture your skills, knowledge, and experience. Its important that you personalise your application. Relying solely on AI is not recommended, as it may reduce your chances of success. Our screening process is thorough, so if you have used AI, please make sure to disclose this on your application form. Date posted 22 January 2025 Pay scheme Agenda for change Band Band 6 Salary £37,338 to £44,962 a year Contract Permanent Working pattern Full-time, Flexible working Reference number C9377-DS0153 Job locations Dewsbury & District Hospital Halifax Road Dewsbury West Yorkshire WF13 4HS Job description Job responsibilities Key Responsibilities Provide specialist knowledge and technical expertise in cyber security to protect the Trust's digital assets. Monitor, analyse, and respond to security threats and vulnerabilities, ensuring effective incident response and recovery. Develop and maintain cyber security policies, processes, and documentation to align with NHS and industry standards. Conduct security risk assessments and audits to identify gaps, recommend improvements, and ensure compliance. Work collaboratively with technical teams to secure systems, networks, and endpoints while supporting digital initiatives. Lead the implementation and maintenance of key security controls and technologies, including antivirus, encryption, and intrusion detection systems. Promote cyber security awareness and deliver training to staff, fostering a culture of security and vigilance. Liaise with external partners and agencies to ensure effective coordination in managing cyber security risks and incidents. Expected to work flexibly to meet the needs of our 24/7 workforce. This may mean, on occasion, working outside the core office hours MAIN DUTIES: Cyber Security Operations Monitor and manage the Trust's security tools, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools. Identify, analyse, and respond to cyber threats, vulnerabilities, and incidents, ensuring timely containment and resolution. Conduct regular security assessments, vulnerability scans, and penetration tests to maintain a secure digital environment. Policy and Compliance Develop, review, and maintain cyber security policies, procedures, and documentation to ensure alignment with NHS and legal standards, including the DSP Toolkit and Cyber Essentials Plus. Ensure compliance with data protection laws (e.g., GDPR) and NHS requirements, providing assurance on security measures to internal and external stakeholders. Risk Management Perform security risk assessments for new and existing systems, projects, and processes, providing expert recommendations to mitigate identified risks. Develop and manage a robust security risk register, ensuring risks are tracked, monitored, and reported to the appropriate governance forums. Incident Management and Response Act as a key point of contact for managing and investigating security incidents, coordinating with internal teams and external partners where necessary. Develop and test incident response plans to ensure the organisation can effectively respond to cyber security breaches. Collaboration and Stakeholder Engagement Work closely with other Digital Services teams to implement secure configurations and technologies that support operational and clinical needs. Liaise with external agencies, including NHS organisations, cyber security bodies, and law enforcement, to ensure effective threat intelligence sharing and incident coordination. Security Awareness and Training Deliver training and awareness programmes to staff at all levels to foster a culture of vigilance and good cyber security practice. Provide advice and guidance to users and departments on maintaining security, including safe handling of sensitive data and recognising potential threats. Continuous Improvement Monitor emerging threats, technologies, and best practices to enhance the organisation's cyber security posture. Lead the implementation of new security tools, systems, and processes, ensuring they integrate seamlessly with the Trusts digital infrastructure. Reporting and Documentation Prepare reports for senior management on security performance, risks, incidents, and compliance status. Maintain accurate and up-to-date documentation of security systems, processes, and incidents to support operational and audit requirements. The role requires a proactive approach to safeguarding the Trusts digital environment, ensuring systems are resilient, secure, and fit for purpose to support the delivery of high-quality healthcare. Job description Job responsibilities Key Responsibilities Provide specialist knowledge and technical expertise in cyber security to protect the Trust's digital assets. Monitor, analyse, and respond to security threats and vulnerabilities, ensuring effective incident response and recovery. Develop and maintain cyber security policies, processes, and documentation to align with NHS and industry standards. Conduct security risk assessments and audits to identify gaps, recommend improvements, and ensure compliance. Work collaboratively with technical teams to secure systems, networks, and endpoints while supporting digital initiatives. Lead the implementation and maintenance of key security controls and technologies, including antivirus, encryption, and intrusion detection systems. Promote cyber security awareness and deliver training to staff, fostering a culture of security and vigilance. Liaise with external partners and agencies to ensure effective coordination in managing cyber security risks and incidents. Expected to work flexibly to meet the needs of our 24/7 workforce. This may mean, on occasion, working outside the core office hours MAIN DUTIES: Cyber Security Operations Monitor and manage the Trust's security tools, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools. Identify, analyse, and respond to cyber threats, vulnerabilities, and incidents, ensuring timely containment and resolution. Conduct regular security assessments, vulnerability scans, and penetration tests to maintain a secure digital environment. Policy and Compliance Develop, review, and maintain cyber security policies, procedures, and documentation to ensure alignment with NHS and legal standards, including the DSP Toolkit and Cyber Essentials Plus. Ensure compliance with data protection laws (e.g., GDPR) and NHS requirements, providing assurance on security measures to internal and external stakeholders. Risk Management Perform security risk assessments for new and existing systems, projects, and processes, providing expert recommendations to mitigate identified risks. Develop and manage a robust security risk register, ensuring risks are tracked, monitored, and reported to the appropriate governance forums. Incident Management and Response Act as a key point of contact for managing and investigating security incidents, coordinating with internal teams and external partners where necessary. Develop and test incident response plans to ensure the organisation can effectively respond to cyber security breaches. Collaboration and Stakeholder Engagement Work closely with other Digital Services teams to implement secure configurations and technologies that support operational and clinical needs. Liaise with external agencies, including NHS organisations, cyber security bodies, and law enforcement, to ensure effective threat intelligence sharing and incident coordination. Security Awareness and Training Deliver training and awareness programmes to staff at all levels to foster a culture of vigilance and good cyber security practice. Provide advice and guidance to users and departments on maintaining security, including safe handling of sensitive data and recognising potential threats. Continuous Improvement Monitor emerging threats, technologies, and best practices to enhance the organisation's cyber security posture. Lead the implementation of new security tools, systems, and processes, ensuring they integrate seamlessly with the Trusts digital infrastructure. Reporting and Documentation Prepare reports for senior management on security performance, risks, incidents, and compliance status. Maintain accurate and up-to-date documentation of security systems, processes, and incidents to support operational and audit requirements. The role requires a proactive approach to safeguarding the Trusts digital environment, ensuring systems are resilient, secure, and fit for purpose to support the delivery of high-quality healthcare. Person Specification Qualifications Essential Educated to degree level or equivalent or able to demonstrate equivalent level of experience Desirable Specialist qualification IT ITIL Skills and Abilities Essential High levels of concentration required. Ability to learn and develop skills further. Troubleshooting. Resolve second line support problems. Ability to prioritise workload. Excellent organisational skills. Excellent written and verbal communication skills. Able to liaise with technical and non-technical staff. Good negotiating skills. Good people skills. Experience Essential Previous work experience in the NHS. Previous experience of managing staff. Extensive experience of setting up and configuring cyber systems and associated functionality. Significant knowledge of working practices within technical/cyber security Working with suppliers. Defining Trust security requirements and interpreting them to system suppliers. Advanced knowledge of Microsoft Office applications. Desirable Working as part of a team involved in delivery and management of technical security and information governance. Knowledge of project methodology. Knowledge of NHS data definitions, standards etc and ability to interpret NHS policy and provide advice and guidance. Knowledge and Awareness Essential An excellent knowledge of confidentiality and data security. Highly computer literate. Awareness of own limitations. Desirable Knowledge and awareness of different systems used within an NHS Trust. Awareness of regional collaborations for cyber security approaches. Personal Attributes Essential Ability to work as part of a team and alone. Resourceful and flexible. Effective team player. Excellent organisational and time management skills, able to work accurately under pressure to meet deadlines. The ability to maintain and enhance own skills and knowledge through research. Availability to work sometimes at short notice on other sites to cover absence. Ability to work on own initiative, to prioritise and plan workloads. Self-motivated and the ability to motivate others. Adaptable to change. A good listener communicator. Honesty and integrity. Able to multi-task effectively. Proven ability to work under own initiative with none or minimal supervision. Desirable Flexibility in the hours covered if required. Person Specification Qualifications Essential Educated to degree level or equivalent or able to demonstrate equivalent level of experience Desirable Specialist qualification IT ITIL Skills and Abilities Essential High levels of concentration required. Ability to learn and develop skills further. Troubleshooting. Resolve second line support problems. Ability to prioritise workload. Excellent organisational skills. Excellent written and verbal communication skills. Able to liaise with technical and non-technical staff. Good negotiating skills. Good people skills. Experience Essential Previous work experience in the NHS. Previous experience of managing staff. Extensive experience of setting up and configuring cyber systems and associated functionality. Significant knowledge of working practices within technical/cyber security Working with suppliers. Defining Trust security requirements and interpreting them to system suppliers. Advanced knowledge of Microsoft Office applications. Desirable Working as part of a team involved in delivery and management of technical security and information governance. Knowledge of project methodology. Knowledge of NHS data definitions, standards etc and ability to interpret NHS policy and provide advice and guidance. Knowledge and Awareness Essential An excellent knowledge of confidentiality and data security. Highly computer literate. Awareness of own limitations. Desirable Knowledge and awareness of different systems used within an NHS Trust. Awareness of regional collaborations for cyber security approaches. Personal Attributes Essential Ability to work as part of a team and alone. Resourceful and flexible. Effective team player. Excellent organisational and time management skills, able to work accurately under pressure to meet deadlines. The ability to maintain and enhance own skills and knowledge through research. Availability to work sometimes at short notice on other sites to cover absence. Ability to work on own initiative, to prioritise and plan workloads. Self-motivated and the ability to motivate others. Adaptable to change. A good listener communicator. Honesty and integrity. Able to multi-task effectively. Proven ability to work under own initiative with none or minimal supervision. Desirable Flexibility in the hours covered if required. Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Certificate of Sponsorship Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab). From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab). Additional information Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Certificate of Sponsorship Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab). From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab). Employer details Employer name The Mid Yorkshire Teaching NHS Trust Address Dewsbury & District Hospital Halifax Road Dewsbury West Yorkshire WF13 4HS Employer's website https://www.midyorks.nhs.uk/ (Opens in a new tab)