Senior Cyber Security Infrastructure Engineer

You will undertake the following duties and responsibilities:

• Assist the Enterprise Security Manager and Senior Cyber Security Architects to ensure all new and changed technologies meet NHS and Industry security standards.
• Play an active role in the Organisation's Change Authority, Design Authority and development of new solutions.
• Develop and produce reports to ensure compliance to Security standards including, Accredited Safe Haven (ASH), Data Protection and Security Toolkit (DPST) CE+, ISO270001 to name a few..
• Undertake ICT Security projects as required directed by the Enterprise Security Manager, Senior Cyber Security Architects or appointed manager.
• Act as a Technical resource for IT Security solution implementations
• Develop, publish, review and amend all Security Policies to meet the requirements of the defined review cycle.
• Implement security controls and initiatives to ensure compliance with the organisational Security Policy.
• Lead security evaluation activities utilising security tests such as commissioned IT Health Checks, auditing, vulnerability scanning and penetration testing to name a few [but not exhaustive].
• Report testing results to management and commissioning customers. Documenting and managing completion of required corrective actions, remediation activities and recommendations using well documented and managed improvement and implementation plans
• Ensure procedures and documentation are followed to manage, safeguard and support a secure environment
• Ensure that all IT Security documentation is continually up to date
• Develop and implement new procedures through the correct channels where necessary, to ensure smooth running of the service
• Support the collation of information and reporting requirements to ensure NHS and ICT Industry security compliance, to include NHS Digital reporting requirements during cyber incidents .Support the reporting cycle as specified in the ICT Security and Incident Management Policies
• Evaluate new security technology developments, to include the recommendation of new technologies, where appropriate internally for evaluation and PoC as suitable.
• Benchmark the IT Security Service to demonstrate quality and level of service being provided to its clients.
• Perform ICT Security risk assessment, business impact analysis and accreditation for all major information systems within the organisation.
• Use judgment in setting the day to day priorities to include delegation of tasks and provision of ongoing support where required.
• Manage problem resolution internally and escalation to outside suppliers where appropriate.
• Support the following ITIL v3 processes - Risk, Capacity, Availability, IT Service Continuity, Information Security, Compliance, Architecture and Supplier Management

Experience Needed

• Significant experience of operating in a Cyber Security remit previously
• Evidence of continued professional development in the Cyber Security arena
• Demonstrated experience of co-ordinating projects in complex and challenging environments
• Experience of managing risks and reporting
• Experience of managing Incidents and problems
• Experience of working in a larger multi-tiered customer environment
• Understanding of the public sector
• Demonstrated experience of working in the health service or public sector
• Comprehensive knowledge of project principles, techniques and tools, such as Prince 2 Foundation
• Experience in a senior technical ICT Security role