Head of Cyber Security
NHS AfC: Band 8b
- NHS AfC: Band 8b
- Full time - 37.5 hours per week
- Royal Stoke Hospital
- Stoke on Trent
- £54,764 - £63,862 per annum
- 18/01/2022 23:59
If there is a high volume of applications the advert may be closed early. Please apply without delay if you wish to be considered for this role. (This does not apply to any medical staffing posts)
From 1st April 2022 all NHS workers in England with face to face contact with patients must be fully vaccinated against Covid-19. Only those with medical exemptions will be excluded from this requirement. Please consider this mandatory requirement when applying for this position.
Important Information: University Hospitals of North Midlands NHS Trust does not pay travel expenses for candidates attending interviews.
Head of Cyber Security band 8b
The post holder will be the lead expert for Cyber Security with responsibility of ensuring the security of the organisations IT Infrastructure and patient data as well as working as an IM&T Operations Engineer. The Post holder will be responsible for seeking out any potential vulnerability both internally and externally and proposing / implementing solutions to prevent breaches of IT security.
Working as part of part of a team responsible for providing mission critical services ensuring a responsive technical service, involved in the design, development and security of IT systems. Due to the highly technical nature of this post there will be also a requirement to undertake configuration, tuning, troubleshooting, recovery fault resolution and in-depth technical fault diagnosis and problem solving
Main duties of the job
- Represent Cyber Security interests at the IT Change Advisory Board, ensuring changes to technology have been appropriately considered
- Develop and maintain relationships with other NHS organsations across the UK in relation to Cyber related incidents, findings and solutions
- Ensure regular contact with external organisations such as NHS Digital keeping well-informed on security vulnerabilities and recommended solutions to mitigate risk
- Promotes security awareness and strengthen relationships with business stakeholders
- Post holder will act as the lead Incident Manager in the event of a Cyber Security breach ensuring that the correct approach is taken to identification, diagnostics and resolution.
- To provide, understand and receive at an appropriate level, highly complex and technical issues / information and clearly communicate these issues at a level understandable by the audience.
- Negotiating with clinicians, senior managers and third party suppliers in relation to new working practices and technical solutions. To agree design and development, priorities through the use of a project plan and the design of reporting tools.
- Understand, disseminate and then presents highly complicated information, of an often contentious or sensitive nature to clinicians and senior levels of management.
Working for our organisation
University Hospitals of North Midlands NHS Trust is one of the largest and most modern in the country. We serve around three million people and we’re highly regarded for our facilities, teaching and research. The Trust has around 1,450 inpatient beds across two sites in Stoke-on-Trent and Stafford. Our 11,000 strong workforce provide emergency treatment, planned operations and medical care from Royal Stoke University Hospital and County Hospital in Stafford.
We are the specialist centre for major trauma for the North Midlands and North Wales. We have put together a wide range of development packages aimed at ensuring that everyone has the opportunity to fulfil their potential. Our goal is to be a world-class centre of achievement, where patients receive the highest standards of care and the best people come to learn, work and research.
Detailed job description and main responsibilities
For more information on working for the Trust, please see the attached Job Description and Person Specification.
For more details on the post, please contact David Tudor
(see contact details)
Education and qualifications
- Qualified to Masters Degree level or equivalent experience gained or equivalent work experience
- MCSE or MCSA qualification or equivalent specialist IT training
- Degree in Computer Sciences
- CISSP qualification
- CCNA, CCNP, CyberOps Cisco Network qualification
- Significant experience of identifying potential IT security related threats
- Significant experience in coordinating incidents relating to IT security breaches ensuring a methodical approach is taken to identification, diagnostics and resolution
- In depth experience of liaising with national third party vendors ie NHS Digital
- Experience of working within a mission critical IT services.
- In-depth specialist knowledge of IM and T systems and procedures (expert in their field)
- Significant exposure to building and configuring personal computers and associated peripherals.
- In depth experience of building and configuring server systems and relating IT security to all new system infrastructure design and implementation
- In depth experience of working in a server environment including building server systems from scratch. This includes clustered Email, database, web servers, VPN or Remote Working technologies, Network Attached Storage devices and storage area network equipment.
- Experienced in providing assurance reports to senior stakeholders
- Experienced with building and management of firewalls, IDS or IPS (eg Cisco ASA or Firepower, Fortinet, Palo Alto, Sophos XG or UTM)
- Experienced in providing assurance reports to senior stakeholders
- Experienced in investigation of Cyber Security matters
- Experience with Enterprise Cyber Security technologies eg Darktrace or Stealthwatch or Vectra or MS Defender for Endpoints or Sophos Central
- Familiarity with current computing technologies
- Configuration of all versions of Microsoft Server Platforms.
- Good understanding of NHS working practices and standards including the Data Security and Protection Toolkit, Cyber Essentials plus and ISO 27001
Skills, Ability & Knowledge
- Excellent Analytical skills in order to investigate and resolve complex issues.
- The ability to plan and organise the implementation of complex and specialist systems/project. These systems impact across all clinical and non clinical areas of the Trust.
- To take the lead on the design and development of major systems in line with Trust IT strategies and within budget requirements
- To research new IT security tools, technologies and present proposals for better and more efficient ways of working.
- To be responsible for ensuring that the infrastructure is in place for systems to run efficiently.
- To take the lead and liaise with third party companies regarding Cyber Security and be responsible for the on-going maintenance
- Committed to providing a customer focused IT service to the Trust and other relevant parties.
- Ability to relate to system users at all levels and communicate technical issues in a non-technical manner.
- Responsible for back-ups of Terabytes of critical patient and user data.
- Excellent general communication and telephone skills.
- Excellent customer relation skills.
- Logical approach to problem solving.
- Able to think clearly under pressure.
- Able to work under pressure and to deadlines.
- Ability to manage own time and priorities.
- The ability to guide members of the team to help them solve problems, sometimes these are of a complex nature and require in depth research to resolve.
- Knowledge and ability to manage and administer the Trust’s and responsible for the security of the Trust applications and confidential patient data.
- Responsible for the planning of updates and upgrades of business critical systems, infrastructure and information systems.
- The ability to handle detailed, diverse and at times highly complex technical issues by yourself, including researching of a solution via the Internet where required.
- The ability to maintain and repair a server and storage investment of some 1,000,000 pounds plus, ensuring a front line service is provided to over 10000 online users 24/7 x 365 days a year.
- An in-depth understanding of the interactions Between server systems and networking systems.
- Knowledge of server system administration and support.
- General knowledge and understanding of LAN WAN networking and associated devices.
- Routine monitoring, maintenance and configuration of servers and application software.
- The physical installation and configuration of servers and operating systems from the ground up, including Windows 2012 and above.
- Experience in supporting a mixed IT environment, incorporating servers, PCs, Storage devices, network equipment .
- Able to adapt to changing technologies
- Windows Server administration and support
- The ability to work to tight deadlines while still maintaining the flexibility to deal with day to day queries from end users and other colleagues from within the Department.
- Ability to concentrate for long periods while designing and developing complex systems.
- Able to work as part of a team.
- Self motivated.
- Completer / finisher.
- Attention to detail.
- Full Driving licence to drive Trust vehicles.
- To participate in an on-call rota providing 24 hour cover Infrastructure related business critical issues
- Working across both Royal Stoke and County Hospital – rotation on a regular basis
Documents to download
Further details / informal visits contact
- David Tudor
- Job title
- Head of Service Delivery
- Email address
- Telephone number
- 01782 671510
If you have problems applying, contact
University Hospitals of North Midlands - Royal Stoke
Springfield Building, Floor 2 (Trust HQ)
Stoke on Trent
- Office: 01782 671437 OR VOIP: 01782 228396