Job summary

Cornwall NHS IT Services is excited to announce the creation of a new Cyber Security Operations Centre (CSOC). Wecan provide a rewarding role of supporting healthcare across Cornwall and are looking for candidates who wantto further their careers in IT and specialise in cyber. This new team will play a vital role in ensuring the security and integrity of our IT systems and data and this is fantastic opportunity to help shape it from the outset. The successful candidates will supportthe detection and prevention of threats on our network and help the team in promoting good practice around cyber. If you have a passion for cyber security and a desire to be part of an exciting new project, then we want to hear from you. Apply now and be part of the team that helps to protect the NHS in Cornwall from cyber threats.

Main duties of the job

As a member of the CSOC team you’ll help provide operational cyber security across the department, proactively monitoring for threats and responding to cyber related incidents and alerts.

You’ll be using your skills and knowledge to supportvulnerability analysis across the estate, collaborating with others in IT toreduce threatexposure, and promoting good practice in relation to cyber.

You’ll work as part of a team providing the safe onboarding of 3rd party devices to our network, the monitoring and authorisation of supplier and privileged accounts, and the configuration and management of security related tools (SIEM, proxy, EDR, etc.).

About us

CITS provides a broad range of IT and digital services countywide for the NHS (Service Desk, Application Support, Infrastructure, Project Management, Cyber, Health Records). We’re passionate about what we do, working with colleagues across the NHS and the integrated care system to innovate and provide the best healthcare we can. We’re a caring, inclusive department with a high retention rate, supportive of flexible working and promote the wellbeing of staff.

Date posted

03 April 2023

Pay scheme

Agenda for change

Band

Band 4

Salary

£23,949 to £26,282 a year pa pro rata

Contract

Permanent

Working pattern

Full-time

Reference number

156-5164959

Job locations

Royal Cornwall Hospital

Truro

TR1 3LJ

Job description

Job responsibilities

As Cyber Security Analyst you will be part of CITS Cyber Security Operations Centre (CSOC) team. The role of the team is to support the NHS in Cornwall by providing operational cyber security, ensuring our systems are kept secure and protected, and reducing the impact from cyber incidents. The CSOC will be at the forefront in our proactive and reactive response to cyber related threats and incidents across the healthcare system countywide.

The key elements of the role encompass:

  • Actively monitor and review security alerts from multiple sources to detect and respond to cyber related events and threats.
  • Help with vulnerability scanning, using the data captured to work with colleagues to reduce cyber risk across our network.
  • Be part of a specialist team providing timely security support and expertise as part of 24/7/365 service.

In more detail the post holder will have the following responsibilities and essential duties:

Operational

  • As part of the CSOC team monitor and respond to cyber security related events, investigating in line with the team’s procedures and providing timely remediation or escalation of threat alerts.
  • Using the tools available to the CSOC team scan the estate for vulnerabilities, collating data in line with recommendations to help prevent security breaches.
  • Help prepare operational security reports, including security event and security incident alerts from network, infrastructure, end point, database, application and data security sources for further analysis.
  • Work with teams across the service to develop good practice to improve processes in relation to cyber.
  • Help deploy, manage and configure the security solutions used to report, protect and remediate threats across the Cornwall NHS estate.
  • Be part of an on-call rota to cover security alerts 24/7/365 alongside other colleagues from across the department.

General

  • Provide advice and support to the healthcare community on cyber security, communicating sometimes complex information to a variety of audiences who have different levels of IT literacy.
  • Contribute to a programme of continual service improvement within CSOC and cyber security practice across the system.
  • Keep up to date with new developments within IT and especially cyber security to expand expertise and industry knowledge.

DIMENSIONS

  • 15,000+ fixed and mobile Windows IP based devices
  • 2500+ network printers
  • 500+ network switches
  • 1000+ network and application servers
  • 200+ locations throughout Cornwall
  • 12,000+ users across the NHS in Cornwall
  • 150000+ requests per year through CITS Service Desk

Cornwall NHS IT Services employs over 300 staff providing IT system support,infrastructure management, IT programme management and health records services for the NHS across CSOC Team will consist of the CSOC Manager, a Senior CSOC Analyst, two CSOC Analysts and two Junior CSOC Analysts. This team will work alongside other colleagues with a security remit within the department as well as associates from partner organisations. These include the CITS IG Manager, IT Security Lead (roles relating to governance, strategy and audit) and members of the infrastructure team.

KNOWLEDGE, SKILLS & EXPERIENCE REQUIRED

Knowledge

  • IT related qualifications to NVQ Level 4 or experience working in an IT support role.

Skills

  • Analytical skills and attention to detail, often combining data from multiples sources to investigate incidents and identify vulnerabilities, drawing conclusions and recommending a course of action or escalating based on your judgement.
  • Ability to communicate complex information to a variety of audiences who have different levels of IT literacy and understanding relating to cyber security.
  • Ability to work independently in line with agreed practice in the team, escalating to more senior colleagues based on your judgement.
  • Core understanding across the range of technologies needed to manage an enterprise level IT infrastructure.
  • Ability to organise and prioritise competing tasks in a complex IT environment.

Experience

  • Experience in NHS or other major large-scale customer service oriented organisation.
  • Experience of working in an IT support role where you needed to use analytical skills to investigate and solve problems.

KEY RESULT AREAS

Providing a measured and appropriate response to cyber incidents based on your training and knowledge, understanding the impact of your actions may have on the business and escalating effectively when needed based on your judgement.

  • Input into the development of robust monitoring and response processes for cyber events and incidents.
  • Monitor and measure the security posture across the estate, helping identify areas at risk and contribute to the implementation of proposed solutions.
  • Support the automating and optimising of processes relating to cyber threat detection and response.
  • Support the project and operational teams to ensure new models of service/service offerings are secure by design whilst meeting customer expectations and outputs.
  • Help with training colleagues across the department on good practice and current processes relating to cyber security.

COMMUNICATIONS & WORKING RELATIONSHIPS

It is essential that the post holder maintains good working relationships with each section of the IT service, key colleagues in the health community, suppliers, and partner organisations. In particular: –

  • The CSOC Manager as your line manager
  • CSOC team members and the Security and Information Governance Managers
  • Technical and Service Operations teams within CITS
  • Programme and Project Managers
  • Key stakeholders from other partner IT services and system support areas in the business
  • Colleagues at any level when investigating an incident

MOST CHALLENGING PART OF THE JOB

  • Being able to stay calm and analytical when dealing with an emerging cyber incident.
  • Helping colleagues understand their contribution to the prevention, detection and response to security events.
  • Providing a robust and responsive service in an environment that is continually transforming to meet demand.
  • Prioritisation of workload as agreed with the manager to meet conflicting and competing pressures
  • Dealing with stressful and emotional situations and occasional agitated or angry customers.
  • Balancing the short-term reactive work whilst helping to contribute to the team longer term improvement goals.

Job description

Job responsibilities

As Cyber Security Analyst you will be part of CITS Cyber Security Operations Centre (CSOC) team. The role of the team is to support the NHS in Cornwall by providing operational cyber security, ensuring our systems are kept secure and protected, and reducing the impact from cyber incidents. The CSOC will be at the forefront in our proactive and reactive response to cyber related threats and incidents across the healthcare system countywide.

The key elements of the role encompass:

  • Actively monitor and review security alerts from multiple sources to detect and respond to cyber related events and threats.
  • Help with vulnerability scanning, using the data captured to work with colleagues to reduce cyber risk across our network.
  • Be part of a specialist team providing timely security support and expertise as part of 24/7/365 service.

In more detail the post holder will have the following responsibilities and essential duties:

Operational

  • As part of the CSOC team monitor and respond to cyber security related events, investigating in line with the team’s procedures and providing timely remediation or escalation of threat alerts.
  • Using the tools available to the CSOC team scan the estate for vulnerabilities, collating data in line with recommendations to help prevent security breaches.
  • Help prepare operational security reports, including security event and security incident alerts from network, infrastructure, end point, database, application and data security sources for further analysis.
  • Work with teams across the service to develop good practice to improve processes in relation to cyber.
  • Help deploy, manage and configure the security solutions used to report, protect and remediate threats across the Cornwall NHS estate.
  • Be part of an on-call rota to cover security alerts 24/7/365 alongside other colleagues from across the department.

General

  • Provide advice and support to the healthcare community on cyber security, communicating sometimes complex information to a variety of audiences who have different levels of IT literacy.
  • Contribute to a programme of continual service improvement within CSOC and cyber security practice across the system.
  • Keep up to date with new developments within IT and especially cyber security to expand expertise and industry knowledge.

DIMENSIONS

  • 15,000+ fixed and mobile Windows IP based devices
  • 2500+ network printers
  • 500+ network switches
  • 1000+ network and application servers
  • 200+ locations throughout Cornwall
  • 12,000+ users across the NHS in Cornwall
  • 150000+ requests per year through CITS Service Desk

Cornwall NHS IT Services employs over 300 staff providing IT system support,infrastructure management, IT programme management and health records services for the NHS across CSOC Team will consist of the CSOC Manager, a Senior CSOC Analyst, two CSOC Analysts and two Junior CSOC Analysts. This team will work alongside other colleagues with a security remit within the department as well as associates from partner organisations. These include the CITS IG Manager, IT Security Lead (roles relating to governance, strategy and audit) and members of the infrastructure team.

KNOWLEDGE, SKILLS & EXPERIENCE REQUIRED

Knowledge

  • IT related qualifications to NVQ Level 4 or experience working in an IT support role.

Skills

  • Analytical skills and attention to detail, often combining data from multiples sources to investigate incidents and identify vulnerabilities, drawing conclusions and recommending a course of action or escalating based on your judgement.
  • Ability to communicate complex information to a variety of audiences who have different levels of IT literacy and understanding relating to cyber security.
  • Ability to work independently in line with agreed practice in the team, escalating to more senior colleagues based on your judgement.
  • Core understanding across the range of technologies needed to manage an enterprise level IT infrastructure.
  • Ability to organise and prioritise competing tasks in a complex IT environment.

Experience

  • Experience in NHS or other major large-scale customer service oriented organisation.
  • Experience of working in an IT support role where you needed to use analytical skills to investigate and solve problems.

KEY RESULT AREAS

Providing a measured and appropriate response to cyber incidents based on your training and knowledge, understanding the impact of your actions may have on the business and escalating effectively when needed based on your judgement.

  • Input into the development of robust monitoring and response processes for cyber events and incidents.
  • Monitor and measure the security posture across the estate, helping identify areas at risk and contribute to the implementation of proposed solutions.
  • Support the automating and optimising of processes relating to cyber threat detection and response.
  • Support the project and operational teams to ensure new models of service/service offerings are secure by design whilst meeting customer expectations and outputs.
  • Help with training colleagues across the department on good practice and current processes relating to cyber security.

COMMUNICATIONS & WORKING RELATIONSHIPS

It is essential that the post holder maintains good working relationships with each section of the IT service, key colleagues in the health community, suppliers, and partner organisations. In particular: –

  • The CSOC Manager as your line manager
  • CSOC team members and the Security and Information Governance Managers
  • Technical and Service Operations teams within CITS
  • Programme and Project Managers
  • Key stakeholders from other partner IT services and system support areas in the business
  • Colleagues at any level when investigating an incident

MOST CHALLENGING PART OF THE JOB

  • Being able to stay calm and analytical when dealing with an emerging cyber incident.
  • Helping colleagues understand their contribution to the prevention, detection and response to security events.
  • Providing a robust and responsive service in an environment that is continually transforming to meet demand.
  • Prioritisation of workload as agreed with the manager to meet conflicting and competing pressures
  • Dealing with stressful and emotional situations and occasional agitated or angry customers.
  • Balancing the short-term reactive work whilst helping to contribute to the team longer term improvement goals.

Person Specification

Qualifications

Essential

  • IT related qualification to NVQ Level 4 or equivalent experience working in a support role.

Desirable

  • Cyber related qualifications

Experience

Essential

  • Experience of working in IT – troubleshooting support issues or maintaining and configuring systems

Desirable

  • Experience of using cyber tools
Person Specification

Qualifications

Essential

  • IT related qualification to NVQ Level 4 or equivalent experience working in a support role.

Desirable

  • Cyber related qualifications

Experience

Essential

  • Experience of working in IT – troubleshooting support issues or maintaining and configuring systems

Desirable

  • Experience of using cyber tools

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab) .

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab) .

Additional information

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab) .

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab) .