Associate Information Security Practitioner | Moorfields Eye Hospital NHS Foundation Trust

The Associate Information Security Practitioner role is part of the Moorfields Information Security Team. The team ensures that our systems and data are safe, secure, and resilient – so that we can focus on delivering high‑quality, patient‑centred care and are trusted by our patients, service users and staff.

• Contribute to operational support of information security solutions and services
• Engage with our third‑party provision of information security service
• Contribute information security expertise to projects and operational services
• Support assurance activities and the improvement of security and resilience of our organisational infrastructure
• Be proactive in identifying problems and translating these into non‑technical descriptions that can be widely understood

• Cloud operations
• Domain directory services/IAM
• Infrastructure operations
• End user device management
• Network security and operations
• Security architecture

• Undertake Information Security Assessment activities, including supply chain / 3rd party assessments following National Cyber Security Centre evaluation best practices for cloud and on premise technologies

• Monitoring practices including key performance indicators on security enforcing tools such as anti‑virus, patching, and driving security posture improvements

• Technical audit activities included within vulnerability management including internal scans and external security & penetration tests, forensic audits, or related investigations. This includes the ability to ensure remediation of findings are handled and fed into continuous service improvement activities

• Incident management of cyber security events of all severities, throughout the incident lifecycle

• Develop, maintain, and improve data and technology Business Continuity & Disaster Recovery Plans that enable us to respond to and recover from events

• Support information gathering and creating supporting narrative / recommendations to ensure security of data through the annual Data Security Protection Toolkit cycle
• Provide advice and expert knowledge to projects / programmes / operational services to ensure that information systems are designed to meet data protection requirements

• Risk management activities such as maintenance of the risk register, identification and management of risk, escalations, and using risk to drive improvements

• Contribute to the development of the Trust information Security policy framework, considering regional and national policies and practices
• Apply policy to working practices and procedures, and guide colleagues towards information security policy

• Salary including High‑Cost Area Supplement
• Opportunity to join the NHS Pension Scheme
• Free 24/7 independent counselling service
• Learning and development opportunities
• Easy and quick transport links
• A range of attractive benefits and discounts
• Access to Blue Light Card and other NHS Discount Schemes
• Free Pilates classes
• Full support and training to develop your skills
• Flexible working friendly organisation

This advert closes on Sunday 26 Oct 2025