Cyber Security Analyst

Job summary

Passionate about how digital can transform healthcare, for our donors, patients and colleagues? We have an exciting Digital Services team opportunity for a Cyber Security Analyst, to work collaboratively across the Trust and wider NHS Wales, to provide transformative digital systems and insight-led services.

We are in an exciting period of change including opening a new world class cancer centre to extend and enhance specialist cancer treatment along with delivery of cancer care closer to home at regional sites. For the Welsh Blood Service, we are transforming blood and transplant services, improving current capabilities alongside developing new services including plasma for medicines.

An ambitious digital strategy underpins this, which will revolutionise the way in which we deliver services - from co-producing innovative technologies, working on digital inclusion, to embedding data & insight into our everyday. Our team are here to deliver new digital solutions and excellent everyday digital service, to improve services and outcomes.

This is a truly special opportunity and we are looking for talented and passionate people who share our values and can help us realise the Trust's ambitions.

• The team are required to monitor cyber security systems, respond to cyber incidents and develop policy, processes and procedures to reduce the likelihood of a cyber security incident and improve cyber resilience.
• The post holder will monitor Trust cyber security systems to respond to cyber incidents and proactively scan for security threats.
• You will assist with cyber security incidents and provide specialist advice and knowledge to support the day-to-day management of operational services, as well as assisting in the development of cyber security training packages for both the team and the organisation. With digital becoming a critical dependency in healthcare, availability of services is essential and we must therefore instil a culture of cyber security from the ground up.
• You will be required to adhere to the cyber security professional code of conduct, and keep up to date with legislation and national policies, as well as assessing security advisories from third parties.

Here at Velindre University NHS Trust we are extremely proud of the specialist services we provide across the whole of Wales in our cutting-edge Velindre Cancer Centre and our award-winning Welsh Blood Service, as well as the expertise of our corporate functions that bring the two divisions together. We are also fortunate to host the NHS Wales Shared Services Partnership and Health Technology Wales and have developed strong partnership working with these expert services.

Formed in 1994, the Trust has a dedicated workforce that continuously strives to apply the key principles of value based healthcare through a wide array of roles. We play a vital role in the communities we support and have ambitious plans for the future to continue to improve the services we deliver. We strive to maintain our core values in everything we do by being; accountable, bold, caring and dynamic, and ensuring the best possible care for our patients and donors.

If you want to work for an organisation that prides itself on making a real difference and offers exciting career opportunities then Velindre University NHS Trust is the place for you.

Essential: Educated to Degree level or working towards (preferably Cyber Security) or equivalent and a recognised qualification in Cyber Security e.g. CISMP, CompTIA or equivalent level of work experience and knowledge. Network 75 scheme. Previous experience of working to KPI's / targets. Experience, or understanding of live monitoring, SIEM and monitoring devices.

Desirable: Previous experience of working in the digital field in the NHS or a healthcare setting. Knowledge of cyber security frameworks such as MITRE ATT&CK, NIST Cybersecurity Framework, NCSC Cyber Assessment Framework. Knowledge of regulations such as GDPR/DPA and Network and Information Systems (NIS).

Essential: Relevant experience working in Cyber Security. Evidence of Cyber Security or other relevant work outside formal training or employment (voluntary, research, academia, social media etc.).

Desirable: Experience of ICT service provision in a healthcare setting. Delivery of training to technical and non-technical staff. Report writing. Development of Standard Operating Procedures. Experience working with SIEM solutions.

Essential: Awareness and knowledge of security principles, understanding frameworks (ISO) etc, systems and lifecycles. Knowledge of digital best practice, information security and information governance. Understanding the need for security requirements across a varied estate. Able to maintain and apply an understanding of how you should design security into your environment. Proven ability for attention to detail. Able to follow documented processes and policies. Ability to use own initiative and judgement. Able to plan, prioritise and manage conflicting agendas and priorities in order to meet challenging deadlines. Able to evaluate options to aid decision making. Demonstrates excellent time management skills. Excellent communication skills in order to convey digital / cyber issues to a non-digital / cyber audience.

Desirable: Understanding of project and change management skills and techniques.

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.