The Cyber Security Analyst is responsible for the identification and handling of threats, both internal and external, to the security of Provide and Provide group companies. The Cyber Security Analyst will be expected to research and identify cutting edge techniques and technologies which will strengthen the organisation's cyber security position.
The Cyber Security Analyst will work closely with the Technology Security and Cloud Lead and Director of IT & Systems to ensure all areas of the Environment are maintained and developed to high standards, security is of the highest priority and part of the role will be to analyse gaps, recommend and implement improvements.
A strong knowledge of security hardening techniques, exploit mitigation and security incident management is essential and will be utilised when planning upcoming projects and BAU activities.
Main duties of the job
- Provide strategic and technical expertise to design, implement, and manage advanced cybersecurity solutions.
- Analyse security events and investigate security alerts, resolving or escalating appropriately.
- Document security incidents, identifying process and tooling improvements.
- Conduct security assessments through vulnerability testing and risk analysis.
- Perform root-cause analysis of security breaches.
- Develop and refine incident response playbooks.
- Utilise threat intelligence to identify attack scale, type, and affected systems.
- Act as primary contact for logging and managing security incidents and events.
- Assist with internal and external audits, preparing required information.
- Create and maintain security procedure manuals.
- Promote cybersecurity awareness across the organisation.
- Stay informed about legal, regulatory, and technological cybersecurity developments.
- Communicate complex technical issues clearly to technical and non-technical stakeholders.
- Use diplomacy and negotiation skills when agreeing priorities with senior management and suppliers.
- Deliver technical presentations and training on cybersecurity topics.
- Independently plan workload, make decisions, and implement improvements within organisational policies.
- Act as lead specialist, resolving complex cybersecurity problems autonomously.
- Assist with induction and professional development of junior team members.
- Allocate tasks and oversee junior staff workload planning.
About us
Provide is a Community Interest Company (social enterprise). We deliver a broad range of health and social care services in the community, and are committed to making sure that they are safe, responsive and of high quality. Provide is owned by its employees and has primarily social objectives. Any profits we make are reinvested into the local community or back into delivering services.
We work from a variety of community settings, such as community hospitals, community clinics, schools, nursing homes and primary care settings, as well as within people's homes to provide more than 40 services to children, families and adults across Essex, Dorset, East Anglia and the North of England.
A highly respected, award winning health and social care provider. We expect our staff to demonstrate and uphold our values at all times:
Vision: Transforming Lives
Values: Care, Innovation and Compassion
Mission: An ambitious, employee owned social enterprise, growing in size and influence. We transform lives by treating, caring and educating people.
Provide is an equal opportunity employer committed to building a team that represents a variety of backgrounds, perspectives and skills, proud to have LGBT+, Ethnic Minority and Men's Networks.
We welcome applicants from underrepresented groups. If you have the skills and experience for the job, please apply regardless of your background.
Job responsibilities
Operational or Strategic Responsibilities
- Provide analytical, strategic, and technical skills to design, develop, implement, and use state-of-the-art technology cybersecurity solutions aimed at reducing risk.
- Analysing security event data arising from activity across the organisation with the goal of detecting malicious activity.
- Investigating security alerts and incidents generated by security tools within the organisation, resolving or escalating as appropriate.
- Producing documentation relating to the processing of alerts and incidents which includes the identification of improvements to processes and/or tooling.
- Conducting security assessments through vulnerability testing and risk analysis.
- Analysing security breaches to identify the root cause.
- Define and mature playbooks for response to cyber threats.
- Use threat intelligence to pinpoint scale of the attack, the type of attack and systems affected.
- Provide incident response for confirmed security incidents.
- Be the point of contact for Security incidents, events and requests and ensure all are logged.
- Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate.
- Creation and maintenance of procedure manuals.
- Promoting Security awareness across the business.
- Understand legal & regulatory requirements and procedures in place relating to Security.
- Actively remain informed about new and evolving technological and cyber security change, including working towards and obtaining relevant professional certifications.
Communication and Relationship Skills
- Use of tact and diplomacy when dealing with customers and suppliers.
- Use of negotiation skills when setting and agreeing priorities with senior managers, e.g. when prioritising developments, agreeing system designs or new processes.
- Give technical presentations and training on complex IT issues.
- Communication of a range of complicated, detailed and difficult to explain multi-stranded IT issues to both peers and non-IT staff and suppliers.
- Communication of complex IT issues and solutions with staff at various levels across the trust and to external technical teams, this requires excellent written and verbal communication skills.
Autonomy
- Ensure their own training is up to date.
- Keep up to date with national guidance and Provide policies, highlighting any required changes to the departments manager.
- Plan own workload and activities to meet project deadlines and provide user support.
- Ability to work unsupervised and make decisions without referring to a manager to achieve agreed objectives.
- Review, propose, develop and implement processes for own area of work.
- Act as a lead specialist in own area of work.
- Using knowledge gained through formal learning and work experience to make judgements on how to most effectively resolve IT problems where there may be a range of options.
- Work within broad policies and national guidance that may require interpretation due to the complexity and technical nature of the guidance.
Responsibility for Human Resources/Supervision or Management of others
- Assist with the induction of new members of staff.
- Supporting the development of more junior members of the team.
- Deliver training on a range of IT subjects to other members of the IT Team.
- Allocates work to more junior members of staff.
- Plans workload within own area of work.
Responsibility for Finance/Resources or Budget
- Ordering and receipting of IT hardware and software which can often be of high value.
- Responsible for the proper and safe use of IT equipment by users.
Use of Information Resources
- Responsible for the planning, development, review, update and introduction of IT infrastructure and server related projects, e.g. implementation of new servers.
- Ensuring databases are kept up to date and maintained to a high quality, this will include the Configuration Management Data Base.
- Entering data into a range of IT systems and auditing this data when required.
- Production of reports.
- Using analytical skill for the production of statistics on the performance of the department and suppliers for the service managers, these may be circulated to Provides board members and Senior Management Team.
- Email, telephone and face to face communication with customers and suppliers.
- Making modifications and repairs to IT software, hardware and code.
- Development of training materials and processes.
Responsibility for Patient Care
There is no responsibility beyond incidental contact with patients.
Person Specification
QUALIFICATIONS & EDUCATION
- Educated to Degree level (Alternatively significant level of experience working at a similar level in a specialist area. Plus, recognised qualification such as ECSA or equivalent cyber security experience. Evidence of professional and/or personal development.
- ITIL foundation certificate or higher
- Obtained or working towards any of the below or equivalent: CEH CISM CISSP OSCP CASP+
WORK RELATED KNOWLEDGE & EXPERIENCE
- Understanding of vulnerability management and related management tools.
- Good knowledge of OWASP top 10
- Understanding of penetration testing methodology and related tools and techniques
- Ability to perform web application vulnerability assessments
- Understanding of server, client and network technologies.
- Understanding of attacker techniques, from post-exploitation to full system compromise and lateral movement.
- Understanding of defender techniques.
- Ability to perform internal security assessments.
- Network Threat Protection and response / reporting.
- PowerShell scripting
- Azure and AWS administration
- M365 administration and security
- Good knowledge of firewalls and networking
- Familiar with Kali OS
- Familiar with Linux based OS's
- Experience with Bloodhound, Sharphound, NMAP and other security tools.
- Experience with log management and SIEM
- Experience of threat hunting
- Experience creating security assessment reports and documentation.
- Incident response reporting experience
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.