Information & Cyber Security Analyst

The NHS Counter Fraud Authority (NHSCFA) is the national body responsible for all matters relating to the prevention, detection and investigation of economic crime across the NHS. Further information about our work and annual plan for delivering this is available on our website.

An exciting opportunity has arisen to join the NHSCFA Technology team as an Information & Cyber Security Analyst. We are looking for someone with a proven background in Information/Cyber security and a flexible “can do” attitude to work in the Information & Cyber Security (I & C) Team who manage and maintain the security of NHSCFA ICT infrastructure and information systems.

IMPORTANT Note: This position requires UK National Security Vetting to at least SC level. Please confirm residency below. We reserve the right to close this vacancy before the advertised closing date should we receive a significant number of applications.

Potential applicants can contact Kannan Soman at kannan.soman@nhscfa.gov.uk for an informal chat if they have any questions regarding the role.

The interview will be face to face 10sc at below address on 10/11th December 2025. Previous applicants need not apply.

NHS Counter Fraud Authority HM Government Hub, 7th floor 10 South Colonnade Canary Wharf London E14 4PU

• Proactively monitor IT systems; identify, manage and resolve security incidents, vulnerabilities, security alerts and threats.
• Perform penetration testing and contribute to maintaining security certifications, assurances and accreditations.
• Support the Security Incident Management Process as a member of the NHSCFA Security Incident Response Team.
• Carry out threat intelligence analysis and recommend or implement remediation or mitigation.
• Perform security risk assessments, identifying security gaps and recommending appropriate remediation.
• Create and prepare Cyber Security Operations reports.
• Manage security incidents and requests through to remediation and resolution.
• Actively manage, monitor and develop NHSCFA Cyber operations, including managing alerts, identifying and mitigating vulnerabilities and cyber threats.

• Knowledge and Experience – Essential
  • Minimum 2 years’ experience of 1st-3rd level technical support of IT infrastructure or security, both in person and remote.
  • Detailed knowledge of IT system monitoring (SIEM), Security Incident Management, Intrusion detection and prevention systems, Vulnerability Management, Network technology and operations, Windows 10 and Windows Server, SUSE Linux, Microsoft365, Information Security Management Systems ISO27001, Risk Management Process, IT system auditing, and IT security architectures.
• Knowledge and Experience – Desirable
  • Minimum 1 year experience as a SOC Analyst, Tier 1 or Tier 2.
  • Additional knowledge of Windows 10 and Server, SUSE Linux, Microsoft365, ISO27001, Risk Management Process, Public Services Network (PSN) and NHS N3, Database Security, Microsoft Sentinel.
  • Experience with software security architecture and software security testing.
• Specialist Knowledge – Essential
  • Knowledge of IT security and Data protection issues.
  • IT Service Management best practice, including ITIL and ISO20000.
  • Knowledge of Encryption Systems, Security Products (Authentication, Data Loss Prevention, SEIM), Firewall/WAF administration.
• Specialist Knowledge – Desirable
  • Knowledge of HMG Infosec standards and Good Practice Guides, including IS1.
  • ITIL foundation level certification.
  • Knowledge of current best practice in obtaining electronic evidence and digital forensic tools.
• Qualifications – Essential
  • Degree in computer science, information technology, or a related field, or equivalent experience in a related field such as network operations plus specialist security certification(s).
• Qualifications – Desirable
  • Recognised qualification in area of specialisation: EC-Council Certified SOC Analyst (CSA), EC-Council Certified Ethical Hacker, CompTIA Security+, CompTIA Network+.
• Communication Skills – Essential
  • Good communication and interpersonal skills.
• Vetting – Essential
  • Eligible for UK National Security vetting to SC level.
• Vetting – Desirable
  • Has UK National Security vetting at SC or above.
• Aptitudes – Essential
  • Thorough understanding of the use of remote management tools in the effective support of a user base distributed over a wide geographic area.
  • Well-developed interpersonal skills and the ability to communicate effectively and articulate ideas and plans verbally, in a logical and coherent manner.
  • Ability to form and build working relations with a wide range of people and organisations.
  • Ability to interpret complex information, solve problems and identify solutions.
  • Demonstrable understanding of Equal Opportunities and valuing diversity.
  • Ensure and maintain the highest standards of integrity and professionalism.

Pay scheme: Agenda for change

Band: Band 6

Salary: £38,682 to £46,580 a year

Contract: Permanent

Working pattern: Full-time, Flexible working, Home or remote working

Reference number: 076-CFA7602326

Job locations: NHSCFA, 7th Floor, 10 South Colonnade, London E14 4PU

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Employer name: NHS Counter Fraud Authority

Address: NHSCFA, 7th Floor, 10 South Colonnade, London E14 4PU

Employer's website: https://cfa.nhs.uk/