IT Specialist (Cyber Resilience)

An exciting opportunity has arisen to join the NHS Wales Cyber Resilience Unit as an IT Specialist. We are looking for someone with a proven background in Information/Cyber security, a flexible 'can-do' attitude and approach to work, and the ability toprovide advice and assurance that security riskacross NHS Walesis being managed appropriately.

Whoarethe CRU?

The NHS The NHS Wales Cyber Resilience Unit (CRU) is an independent team hosted by Digital Health and Care Wales (DHCW). TheCRUhas beenestablishedto operationalise the NIS regulations on behalf of Welsh Government. It has oversight of NIS audits, and the associated action plans to remediate any gaps which those auditsidentify.

The CRU also provide support and advice for those completing the NCSC CAF reporting framework and reporting incidents in line with legislation such as NIS and the upcoming CSRB. They are also responsible for reporting on the status of the NHS Wales cyber posture to Welsh Government as Competent Authority.

An IT Specialist (Cyber Resilience)is responsible forproviding support to the CRU team to ensure the auditing and reporting service to NHS Wales is of an excellent standardin order toestablishthe CRU as world-class national service.

The IT Specialist will support the reporting and auditing process, carrying out their duties in a consistent,conciseand professional manner,in accordance withcyber security legislation such as the NIS regulations and the upcoming CSRB, best practice, and Welsh Government requirements.

Please see the attached Job Description for a more complete picture of the post.

The ability to speak Welsh is desirable for this post; Welsh and/or English speakers are equally welcome to apply.

Digital Health and Care Wales (DHCW) is an expert national body and part of NHS Wales. We work in partnership with NHS Wales colleagues and other key stakeholders to provide national digital and data services which support the delivery of health and social care in Wales. Modern health and care services depend on good digital tools, data and information. DHCW runs or works with more than 100 services and delivers major national digital transformation programmes to support this. In addition, DHCW provides expert advice in relation to cyber security and information governance. We give frontline staff the digital tools which help them provide safer and more efficient care. We are also giving patients and the public digital tools to better manage their own health and wellbeing, empowering people to live healthier lives. We put people at the heart of what we do, working to the highest standards to deliver quality and make digital a force for good in health and care.

Working for DHCW offers lots of employee benefits, including flexible working, a competitive salary, 28 days of annual leave plus Bank Holidays and opportunities for career development. We are committed to recognising and celebrating our staff as the most valuable part of our organisation.

You will be able to find a full Job description and Person Specification attached within the supporting documents or please click "Apply now" to view in Trac

What we are looking for

IT Specialists in Cyber Resilience should be educated to,or working towards, degreelevel (preferably ICT or Cyber Security),or have an equivalent level of work experience and knowledge, preferably in an Audit, IT or Cyber Security function.

Candidates will havea good levelof knowledge gained throughhigher-level education, training, and/orworkexperience at this level, across the range of workICT and information securityprocedures and practices.The following would be an advantage:

An understanding of the NCSC Cyber Assessment Framework (CAF).

Theoretical and specialist knowledge gained via recognised Audit or Cyber Security qualification or equivalent.

Knowledge of NHS Wales or the Health sector.

There will be a requirement to travel throughout Wales between sites, as required by the joband the ability to speak Welsh is desirable for this post; Welsh and/or English speakers are equally welcome to apply.

• Educated to or working towards degree level (preferably ICT or Cyber Security) or equivalent level of work experience and knowledge.
• Evidence of relevant experience, higher-level education and/or training.
• An understanding of the NCSC Cyber Assessment Framework (CAF).
• Theoretical and specialist knowledge gained via recognised Audit or Cyber Security qualification or equivalent
• Knowledge of NHS Wales or the Health sector.

• Evidence of relevant further higher-level professional development.
• Relevant experience working in an Audit, IT or Cyber Security function.
• A good understanding of application and network security
• Experience in providing guidance or technical / security support at appropriate level.
• Experience with ICT service provision in a health care setting.
• Report, SOP/Procedure writing.
• Experience working with SIEM solutions.

• Ability to communicate clearly with technical and non-technical staff at all levels of the organisation.
• Ability to communicate clearly with technical and non-technical staff at all levels of the organisation.
• Able to evaluate and assist in selection of best practice security controls.
• A broad range of ICT Skills and understanding.
• Enthusiastic, self-motivated, looks for opportunities to improve services, staff and self.
• Welsh language skills are desirable at levels 1 or above.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.