Warning
Mae'r hysbyseb swydd hon wedi dod i ben ac mae'r ceisiadau wedi cau.
Cyber Security Manager | Mid and South Essex NHS Foundation Trust
| Dyddiad hysbysebu: | 12 Gorffennaf 2024 |
|---|---|
| Cyflog: | Heb ei nodi |
| Gwybodaeth ychwanegol am y cyflog: | £50,952 Per Annum (excluding oncall enhancements) |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 11 Awst 2024 |
| Lleoliad: | Southend, SS2 6GE |
| Cwmni: | Southend University Hospital NHS Trust |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 6452006/390-COR-SO-0277 |
Crynodeb
You will work in our busy team, delivering an outcome-focused, professional and high-qualityservice at all times.
As the primary point of contact for all IT security related queries, you will play a key role in the team, managing operational responsibilities, and be accountable for the day to day running of the cyber security team.
You will utilise your broad working knowledge of the field, and as a subject matter expert, provide expert advice to the cyber and senior leadership team. Liaise with the Information Governance to ensure there is a joined-up approach between security and governance.
As a critical service for the organisation, participation in an on-call rota will be required once you have acquired sufficient organisational knowledge and experience within your role.
You will build working relationships with ease and work with a diverse group of stakeholders, communicating in a clear, concise, timely and effective manner.
You will participate in larger pieces of security work, including the monitoring of security controls/processes and policies, provide assurance that existing controls are maintained, as well as a being proactive subject matter expert in team projects.
As a service lead you will take ownership of complex problems and drive to a successful, timely and secure resolution.
You will oversee cyber risk assessments including supply chain risk management, ensuring that security monitoring controls are robust and effective, and ensure that audit or remediation actions are completed in a timely manner.
With a workforce of approximately 15,000 staff, we can now do more and go further in delivering health services to our local communities.
Our ambition is to deliver excellent local and specialist services, to improve the health and wellbeing of our patients, and provide a vibrant place for staff to develop, innovate and build careers.
Patients will experience improved care as well as fewer delays and cancellations. We are able to provide more once-in-a-lifetime specialist care region-wide. With our new trust size will come more opportunities for development, research, networking and innovation.
We aim to make the most of our skills and experiences so we can become the best we can be. As one organisation we will recruit the finest and retain more specialist staff due to more employment opportunities across our Trust.
A summary of responsibilities are as follows, please also refer to full job description.
Communication
• Strong verbal and written communication skills and able to chair cyber meetings, and respond to technical and non-technical cyber security enquiries.
• Responsible for communicating, developing and maintaining effective relationships with staff at all levels in the organisation and relevant external parties.
• Develop and manage a communication strategy to the relevant staff members impacted or Trust wide when delivering on short and long term strategies, relating to IT security.
• Engaging with SME’s agree, prioritise and monitor the delivery of mitigation actions
Analytical and Planning
• Work with methods such as user-centred design, Agile or Lean, ensuring that you set appropriate security expectations at different phases of discover, test, build/buy, deploy and decommission. You will assess the risk and deliver the right amount of security and governance to mitigate it.
• Review cyber threats and vulnerabilities, evaluate and report potential risks to senior colleagues in the organisation, together with remediation plans
• Research and evaluate emerging Cyber Security threats and ways to manage them, providing reports and/or presentations where appropriate to senior stakeholders.
• Co-ordinate maintenance, development, and testing of the organisations cyber security incident response plan to ensure that it is effective, aligned with industry standard best practice guidance and is robustly tested on a regular basis.
• Share security findings to Digital SLT, as well as KPIs, KRIs, and cascade threat briefs to both technical and non-technical staff which may Including board level escalations.
• Identify the need for and organise Cybersecurity related training in the wider organisation.
• Provide leadership and management for the team.
• Proactively plan and review systems and process to reduce operational and security risks.
• Be responsible for ensuring the operation and security of the Trust’s IT systems and infrastructure is in line with current best practice, UK legislation and national guidelines, including admin rights to some systems. (these information systems are utilised by several services and this is a major part of job responsibility)
• Provide assurance to the CISO & Board that controls are working, and patch statuses are good
Policy and Service Development
• Lead on the development and implementation of policies that encourage secure working and protect data across the Trust.
• Responsible for coordinating any future security accreditation and delivery of local, ICS and National Cyber Security strategies.
• Develop and deliver on structured short- and long-term strategic plans to address gaps in security across the Trust and meet recommended standards in Cyber Security within the organisation
• Regularly present and report to the Chief Information Security Officer (CISO) on the progress of short- and long-term strategic plans.
• Implement and monitor the progress of the short- and long-term strategic plans ensuring that adjustments are made, and issues are resolved efficiently and effectively to avoid delays with successful completion of the strategic plans.
Financial and Physical Resources
• Responsible for specification and development of costed proposals and business cases for IT Security development projects.
• Develop and support comprehensive business cases and funding bids to secure necessary internal and/or external funding to reduce cyber security risk to the organisation.
• This is a technical management role that requires the ability to both manage a technically focused service and develop the strategy for that service. Take responsibility for delegated budget, ensuring effective planning and allocation of costs and resources relating to IT security systems.
• Engaging and organising external resources that have been recruited or commissioned to complete cyber security related work.
Staff Management
• Responsible for the direct line management of Cyber Security related job roles that sit under the organisational structure for this role.
• Monitor and manage functions/responsibilities that are carried out by staff outside of the direct line management structure. I.E., if a function or responsibility that comes under the control of the Cyber Security service sits within another staff structure the post holder will monitor and manage those staff following the appropriate escalation processes
• Participate and actively contribute, providing highly specialists advice during the negotiations between parties relating to clinical and non-clinical system designs and development process across the Trust
Information Resources
• Required to prepare reports that evaluate Cyber Threats and propose appropriate course of action to mitigate the risk
• Regularly undertakes survey, audits or research to support service development
• Modification of Cyber Security system setting to ensure appropriate monitoring is undertaken for all new digital assets and systems
• Perform root cause analysis (RCA) on security incidents and update knowledge base for future learning.
This advert closes on Friday 26 Jul 2024