Senior Cyber Security Engineer
| Posting date: | 07 August 2025 |
|---|---|
| Salary: | £48,527.00 to £55,532.00 per year |
| Additional salary information: | £48527.00 - £55532.00 a year |
| Hours: | Full time |
| Closing date: | 17 August 2025 |
| Location: | Cardiff, CF10 4BZ |
| Company: | NHS Jobs |
| Job type: | Permanent |
| Job reference: | C9028-25-0250 |
Summary
The Senior Cyber Security Engineer at Public Health Wales is primarily responsible for protecting the organisations digital infrastructure, systems and sensitive data by implementing and enhancing cyber security measures across all IT systems. This includes designing and documenting secure cyber infrastructure, including network architectures and communication systems, as well as ensuring that all cybersecurity controls align with national standards and best practices. The role involves proactively identifying and mitigating cyber risks, managing the organisations readiness for cyber threats, and leading responses to security incidents. The postholder will also oversee cyber audits, penetration testing, and incident investigations, often requiring collaboration with staff at all levels. Monitoring and analysing security events using tools like SIEM is a key duty, ensuring swift detection and response to threats. Additionally, the role includes mentoring cyber security team members, promoting professional development, and fostering a culture of continuous learning. Strong communication and organisational skills are essential, as the engineer must translate complex technical issues into clear information and deliver robust security policies and infrastructure under pressure. Qualifications and Knowledge Essential Educated to degree level (preferably in Cyber Security) or equivalent level of work experience and knowledge. Evidence of continual professional development. Awareness of national and international cyber security regulations, standards and frameworks (e.g. NIS Regulations, ISO 27001, NIST). Desirable Holds a relevant professional cyber security certification (e.g. CISSP, CISM). Membership of a professional body (e.g. BCS). Knowledge of IT systems within a healthcare environment. CCNP Security or equivalent experience. Understanding of aligning cyber security with organisational strategy. Experience Essential Relevant experience in a senior cyber security role, preferably within a healthcare environment. Extensive experience working on IT security-related issues. Management or supervisory experience. Experience in managing and motivating technical teams Ability to understand vulnerability scans and penetration tests and develop remediation plans. Experience developing and implementing cyber security policies, processes, and procedures. Experience managing phishing simulation & training and awareness campaigns. Experience with vulnerability scanning, incident response, and third-party risk management. Experience in monitoring and configuring warning and security systems. Desirable Cloud Security experience (e.g. Azure, AWS, GCP). Experience with firewalls, intrusion detection/prevention systems, and network design. Experience with Microsoft Windows Server and IP networking. Experience of working within ITIL-based change management processes. Ability to evaluate and select from a range of security tools and controls. Skills and Attributes Essential Excellent problem-solving and analytical skills. Excellent verbal and written communication skills. Ability to communicate clearly with non-technical staff and end users. Pragmatic approach to balancing security and usability. Ability to work independently and organise own and team workload. Strong planning, prioritisation, and organisational skills. Ability to handle sensitive information appropriately. Ability to make judgements involving highly complex information. Ability to manage IT and cyber security projects and technical implementations. Desirable Welsh Language Skills Other Ability to travel between sites in a timely manner to meet the needs of the service. Ability to travel and work away from base. Able to periodically work out of hours or at weekends when required. Able to participate in on-call rota.