Lead Cyber Security Analyst

  • Harrogate and District NHS Foundation Trust
  • Harrogate HG2, UK
  • 29/02/2024
Full time Data Science Data Analytics Data Management Data Governance Cybersecurity

Job Description

Support strategic cyber security direction and security solution design across all core technologies including Cloud, Servers, Networking, Telecoms and Mobile devices. Lead and motivate staff within the team to deliver and improve cyber security related services, mentor and train staff within the department Ensure the IT systems security upgrades and patching processes are effective across automated deployments and any manual intervention required. Assist with the development and implementation of cyber security related policies, procedures, and guidance documentation for relevant systems or control processes. Lead in maintaining compliance with the DSPT, CareCERT or other accreditations, ensuring appropriate responses to NHSE, Cyber Auditors and any other 3rd parties.

Assist with the undertaking, scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolved. Ensure the team provide robust cyber security support for the IT service desk, that all operational processes are followed and the required documentation is completed Plan and lead on cyber security elements of Digital projects working directly with the Trusts project managers, manage the implementation of IT security projects. Work with the communications team to implement regular effective cyber security awareness campaigns and other ad-hoc cyber security related communications. Ensure timely and accurate information is provided to update the monthly cyber security KPIs, undertaking analysis and recommending improvements for any issues.

Engage in disaster recovery planning for all design aspects of technology working with the IT technical and support teams. To provide cyber security advice for IT equipment and Medical Device procurement, operational management and life cycling. Highlight areas of security practice that would benefit from review or improvement. Risk asses and implement cyber improvement suggestions or recommendations Undertaking research and development initiatives on a range of emerging technologies and the security threat landscape, keep abreast of industry developments.

Review highly complex security information; ensure understanding of the complex detail, present the risks to technical and to non-technical staff groups within the trust. Communicate a wide range of security issues which can be complex and multi-stranded to non-technical colleagues using appropriate and meaningful terminology. Negotiate cyber security priorities with IT, Operational and Clinical managers to ensure an agreed balance between cyber security and operational requirements is met. Help develop the Cyber Response and Business Continuity Plans working with IT, Operational, Emergency Planning and clinical staff groups.

Liaise with Regional partners and providers to ensure that the best practice cyber security techniques developed elsewhere can be utilised in the Trust, if appropriate Post holder will be required to participate in callout procedures to ensure any cyber incidents are appropriately responded to. Deputise for the IT Infrastructure & Cyber Security Manager on cyber security related matters as and when required. Raise the profile of the IT service, in particular to establish a reputation for providing an effective, timely and responsive service. Identify how each reported problem should be resolved, allocate resources if necessary and to ensure that all work is undertaken to the standard expected.
The post holder will be required to participate in the departmental on call rota.