Cyber Security Analyst

at  The Dudley Group NHS Foundation Trust

The IT Department is responsible for delivering Information Technology to the Dudley Group NHS Foundation Trust. In addition, IT is responsible for delivering IT services to other NHS organisations and private enterprises involved in the delivery of Healthcare. IT customers have a total user count
of over 10,000 with services being delivered from multiple Datacentres – cloud and on-premises
This is an exciting opportunity to join a growing Cyber Security service within the Digital, Data and Technology function at Dudley Group.
The post holder will be an integral part of the team delivering proactive and reactive support in terms of cyber and IT Governance
Undertake proactive and reactive cyber security support and monitoring
Support the development procedures for technical security
Carry out plans for incident handling and response
Carry out risk assessments and recommend actions to address risks
Provide support and advice on cyber security
Maintain cyber security dashboard for Management reports
Provide advice on innovation of policies, procedures, guidelines for maintenance of IT Security
At the Dudley Group our patients and staff are at the heart of all that we do and that is to provide a world class service that aligns with our vision of “excellent health care, improved health for all”. We are seeking to recruit staff who share our vision and values of making Dudley Group an incredible workplace.
We are committed to becoming a diverse and an inclusive employer and where people feel sense of belonging. Seeking to expand diversity within our teams, we positively encourage applications from under-represented groups such as ethnically diverse, disabled and LGBTQ+ groups. We are also under-represented in-terms of gender within nursing roles and we would welcome applications from people from male and non-binary backgrounds.
We are committed to home life balance through flexible working and making reasonable adjustments where possible
Continuously assess and proactive monitoring the security of IT infrastructure including firewalls, network switches, servers, virtual machines, client machines and cloud services using a variety of Cyber/IT security technology solutions such as Endpoint Detection and
Response (EDR) and Intrusion Prevention Systems (IPS)
Monitor and respond to systems and infrastructure alerts and scheduled system reports and use evidence based approaches to improvement
Support the development and implementation of the IT Security Policy, associated policies, accompanying standards, procedures and guidance.
Support the delivery of planned compliance reviews and internal audit programme, and assisting the Service Operations Centre Manager to ensure any gaps are addressed.
To investigate suspected and actual security incidents in accordance with internal Trust and NHS England security incident reporting systems, support the production of reports with recommendations and ensure any remedial action is completed.
Respond to enquiries from staff and provide security advice in accordance with best practice, mandated policies and procedures as required.
Work with internal stakeholders to develop relationships to help promote and improve information security and provide security and education advice on topics such as phishing and multi factor authentication
Assist the Trust’s IT Service Desk in relation to incidents and requests relating to information security
Provision and improvement of real or near-time dashboards to measure service delivery against key performance indicators
Provide input to the wider Trust development of security, disaster recovery and business planning processes
Maintain currency with emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies.
Support cyber security table-top exercises with Infrastructure and Services Teams.
Agree with line manager in relevant training requirements for personal development.
Regular training of staff across the organisation in terms of cyber security, communicating risks to the organisation and communicating effectively
Production of training materials to be utilised for education of staff across the organisation

Please refer the Job description for details