Cyber Security Analyst

As a Cyber Security Analyst at The Christie, your main duties will encompass a range of responsibilities crucial to protecting our digital infrastructure, and data. You will play a key role in administering and optimising our cyber security toolset, which includes antivirus solutions, vulnerability scanners, and threat protection services. Your proactive approach will ensure that all cyber security tools are configured according to best practices and compliant with NHS guidelines., Continuous monitoring of the Trust's cyber and security systems is a fundamental part of your role, where you will detect, analyse, and respond to any cyber security incidents or breaches. This includes managing the incident response process, documenting actions taken, and reporting findings to minimise the impact on our operations. You will also assess and manage the cyber security risks associated with our IT systems, ensuring compliance with legal and regulatory requirements such as GDPR. CAF/DSPT. In addition to these technical duties, you will maintain the Trust's risk register and prepare comprehensive reports on our cyber security posture. Effective communication with both internal and external stakeholders is essential to raise awareness about cyber security issues and strategies. You will provide regular updates to senior management and non-technical staff, ensuring they are informed about critical security matters and preventive measures. Collaboration is key in this role, as you will work closely with various Digital Services teams to design and implement system enhancements that strengthen our cyber security defences. You will also participate in security projects, ensuring they align with our strategic goals and IT infrastructure developments. Your involvement in internal and external audits related to IT security will help ensure adherence to security policies and procedures.

Working for our organisation Our Digital team ethics are built on the foundation of trust, respect, and open communication. We recognise the value of diverse perspectives and encourage all team members to share their ideas and knowledge. By actively listening to each other and engaging in constructive dialogue, we foster a culture of continuous learning and growth, enabling us to stay agile and adapt to the ever-changing landscape of healthcare and technology. Teamwork is a vital aspect of our working culture, as we understand that collaboration often leads to more effective problem-solving and higher-quality outcomes. We encourage our team members to work together, share responsibilities, and leverage each other's strengths to achieve our collective goals. This spirit of cooperation not only enhances our overall performance but also creates a sense of camaraderie and belonging among team members. We are committed to maintaining a working environment that prioritises the well-being and professional development of our team, by providing access to resources, training, and mentorship, we invest in our team members' growth and empower them to reach their full potential. We also strive to maintain a healthy work-life balance, recognising that personal well-being is essential to sustained professional success., + Administer and optimise the use of the Trust's cybersecurity toolset, which includes antivirus software, vulnerability scanners, SIEM systems, threat protection services, and patch management solutions.

• Ensure that all cybersecurity tools are configured according to best practices and compliant with NHS guidelines and standards.

• Conduct continuous monitoring of the Trust's IT systems to detect, analyse, and respond to cybersecurity incidents and breaches.

• Manage the incident response process, including documentation and reporting, to mitigate risks and minimize the impact of security breaches.

• Assess and manage cybersecurity risks associated with IT systems and operations.

• To manage, maintain, and update firewall rules in line with security best practice and ITIL change management.

• Ensure compliance with relevant legal and regulatory requirements, including GDPR and NHS-specific security mandates.

• Maintain the Trust's risk register, updating and evaluating the effectiveness of security measures regularly.

• Prepare comprehensive reports on the state of the Trust's cybersecurity, detailing vulnerabilities, incidents, and overall security posture for review by senior management.

• Document security breaches and the measures taken to resolve them in a timely and detailed manner.

• Communicate effectively with internal and external stakeholders to raise awareness about cybersecurity issues and strategies.

• Provide regular updates to, senior management, and non-technical staff on critical security matters and preventive measures.

• Collaborate with Digital Services teams to design and implement system enhancements that bolster the Trust's cybersecurity defences.

• Participate in the planning and execution of security projects, ensuring alignment with strategic goals and IT infrastructure developments.

• Assist in internal and external audits related to IT security to ensure adherence to security policies and procedures.

• Work with audit teams to address any findings and implement recommended changes to security practices and controls.

• Stay abreast of the latest cybersecurity trends, tools, and practices through continuous professional development.

• Facilitate and participate in cybersecurity training sessions for other IT staff and end-users within the Trust to promote security awareness and best practices.

• Ensure that all backup systems are secure, and that data integrity is maintained during backup and recovery processes.

• Maintain flexibility to respond to urgent cybersecurity issues outside of normal working hours as required The closing date for this post may be extended if there are insufficient applicants or brought forward if there is a high volume of applicants. Application Information - If you have not heard from us within four weeks of the closing date, I regret that on this occasion your application will have been unsuccessful. Sponsorship Information - We are an approved sponsoring organisation. Applications will be considered from applicants requiring sponsorship alongside all other applications. Please be aware, not all roles are eligible for sponsorship. You can review the list of eligible role and requirements on the government website. Pre-Employment Checks - To confirm your suitability for the role, we will carry out pre-employment checks in line with NHS Employment Check Standards. These include:

• Identity verification

The Christie NHS Foundation Trust, a world-renowned cancer centre, are seeking an experienced and skilled Cyber Security Analyst (Band 6) to work with us.

+ Disclosure and barring service (DBS)/Criminal record check (dependent on role, payment of this will be the applicants responsibility) + Professional registration and/or qualification check + Occupational health assessment + Employment history and reference validation All applicants external to The Christie NHS Foundation Trust will be required to provide their HMRC employment history to cover the most recent three years employment. This information will used to validate employment history and references. If you require sponsorship, we will assess your eligibility based on current government guidance. If the role is not eligible and you cannot demonstrate your right to work, your conditional offer may be withdrawn. If You're Offered the Role - you will be agreeing to The Christie NHS Foundation Trust transferring the information contained in this application to its preferred applicant management system. If you are offered a job information will also be transferred into the national NHS Electronic Staff Records system. Please note, all communication regarding your application will be made via email, please ensure you check your junk/spam folders as emails are sometimes filtered there. The Inter-Authority Transfer (IAT) process is a critical and beneficial component of ESR and will form part of the recruitment process. In the event that you are successful following interview your previous NHS employment data, if applicable will be transferred from your current / most recent employer. Sponsorship Information - We are an approved sponsoring organisation. Applications will be considered from applicants requiring sponsorship alongside all other applications. Please be aware, not all roles are eligible for sponsorship. You can review the list of eligible role and requirements on the government website. No Smoking Policy - You should be aware the Trust operates a No Smoking Policy and therefore employees are not permitted to smoke at work. Additional Information - We want to ensure that everyone who works at the Christie or uses our services is welcomed, valued and treated with dignity and respect. The Christie values diversity and is committed to ensuring equal opportunities for all and fair representation across the organisation at all levels. In support of these commitments, we particularly welcome applications from Black, Asian and other ethnic minority people and people with disabilities for this post. Appointment will be only on merit. We are committed to creating a balanced and diverse workforce. As such we welcome and encourage applications from people of all backgrounds. Together we will foster inclusion and tackle inequity and health inequalities in cancer care. As users of the disability confident scheme, we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancy. The Christie NHS Foundation Trust is committed to the highest standards of ethical conduct and integrity in all our activities. We have a zero-tolerance approach to modern slavery in any of its forms, including slavery, servitude, forced or compulsory labour, and human trafficking. We are fully committed to acting ethically and with transparency in all our business dealings and relationships, and to implementing and enforcing effective systems and controls to ensure modern slavery is not taking place anywhere in our organisation or supply chains.