Cybersecurity Specialist

This role is part of the ICT Enterprise Security Team, which implements and manages processes and policies to cover all aspects of technical and physical security across all infrastructure assets. The team also assists in ensuring all new technologies and technical changes adhere to security standards and that the ICT service remains compliant with NHS and industry regulations and standards.

• Assist the Lead Enterprise Security Manager to ensure all new and changed technologies meet NHS and industry security standards.
• Develop and produce reports to ensure compliance to security standards, including Accredited Safe Haven (ASH), Data Protection and Security Toolkit (DPST) CE+, ISO270001, and others.
• Undertake ICT security projects as required, directed by the Lead Enterprise Security Manager or appointed manager.
• Act as a technical resource for IT security solution implementations.
• Develop, publish, review, and amend all ICT security policies to meet the requirements of the defined review cycle.
• Implement security controls and initiatives to ensure compliance with the organisational security policy.
• Lead security evaluation activities, utilising security tests such as commissioned IT health checks, auditing, vulnerability scanning, and penetration testing.
• Report testing results to management and commissioning customers.
• Ensure that all IT security documentation is continually up to date.
• Support the collation of information and reporting requirements to ensure NHS and ICT industry security compliance.
• Evaluate new security technology developments, including the recommendation of new technologies, where appropriate, internally for evaluation and proof of concept as suitable.
• Benchmark the IT security service to demonstrate quality and level of service being provided to its clients.
• Perform ICT security risk assessment, business impact analysis, and accreditation for all major information systems within the organisation.
• Support the following ITIL v3 processes – Risk, Capacity, Availability, IT Service Continuity, Information Security, Compliance, Architecture, and Supplier Management.
• Manage all toolsets, dashboards, alert mechanisms, and systems, including outputs and resulting tasks and remediations as required to deliver secure infrastructure and security compliance to the SWL ICB and its customers.

This role requires a strong understanding of security principles, policies, and procedures, as well as excellent communication and project management skills. The successful candidate will be able to work effectively in a team environment and demonstrate a commitment to delivering high-quality results.

The NHS South West London Integrated Care Board is an equal opportunities employer and welcomes applications from all qualified candidates.