IT Security Engineer

An exciting opportunity has become available for a Senior IT Security Engineer to join our well established team The successful applicant will be responsible for a range Trust IT Security policy implementation and development shaping the trusts long term IT patching cycle, to ensure a seamless and consistent delivery of IT Services Applicants must have achieved, or evidence of working towards & ability to obtain recognized IT Security qualifications such as CISMP, CISSP, CASP along with at least 3 years experience in an IT role which should include IT security as a responsibility & dealing with vulnerabilities, risks & threats The successful applicant must be able to take part in the teams out of hours on-call rota (1 in 3) this will attract an additional 9.5% on-call allowance in addition to the band 6 salary & section 2 unsocial hours enhancements. The on-call rota includes covering outside standard office hours, public holidays, and weekends. There may be a requirement to attend Trust sites in-person across the West Midlands at short notice Please note, a full UK driving licence is essential for this post If you require sponsorship, we would encourage you to contact the Recruitment team in the first instance to check your eligibility before applying. Deliver the role of Senior IT Security Engineer in accordance with the agreed Role Profile and Objectives. Utilizing specialist knowledge across the range of work procedures and practices relating directly to the arena of IT security. Assist as directed by the Head of IT Security, for the efficient and effective support of IT security systems and services throughout the Trust. Providing installation or repair and maintenance of WMAS trust physical assets as required. Assist the Head of IT Security to develop, contribute towards and implement the trusts long term strategic plans, policies, procedures and guidelines related to IT Security. Assist in the development of an IT Security awareness program and raise awareness of IT Security amongst staff, promoting an IT Security culture. Lead on ensuring and maintaining the Confidentiality, Integrity and Availability of Trust IT systems and services. Maintain and contribute towards the implementation of a suite of comprehensive IT security information systems across the organization as a major job responsibility. Alerting the Trust in real time to emerging NHS and Trust IT security threats. Ensure governing body directives, legislation, frameworks and internal policies are deliverable, implemented and adhered to. Assume wider responsibilities as assigned by the Head of IT Security Responsible for a range Trust IT Security policy implementation and

development shaping the trusts

long term IT patching cycle, to ensure a seamless and consistent delivery of IT Services. Assist in the translation of Trust Long term strategic plans, objectives and policy decisions into operational activity and provide feedback to ensure continuous quality improvements. Maintain high awareness of developing standards and innovations in the area of IT Security, and under the guidance of the Head of IT Security ensure the trust exploit opportunities. Both financial and technological as necessary to deliver optimal and cost-effective patient care. Ensure services are supported to agreed hours of service to agreed service levels by participation within the on-call rota. This will require attendance on site for remedial or planned activities. Act as an authority and provide specialist knowledge across the range of IT security procedures and practices, underpinned by theoretical knowledge and relevant practical experience. For the Trust and ensure delivery of associated IT systems and services. Work with stakeholders to ensure clear definition and agreement of service. In particular, with relation to possible downtime during patch management. Ensure these services are delivered and possible downtime communicated as necessary. Co ndu

c tr i sk

a ss e s s

m

e

n ts

as appropriate

and advise the Trust on IT Security concerns. Under the instruction of the

Head of IT Security

ensure IT Security risks are clearly identified, recorded, managed and directly communicated to IT Senior Management Team accordingly. W

he

nre q

u i r

e d,l i

ai

s e w ith external/third parties

to ensure the Trusts IT Security stance is not compromised. When completing agreed patching tasks. With relevance to external systems or services being connected to the Trusts network. Provide specialist knowledge as required or requested by other departments on the procurement of new solutions, systems or services to ensure they comply with the Trusts IT Security Strategy. Work with the Heads of IT Services to ensure the IT systems and services are affordable and cost effective. To contribute to the overall development of the Trust, to identify present and future opportunities, threats and risks in the IT environment with relation to IT security. Promote effective use of IT systems and services, developing IT Security awareness and promoting a culture of IT Security. Be responsible for managing and maintaining the various highly complex IT Security systems and services, as well as advising on future technologies, research and development. Participate in

continued professional development, training and courses as identified ensuring skills and knowledge are kept current. Provide specialist knowledge and advice on the effective use of Trust IT Services to staff, including promotion of the use of IT Security Policies & IT Security awareness programs. Identify staff IT Security knowledge gaps, develop and promote an IT Security awareness program in conjunction with other departments as required. Assist the Head of IT Security to identify and develop quality measures to ensure the highest levels of service delivery are achieved. Carry out complex projects pertinent to the work of the Trust under the direction of the

Head of IT Security,

assisting the production of management information, reports and recommendations. Conduct vulnerability assessments and other associated activities as appropriate underpinned by theoretical knowledge and relevant practical experience. within the Trust to Identify, remediate and mitigate risks to the Trust. Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds. Ensure all systems and applications where applicable are kept up to date and are encompassed in the patch management routine as detailed in the patch management policy. Assist the

Head of IT Security

with developing and maintaining an Incident Response Plan and Computer Emergency Response Team in relation to severe IT security incidents. Take part in activities that lead to personal and/or team growth. Including responsibility for providing briefings on developments in your field of specialist knowledge. Attend supervision and appraisal sessions with the Line Manager. Take a lead in identifying own development needs. Lead on investigating IT Security issues using analytical & judgmental skills to fault find in addition to liaising with other staff and departments &/or external third parties as appropriate. The post holder is expected to work with the minimum of supervision and may be expected to deal with other duties appropriate to their level and post. Travel to other Trust sites maybe required on an ad-hoc basis, therefore your own vehicle and a full clean UK drivers license is required. Mileage expense is available where appropriate for Trust business. Assume wider responsibilities as assigned by the

Head of IT Security

TPBN1_UKTJ