IT Cyber Security Analyst Truro, England
Job description
Cornwall NHS IT Services is excited to announce the creation of a new Cyber Security Operations Centre (CSOC). We canprovidea rewarding role of supporting healthcare acrossCornwall andare looking forcandidateswho want tofurthertheir careersin IT and specialiseincyber. This new team will play a vital role in ensuring the security and integrity of our IT systems and data and this is fantastic opportunity to help shape it from the outset. The successful candidateswill support the detection and prevention of threats on our networkand help the team in promoting good practice around cyber. If you have a passion for cyber security and a desire to be part of an exciting new project, then we want to hear from you. Apply now and be part of the team that helps to protect the NHS in Cornwall from cyber threats.
As a member of the CSOC team you’ll help provide operational cyber security across the department, proactively monitoring for threats and responding to cyber related incidents and alerts.
You'll be using your skills and knowledge to support vulnerability analysis across the estate, collaborating with others in IT to reduce threat exposure, and promoting good practice in relation to cyber.
You'll work as part of a team providing the safe onboarding of 3rd party devices to our network, the monitoring and authorisation of supplier and privileged accounts, and the configuration and management of security related tools (SIEM, proxy, EDR, etc.).
CITS provides a broad range of IT and digital services countywide for the NHS (Service Desk, Application Support, Infrastructure, Project Management, Cyber, Health Records). We're passionate about what we do, working with colleagues across the NHS and the integrated care system to innovate and provide the best healthcare we can. We're a caring, inclusive department with a high retention rate, supportive of flexible working and promote the wellbeing of staff.
As Cyber Security Analyst you will be part of CITS Cyber Security Operations Centre (CSOC) team. The role of the team is to support the NHS in Cornwall by providing operational cyber security, ensuring our systems are kept secure and protected, and reducing the impact from cyber incidents. The CSOC will be at the forefront in our proactive and reactive response to cyber related threats and incidents across the healthcare system countywide.
The key elements of the role encompass:
- Actively monitor and review security alerts from multiple sources to detect and respond to cyber related events and threats.
- Help with vulnerability scanning, using the data captured to work with colleagues to reduce cyber risk across our network.
- Be part of a specialist team providing timely security support and expertise as part of 24/7/365 service.
Operational
- As part of the CSOC team monitor and respond to cyber security related events, investigating in line with the team's procedures and providing timely remediation or escalation of threat alerts.
- Using the tools available to the CSOC team scan the estate for vulnerabilities, collating data in line with recommendations to help prevent security breaches.
- Help prepare operational security reports, including security event and security incident alerts from network, infrastructure, end point, database, application and data security sources for further analysis.
- Work with teams across the service to develop good practice to improve processes in relation to cyber.
- Help deploy, manage and configure the security solutions used to report, protect and remediate threats across the Cornwall NHS estate.
- Be part of an on-call rota to cover security alerts 24/7/365 alongside other colleagues from across the department.
- Provide advice and support to the healthcare community on cyber security, communicating sometimes complex information to a variety of audiences who have different levels of IT literacy.
- Contribute to a programme of continual service improvement within CSOC and cyber security practice across the system.
- Keep up to date with new developments within IT and especially cyber security to expand expertise and industry knowledge.
- 15,000+ fixed and mobile Windows IP based devices
- 2500+ network printers
- 500+ network switches
- 1000+ network and application servers
- 200+ locations throughout Cornwall
- 12,000+ users across the NHS in Cornwall
- 150000+ requests per year through CITS Service Desk
The CSOC Team will consist of the CSOC Manager, a Senior CSOC Analyst, two CSOC Analysts and two Junior CSOC Analysts. This team will work alongside other colleagues with a security remit within the department as well as associates from partner organisations. These include the CITS IG Manager, IT Security Lead (roles relating to governance, strategy and audit) and members of the infrastructure team.
KNOWLEDGE, SKILLS & EXPERIENCE REQUIRED
Knowledge
- IT related qualifications to NVQ Level 4 or experience working in an IT support role.
- Analytical skills and attention to detail, often combining data from multiples sources to investigate incidents and identify vulnerabilities, drawing conclusions and recommending a course of action or escalating based on your judgement.
- Ability to communicate complex information to a variety of audiences who have different levels of IT literacy and understanding relating to cyber security.
- Ability to work independently in line with agreed practice in the team, escalating to more senior colleagues based on your judgement.
- Core understanding across the range of technologies needed to manage an enterprise level IT infrastructure.
- Ability to organise and prioritise competing tasks in a complex IT environment.
- Experience in NHS or other major large-scale customer service oriented organisation.
- Experience of working in an IT support role where you needed to use analytical skills to investigate and solve problems.
Providing a measured and appropriate response to cyber incidents based on your training and knowledge, understanding the impact of your actions may have on the business and escalating effectively when needed based on your judgement.
- Input into the development of robust monitoring and response processes for cyber events and incidents.
- Monitor and measure the security posture across the estate, helping identify areas at risk and contribute to the implementation of proposed solutions.
- Support the automating and optimising of processes relating to cyber threat detection and response.
- Support the project and operational teams to ensure new models of service/service offerings are secure by design whilst meeting customer expectations and outputs.
- Help with training colleagues across the department on good practice and current processes relating to cyber security.
It is essential that the post holder maintains good working relationships with each section of the IT service, key colleagues in the health community, suppliers, and partner organisations. In particular: -
- The CSOC Manager as your line manager
- CSOC team members and the Security and Information Governance Managers
- Technical and Service Operations teams within CITS
- Programme and Project Managers
- Key stakeholders from other partner IT services and system support areas in the business
- Colleagues at any level when investigating an incident
- Being able to stay calm and analytical when dealing with an emerging cyber incident.
- Helping colleagues understand their contribution to the prevention, detection and response to security events.
- Providing a robust and responsive service in an environment that is continually transforming to meet demand.
- Prioritisation of workload as agreed with the manager to meet conflicting and competing pressures
- Dealing with stressful and emotional situations and occasional agitated or angry customers.
- Balancing the short-term reactive work whilst helping to contribute to the team longer term improvement goals.
