IT Security Engineer Leeds, England
Job description
Job Description Job Title: Security Engineer Pay Band: AfC Band 7 Hours: 37.5 Accountable to: Lead IT Engineer Location: NHS Resolution Offices Purpose: Values: The post holder is expected to fully understand, embrace and uphold NHS Resolutions Purpose and Values: To provide expertise to the NHS on resolving concerns fairly, share learning for improvement and preserve resources for patient care. Professional Being an organisation which operates to the highest possible professional standards. Expert Being the centre of expertise for resolving claims, disputes and concerns about performance. Ethical Having high standards and doing the right thing.
Respectful Dealing with customers, colleagues, patients and the public in a considerate and respectful way. Key Working Relationships Internal All NHS Resolution staff External Panel firms and other external stakeholders IT consultants and support contractors Other technical professionals NHS Digital Job Summary Led by the organisations Chief Information Officer, the Digital, Data and Technology Directorate, (DDaT) is an exciting high performing function with a challenging programme of work and a department structure aimed at progression, development and high operational and strategic outputs. As part of that programme of work, DDaT is delivering projects and programmes to improve the way the organisation operates and handles its information. To support this goal and working under the direction of the Lead IT Engineer, the Security Engineer is primarily responsible for maintaining the organisations developing security posture and contributing to implementing any security controls and technologies.
The Security Engineer is also responsible for the provision of support to the Service Desk function as well as NHS Resolutions legacy Infrastructure. The post-holder should demonstrate a strong commitment to continuous service improvement and development and ensure the values of NHS Resolution are demonstrated by the Engineering Team. Main Duties and Responsibilities Communicates Effectively Will be explaining highly complex technical issues with end users which may involve converting technical terms into everyday language, for both IT and non-IT staff As a project resource or subject matter expert, the post holder will be expected to attend meetings where highly developed communication skills will be essential. The post holder must be able to express and describe highly complex, multi-stranded or contentious technical information effectively as well as produce and understand technical architecture diagrams and illustrations using Microsoft Visio and other platforms Work with other subject matter experts on projects and programmes Act as an ambassador for the team by developing and maintaining good working relationships across the organisation Communicate and liaise with staff at all levels within the directorate including senior members of DDaT as well as external staff to resolve IT specific faults across the organisation.
Provide advice and assistance on the organisations developing security infrastructure Providing out of hours technical support and emergency technical assistance on an ad-hoc basis Analytical and Judgemental Skills Undertake security analysis, interpretation and comparison of highly complex problems and technical issues across a wide range of technologies projects and infrastructures (cloud and legacy) Manage a multiplicity of targets and objectives, whilst ensuring that expert judgements support and advice is provided at all times Make judgements on complex system configurations and implementations Ensure any system changes are planned and controlled effectively so as not to compromise the stability of any IT systems or NHS Resolution business processes Ensure focus is maintained in minimising the impact of problems that have the potential of affecting services that are provided to stakeholders Analyses where the breaches of security are, anticipate issues and sources solutions Planning and Organisation Contributes to the long term strategic planning relating to cyber security issues, and its solutions Priorities and triage issues as to their priority to be resolved Policy and Service Development Assist the Lead IT Engineer on technical aspects of ongoing and future IT cyber security developments Contributes and implements new and improved ways of working, resulting in streamlining procedures, and enhancing the departments reputation Financial and Physical Resources Responsibilities Assist with appropriate 3rd party contract service management such as maintenance/managed services/security, including obtaining best value for money when renewing or sourcing potential suppliers Responsible for expensive equipment safely used by others by sharing knowledge ensuring staff can identify cyber-attacks are minimal, including fire wall installation Maintenance and repairs on expensive equipment Information Resources Maintain expert knowledge of IT and information security procedures as well as security and technical standards. Assist and provide input into the formulation of security initiatives and procedures Develop and support software solutions using a range of technologies and tools, requested by others. Maintain a good understanding of NHS Resolution departmental objectives, ensuring the provision of integrated solutions and user objectives are met and achieved Adapts and designs several systems to ensure security is maintained. Implement systems adhering to local and national NHS standard including but not limited to National Cyber Security Centre Responsible for the implementation of cyber security standards and controls and that security process are maintained and kept up-to-date Proactively monitor the network infrastructure and its systems to ensure that services and systems remain secure and operational Responsible for ensuring that NHS Resolution remains compliant with appropriate licence agreements and software asset management Research and Development Assists in the provision of sustainability audits and remedial actions in regards to cyber security Tests all systems to ensure continuity of services is maintained on a regular basis as a major part of the role Freedom to Act Acts in accordance with policy Contributes and suggests revisions in internal technical processes Makes decisions in the best interest of the projects Leads on research and produce option appraisals on new IT technologies, tools and standards and their application, in order to advise in the formulation of projects and programmes Leads on testing new systems Leading on security projects and implementing changes with the Lead Engineer Develops Self, Others and Team Participate in the Annual Performance Appraisal process, sourcing and undertaking training as identified in the Personal Development Plan Post holder will be responsible for helping to identify their own continued professional development needs and undertaking such training to support this as agreed with the Lead IT Engineer Responsible for participating in own training and professional development as encouraged by the directorate Ensure that appropriate departmental KPIs are met Trains staff throughout the organisation on how to maintain cyber security by sourcing and/or designing training Demonstrate to members of the help desk how to resolve issues on an as-and-when basis Physical Effort Post requires the post holder to sit in a restricted position for the majority of the working day; the post holder will be required to move and carry IT equipment on an occasional basis The role requires physical skills such as speed and accuracy when producing technical documentations, Server and network configuration and project planning documentation within tight deadlines Lifting heavy equipment Mental Effort Frequent long periods of intense concentration required for meticulous detailed analysis of complex and sometimes sensitive IT issues.
Analysing complex streams of information in order to diagnose and design technical solutions. The post holder will be required to deal with unpredictable interruptions on a daily basis Works in a fast paced environment Working Conditions Normal office or remote working conditions with a requirement to use a computer for the majority of the working day. The post holder will be required to travel to attend external meetings on an occasional basis The post holder will have occasional exposure to unpleasant working conditions (ie dust, noise etc) when installing and maintaining IT equipment
