NHS Fife provides essential health care services to the population of Fife. Technology plays a vital role in the delivery of these services. The cyber security team helps ensure these services are always available and patient data is secure. Services are protected by monitoring, investigating security incidents and providing advice and guidance on the secure design and operation of technology and services.
The Cyber Security Engineer will be an IT security professional or IT engineer looking to move their career into the security field. They will assume a leading role for security assessment, monitoring and delivery across NHS Fife. Be responsible for ensuring new projects and existing systems are secure by design in accordance with security policies and regulatory standards, identifying and implementing improvements to the security architecture and monitoring and responding to security issues.
What you will be doing:
• Engaging with new projects during design and delivery phases to ensure security is considered at all stages.
• Interfacing with infrastructure and system architects to review technical designs.
• Managing product specific security controls, particularly PAM, NAC, IDS and vulnerability scanning.
• Being the primary point of contact for security advice.
• Managing the application and infrastructure pen testing in accordance with established processes.
• Triaging vulnerabilities resulting from scanning and pen testing and working with IT teams to manage remediation.
• Ensuring all systems have appropriate controls in place.
• Creates security documentation related to work area and completes requests in accordance with company requirements.
• Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
• Interfaces with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
• Provides status reports on security matters to develop security risk analysis scenarios and response procedures.
• Other related duties assigned as needed including mentoring apprentices.
What we are looking for:
• Knowledge of networks and/or infrastructure (protocols, design concepts, access control)
• Knowledge of security technologies (encryption, data protection, design, privilege access, etc)
• Experience of security tools (NAC, AV, Firewalls etc)
• Knowledge of UK and/or European information security laws, regulations, and best practices including NIS and DPA.
• Knowledge of security standards and frameworks such as ISO 27001 and Cyber Essentials.
• Proficiency in time management, communications, decision making, presentation and organizational skills.
• Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules.
• Decision-making and problem-solving skills.
• Verbal and written communication skills to technical and non-technical audiences of various levels in the organisation.
• Experience establishing and maintaining effective working relationships throughout the organisation.
What we offer you:
• A multifaceted job with a high degree of responsibility.
• Support for professional development.
• A competitive salary and benefits.
• Flexible working.
You may occasionally need to travel throughout Fife and sometimes across Scotland and provide any relevant out of hours support required by the organisation in response to cyber incidents.
A high level of English language competency and communication skills is necessary to perform this role safely and effectively.
For informal enquiries please email Fife.firstname.lastname@example.org
NHS Fife is legally obliged to ensure all its employees are legally entitled to work in the United Kingdom. If you are not a United Kingdom (UK) or Irish National, you are required to confirm your right to work in your application.