This is a senior position within the ICT Department and is a key role in ensuring the security and integrity of the ICT systems and estate. This responsibility also extends to all information held by the organisation and its customers.
The post holder will establish a close working relationship with the Information Governance service and be their point of contact for all security related issues.
To ensure all security breaches are investigated and reported on with the emphasis on preventing reoccurrence
To promote a high level of security awareness throughout the organisation
The post holder should be agile and embrace flexibility and responsiveness to changing requirements; align closely with our customers to provide an agreed level of service; have customer focus at the core of Infrastructure Systems and strive for best practice and quality at all times.
To provide expert advice in complex situations which can impact the whole Trust, and impact on clinical service delivery.
Acting as a resource and source of expertise for the Organisation, with specific focus on security and confidentiality.
To represent the organisation at various internal and external forums on all security related topics
To deputise for the ICT Manager when required
The post holder will provide support to senior project leads and be a point of technical escalation for operational IT staff.
2.2 Key responsibilities.
- Facilitate the development and implementation of security controls required to secure the organisations external ICT environment.
- Develop a proactive approach to security incident prevention activities which protect systems and infrastructure from attack.
- Manage security incident investigation, perform root cause analysis and lessons learned, and provide reports to Senior Management as required.
- The post holder will be responsible for assisting the ICT Manager with the formulation of long term strategic security goals.
- When necessary the post may require reports on IT related issues to be written for dissemination to other departments or committees.
- The post holder will be required to interpret technical or administrative documentation and advise the Trust as to their implications in a manner easily understood.
- Responsible for providing significant technical expertise and experience, standards development, program development, security assessment, risk assessment, reporting, awareness education, and highly visible leadership related to security of computing and information technology
- Perform information security risk assessments and serves as an internal auditor for security issues
- Takes the department lead in facilitating the internal and external audit activities.
- Implements information security policies and procedures for the organisation.
- Reviews all system-related security plans throughout the organisation's network, acting as a liaison across all teams
- Perform technical security evaluation of products, monitors compliance with information security policies and procedures, referring problems to the appropriate department manager
- Monitors the internal control systems to ensure that appropriate access levels are maintained
- To perform functions according to agreed national / organisational / department standards.
- To stay abreast of current and newly developing technologies and practices in own technical domain.
- To professionally represent the service and clients at regional and national level with appropriate support from others.
- Compliance with the Trust policies and procedures including code of conduct.
- To be proactive in risk management in line with organisational policy and procedures
- Manage security activity according to agreed priorities.
- Engage internal and external resources as appropriate.
- Contribute to CAB approvals and raise security related CABs to effectively implement controlled changes
- Manage the work load delegated to other Informatics personnel in relation to the cyber security workload.
- Produce detailed action plans, progress reports and exception escalations on a regular cycle.
- Senior Management Teams - particularly The Informatics Board (IB), and the Information Governance Group (IGG).
- Customer groups - clinical and non-clinical
- Informatics senior managers, team leaders and staff
- Others as required
PLEASE NOTE: THIS POST IS INITIALLY FOR UP TO 3 MONTHS WITH THE VIEW OF EXTENSION.
DUE TO THE LARGE VOLUME OF APPLICATIONS WE RECEIVE IT IS ONLY POSSIBLE TO RESPOND TO SHORT LISTED CANDIDATES. IF YOU HAVE NOT BEEN CONTACTED WITHIN 3 WORKING DAYS OF YOUR APPLICATION THEN ON THIS OCCASION YOUR APPLICATION HAS NOT BEEN SUCCESSFUL.
- Infrastructure security