Cyber Security Engineer

Job Description:

Job reference: 068588

Location: Lynebank Hospital

Job closing date: 23/09/2021

Job posted date: 09/09/2021

Salary: Band 6 (£33,072 - £40,736)

Employment type: Permanent

Job Type: Administrative Services

Hours of work: 37.5

Department: Digital and Information

Employer (NHS Board) : NHS Fife

NHS Fife provides essential health care services to the population of Fife. Technology plays a vital role in the delivery of these services. The cyber security team helps ensure these services are always available and patient data is secure. This role will ensure services are protected by monitoring, investigating security incidents and providing advice and guidance on the secure design and operation of technology and services.

The Cyber Security Engineer will be an IT security professional or IT engineer looking to move their career into the security field. They will assume a leading role for protecting digital assets, security assessment, monitoring and delivery across NHS Fife. Be responsible for ensuring new projects and existing systems are secure by design in accordance with security policies and regulatory standards, identifying and implementing improvements to the security architecture, and monitoring and responding to security issues.

What you will be doing:

• Engaging with new projects during design and delivery phases to ensure security is considered at all stages.

• Interfacing with infrastructure and system architects to review technical designs.

• Managing product specific security controls, for exampleparticularly, Endpoint PAM, NAC, IDS and vulnerability scanning.

• Maintaining up to date knowledge of the current threats, vulnerabilities and technology trends to maintain cyber awareness for digital operations.

• Being the primary point of contact for security advice.

• Managing the application and infrastructure pen testing in accordance with established processes.

• Triaging vulnerabilities resulting from scanning and pen testing and working with IT teams to manage remediation.

• Ensuring all systems have appropriate security controls in place.

• Creates security documentation, policies and procedures related to work area and completes requests in accordance with company requirements.

• Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts those improvements for communication to management.

• Interfaces with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.

• Provides status reports on security matters to develop security risk analysis scenarios and response procedures.

• Other related duties assigned as needed including mentoring apprentices.

What we are looking for:

• Knowledge of networks and/or infrastructure (protocols, design concepts, access control)

• Knowledge of security technologies (encryption, data protection, design, privilege access, etc)

• Experience of security tools (NAC, AV, Firewalls, vulnerability scanning etc)

• Knowledge of UK and/or European information security laws, regulations, and best practices including NIS and DPA.

• Knowledge of security standards and frameworks such as ISO 27001 and Cyber Essentials.

• Proficiency in time management, communications, decision making, presentation and organizational skills.

• Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules.

• Decision-making and problem-solving skills.

• Ability to keep calm during potentially stressful situations..

• A genuine curiosity and willingness to learn new skills and research new ideas.

• Verbal and written communication skills to technical and non-technical audiences of various levels in the organisation.

• Experience establishing and maintaining effective working relationships throughout the organisation.

What we offer you:

• A multifaceted job with a high degree of responsibility.

• Support for professional development and security research.

• A competitive salary and benefits.

• Flexible working.

You may occasionally need to travel throughout Fife and sometimes across Scotland and provide any relevant out of hours support required by the organization in response to cyber incidents.

A high level of English language competency and communication skills is necessary to perform this role safely and effectively.

For informal enquiries please contact fife.ehealthrecruitment@nhs.scot

NHS Fife is legally obliged to ensure all its employees are legally entitled to work in the United Kingdom. If you are not a United Kingdom (UK) or Irish National, you are required to confirm your right to work in your application.