Skip to main content
Please wait, loading

Job summary

Main area
Cyber Security
Grade
Band 6
Contract
Permanent
Hours
  • Full time
  • Flexible working
37.5 hours per week
Job ref
082-AC091-1224
Employer
Health Education and Improvement Wales
Employer type
NHS
Site
Ty Dysgu
Town
Nantgarw
Salary
£37,898 - £45,637 per annum
Salary period
Yearly
Closing
06/01/2025 23:59

Employer heading

Health Education and Improvement Wales logo

Cyber Security Analyst

Band 6

 

 

Job overview

An exciting opportunity has arisen for a Cyber Security Analyst within the Digital directorate at Health Education and Improvement Wales.

The post holder will be responsible for monitoring and managing cyber security services and promoting a culture of cyber security awareness.

The ideal candidate will need to demonstrate excellent planning and administrative skills, technical prowess and a practical knowledge of cyber security concepts. An excellent communicator is required to build and establish close working relationships throughout HEIW and the wider NHS Wales community.

Main duties of the job

The post holder will be responsible for monitoring cyber security services, responding to incidents and issues, and contributing to the development of cyber-related policies, procedures and processes. As a member of the cyber security team, you will be responsible for defining and completing vulnerability scans and working with third-party service providers to review compliance with good and best practice.

The post holder will be responsible for ensuring the timely remediation of cyber security incidents and providing specialist knowledge and support. You will work directly with the Cyber Security Manager and Head of Cyber Security & Information Assurance to assist in the development of organisation-wide cyber security awareness and training packages. Building and driving forward a cyber-aware culture is especially important now that digital services are a critical resource in healthcare and the availability of those services is essential.

This role will have the opportunity to contribute directly to HEIW’s cyber security programme to design, implement and improve cyber security controls.

Working for our organisation

Health Education and Improvement Wales (HEIW) is the strategic workforce body for NHS Wales with statutory functions that include education and training, workforce planning, workforce development and transformation, leadership and succession planning, and careers.  Our purpose is to develop a workforce that delivers excellent care to patients/service users and excellent population health. We are a Special Health Authority working closely with our partners; Social Care Wales, education providers, professional and regulatory bodies and Welsh Government.

HEIW’s is committed to developing an internal culture of choice. Our Values reflect our thoughts, feelings and beliefs in how we will, and will not, behave and treat others:

- Respect for All in every contact we have with others,

- Ideas that Improve: Harnessing creativity and continuously innovating, evaluating and improving,

- Together as a Team: Working with colleagues across NHS Wales and with partner organisations.

HEIW received the HPMA Award for Employee Engagement in 2019.

What you can expect:

- a corporate induction and 90 day Welcome itinerary,

- compassionate leadership,

- a meaningful values based performance appraisal process,

- the opportunity to impact upon health and social care services and the lives and wellbeing of the people of Wales.

Many of our colleagues and stakeholders have commented on the buzz and atmosphere we create by working together as “One HEIW Team”. Do you want to join that team?

Detailed job description and main responsibilities

You will be able to find a full Job Description and Person Specification attached within the supporting documents or please click “Apply now” to view in Trac.

Person specification

Qualifications and Knowledge

Essential criteria
  • Educated to Degree Level in a relevant IT subject (preferable cyber security) or equivalent experience.
  • Cyber security qualifications (e.g., SSCP, CISMP, Sec+, CySA+) or equivalent level of work experience and knowledge.
  • Thorough knowledge of endpoint, server and/or network security.
  • An understanding of the Network and Information Systems Regulations.
  • Good understanding of cyber security best practices, frameworks, standards and terminology.
  • Evidence of continual professional development.
Desirable criteria
  • Professional membership in cyber security (e.g., ISC (2), BCS, NCSC, CHECK, CREST, CompTIA etc).
  • Applied knowledge in the cyber security domains of operations, compliance, cyber incident response, assurance and testing.
  • Application of cyber security in a healthcare and educational environment.
  • ITIL Foundation.

Experience

Essential criteria
  • Relevant experience working in cyber security, using relevant industry standards, security products and tools.
  • Knowledge of a range of ICT domains acquired through qualification or relevant industry experience.
  • Experience of working with cyber security solutions.
  • Specific experience of working with Security Information and Event Management (SIEM) and vulnerability scanning solutions.
Desirable criteria
  • Development of awareness and training packages.
  • Experience of ICT service provision.
  • Experience of working in fields other than cyber security.
  • Delivery of training to technical and non-technical employees.
  • Report writing and procedure development.

Skills and Attributes

Essential criteria
  • Excellent communication and interpersonal skills.
  • The ability to effectively communicate complex technical information to technical and non-technical stakeholders.
  • Develop and maintain effective working relationships across multifunctional departments and teams.
  • Ability to effectively communicate with stakeholders when defining requirements and implementing solutions.
  • Effective document writing and skills (e.g., letters, reports).
  • Superior presentation skills.
  • Ability to effectively execute vulnerability scans, assess information and present results.
  • Ability to effectively use monitoring solutions.
  • Ability to quickly understand and apply new technologies.
  • Ability to complete lessons learnt and root cause analysis of cyber security incidents.
  • The ability to assess and assist in the selection of good and best practice security controls and measures.
  • The ability to champion and embrace change in the drive towards continuous improvement.
  • Excellent organisational skills, the ability to work on own initiative, organise workload, work to tight deadlines and deliver projects with minimal support.
Desirable criteria
  • Detailed understanding of ICT.
  • Ability to speak Welsh.

Other

Essential criteria
  • The ability to work independently and as part of a team.
  • Self-motivated and committed to self-development and improvement.
  • Friendly and helpful nature when engaging with stakeholders.
  • Enthusiastic, committed, proactive and innovative.
  • Shows respect for others’ views and appreciate others’ inputs.
  • Willing to seek out learning opportunities.
  • The ability to provide and receive constructive feedback.
  • Adaptable approach to working.
  • Self-motivated and uses initiative to recognise problems and seek-out solutions.
  • The ability to work well with others, independently and work well under pressure.
  • Ability to travel within geographical area.

Employer certification / accreditation badges

Stonewall Hyrwyddwr Amrywiaeth Diversity ChampionDisability confident committedDying to Work CharterERS Silver Banner WelshEmployer pledge demonstrating a commitment to change how we think and act about mental health

Applicant requirements

Welsh language skills are desirable

Documents to download

Apply online now

Further details / informal visits contact

Name
Ricky Hartland
Job title
Head of Cyber Security and Information Assurance
Email address
[email protected]
Apply online nowAlert me to similar vacancies