Job summary
Employer heading
Cyber Security Analyst
Band 6
Job overview
An exciting opportunity has arisen for a Cyber Security Analyst within the Digital directorate at Health Education and Improvement Wales.
The post holder will be responsible for monitoring and managing cyber security services and promoting a culture of cyber security awareness.
The ideal candidate will need to demonstrate excellent planning and administrative skills, technical prowess and a practical knowledge of cyber security concepts. An excellent communicator is required to build and establish close working relationships throughout HEIW and the wider NHS Wales community.
Main duties of the job
The post holder will be responsible for monitoring cyber security services, responding to incidents and issues, and contributing to the development of cyber-related policies, procedures and processes. As a member of the cyber security team, you will be responsible for defining and completing vulnerability scans and working with third-party service providers to review compliance with good and best practice.
The post holder will be responsible for ensuring the timely remediation of cyber security incidents and providing specialist knowledge and support. You will work directly with the Cyber Security Manager and Head of Cyber Security & Information Assurance to assist in the development of organisation-wide cyber security awareness and training packages. Building and driving forward a cyber-aware culture is especially important now that digital services are a critical resource in healthcare and the availability of those services is essential.
This role will have the opportunity to contribute directly to HEIW’s cyber security programme to design, implement and improve cyber security controls.
Working for our organisation
Health Education and Improvement Wales (HEIW) is the strategic workforce body for NHS Wales with statutory functions that include education and training, workforce planning, workforce development and transformation, leadership and succession planning, and careers. Our purpose is to develop a workforce that delivers excellent care to patients/service users and excellent population health. We are a Special Health Authority working closely with our partners; Social Care Wales, education providers, professional and regulatory bodies and Welsh Government.
HEIW’s is committed to developing an internal culture of choice. Our Values reflect our thoughts, feelings and beliefs in how we will, and will not, behave and treat others:
- Respect for All in every contact we have with others,
- Ideas that Improve: Harnessing creativity and continuously innovating, evaluating and improving,
- Together as a Team: Working with colleagues across NHS Wales and with partner organisations.
HEIW received the HPMA Award for Employee Engagement in 2019.
What you can expect:
- a corporate induction and 90 day Welcome itinerary,
- compassionate leadership,
- a meaningful values based performance appraisal process,
- the opportunity to impact upon health and social care services and the lives and wellbeing of the people of Wales.
Many of our colleagues and stakeholders have commented on the buzz and atmosphere we create by working together as “One HEIW Team”. Do you want to join that team?
Detailed job description and main responsibilities
You will be able to find a full Job Description and Person Specification attached within the supporting documents or please click “Apply now” to view in Trac.
Person specification
Qualifications and Knowledge
Essential criteria
- Educated to Degree Level in a relevant IT subject (preferable cyber security) or equivalent experience.
- Cyber security qualifications (e.g., SSCP, CISMP, Sec+, CySA+) or equivalent level of work experience and knowledge.
- Thorough knowledge of endpoint, server and/or network security.
- An understanding of the Network and Information Systems Regulations.
- Good understanding of cyber security best practices, frameworks, standards and terminology.
- Evidence of continual professional development.
Desirable criteria
- Professional membership in cyber security (e.g., ISC (2), BCS, NCSC, CHECK, CREST, CompTIA etc).
- Applied knowledge in the cyber security domains of operations, compliance, cyber incident response, assurance and testing.
- Application of cyber security in a healthcare and educational environment.
- ITIL Foundation.
Experience
Essential criteria
- Relevant experience working in cyber security, using relevant industry standards, security products and tools.
- Knowledge of a range of ICT domains acquired through qualification or relevant industry experience.
- Experience of working with cyber security solutions.
- Specific experience of working with Security Information and Event Management (SIEM) and vulnerability scanning solutions.
Desirable criteria
- Development of awareness and training packages.
- Experience of ICT service provision.
- Experience of working in fields other than cyber security.
- Delivery of training to technical and non-technical employees.
- Report writing and procedure development.
Skills and Attributes
Essential criteria
- Excellent communication and interpersonal skills.
- The ability to effectively communicate complex technical information to technical and non-technical stakeholders.
- Develop and maintain effective working relationships across multifunctional departments and teams.
- Ability to effectively communicate with stakeholders when defining requirements and implementing solutions.
- Effective document writing and skills (e.g., letters, reports).
- Superior presentation skills.
- Ability to effectively execute vulnerability scans, assess information and present results.
- Ability to effectively use monitoring solutions.
- Ability to quickly understand and apply new technologies.
- Ability to complete lessons learnt and root cause analysis of cyber security incidents.
- The ability to assess and assist in the selection of good and best practice security controls and measures.
- The ability to champion and embrace change in the drive towards continuous improvement.
- Excellent organisational skills, the ability to work on own initiative, organise workload, work to tight deadlines and deliver projects with minimal support.
Desirable criteria
- Detailed understanding of ICT.
- Ability to speak Welsh.
Other
Essential criteria
- The ability to work independently and as part of a team.
- Self-motivated and committed to self-development and improvement.
- Friendly and helpful nature when engaging with stakeholders.
- Enthusiastic, committed, proactive and innovative.
- Shows respect for others’ views and appreciate others’ inputs.
- Willing to seek out learning opportunities.
- The ability to provide and receive constructive feedback.
- Adaptable approach to working.
- Self-motivated and uses initiative to recognise problems and seek-out solutions.
- The ability to work well with others, independently and work well under pressure.
- Ability to travel within geographical area.
Applicant requirements
Welsh language skills are desirable
Documents to download
Further details / informal visits contact
- Name
- Ricky Hartland
- Job title
- Head of Cyber Security and Information Assurance
- Email address
- [email protected]
List jobs with Health Education and Improvement Wales in Administrative Services or all sectors