Senior Cyber & IT Security Officer (Security Services)
Mersey Care NHS Foundation TrustSearch for more jobs in Prescot
Job overview
To be a guardian of good IT security practice. Responsible for actioning security alerts from Network Detect and Response, anti-virus, Cloud security systems and CareCERTS.
Undertake security configuration work as required by the Audit and Accreditation function. Undertaking security audits as required. To contribute within Informatics Merseyside on specified areas including incident response.
Main duties of the job
1. The post holder will be expected to interpret highly complex information security scenarios receiving information from many sources and at many levels. This information will need to be understood and solutions developed. 2. To provide specialist advice on IT Security / IG issues to trusts and the HIS, including security / IG assessment of new systems, communicating by means of undertaking presentations as required. 3. The post holder will have a broad understanding of IM&T technologies and a broad knowledge in key technologies such as firewalls, email filters, anti-virus, and intrusion detection technologies. 4. The post holder will contribute to the formulation and development of information security plans and strategies to enable the successful completion and implementation of new systems. This might include logistics for equipment and software delivery and installation, scheduling human resources for training and configuration tasks and change control to minimise potential down time. 5. The post holder will assist in the development of information security policies and procedures that will be required the secure operation of systems. These policies will have far ranging impact across Informatics Merseyside, and partner organisations.
Detailed job description and main responsibilities
1. To assist in writing and assist in the implementation of Data Protection and Information Security standards. 2. If approached assist any individual in Freedom of Information requests and subject access requests. 3. To provide assistance where required in gathering evidence for the Data Security Protection Toolkit or other assurance activity. 4. Assist in the investigation of security incidents as required, this may involve audit trails, manually checking individuals accounts, interviews, producing system reports regarding activity etc. 5. Assist as required, towards supplying evidence of information security incidents to Trust Information Governance groups. 6. Provide assistance to the Deputy IT Security Manager (SS) for actioning, or delegating, responses to complex cyber security alerts and incidents from (but not limited to) Network Detection & Response systems, Cloud-based security alerts, risky-user logins, MFA failures and NHS England Security Operations Centre (SOC) alerts such as CareCERTS. 7. Liaising with appropriate IM colleagues on complex Cyber & IT Security issues, incidents, and alerts.