It Security Engineer

Job summary An exciting opportunity has become available for a IT Security Engineer to join our well established IT team.The successful applicant will be responsible for a range Trust IT Security policyimplementation and development shaping the trusts long term IT patching cycle, to ensure a seamless andconsistent delivery of IT Services.Applicants must have achieved, or evidence of working towards &ability to obtain recognized IT Security qualifications such as CISMP, CISSP,CASP along with at least 3 years experience in an IT role which should include IT security as a responsibility & dealing withvulnerabilities, risks & threats.If this position involves a regulated activity it will require an Enhanced Disclosure & Barring Service check.
The disclosure will, where appropriate to the role, include information against the Independent Safeguarding Authority barred lists for working with children, adults or bothWhere a Disclosure & Barring Service (DBS) check is required for the post, all applicants are required to cover the cost of the check.
Main duties of the job West Midlands Ambulance Service University NHS Foundation Trust is committed to creating an inclusive, supportive, and accessible workplace for everyone where our colleagues feel empowered to succeed.Each person plays a vital part to ensuring our organisation meets the differing needs of our communities ultimately enabling us to save lives.
We acknowledge that a workforce that reflects the communities that it serves provide better patient care and we are therefore looking for self-motivated, enthusiastic people from all backgrounds that care about making a difference to our patients.We are committed to diversity and inclusivity at all levels.
We are proud to have maintained Disability Confident Leader status and as part of our commitments to this we guarantee to invite all applicants who meet the essential criteria for a role to attend assessment or interview.
If you have a disability or learning difficulty, and prefer to disclose it, please feel free to do so in your application.
You can also contact the Recruitment Team via email at if you wish to have a confidential discussion.
We use this information, with your permission, to ensure you are fully supported during the recruitment process.The Trust is proud to support our Armed Forces community and have signed up to the Step Into Health initiative.
We welcome applications from Armed Forces Veterans and Service leavers.
About us We do endeavour to respond to all candidates on an individual basis.
Therefore we do ask for your co-operation and patience whilst the short listing process takes place.
After the closing date please ensure you check your emails (including junk mail) regularly as contact is usually made via this method.We are proud to offer flexible working options to support our colleagues to have a greater choice in when, where and how they work.
During your interview we will explore this with you and discuss your individual needs and how this could be facilitated for this role to benefit patient experience, service delivery and the work-life balance of colleagues.
Job description Job responsibilities Responsible for a range Trust ITSecurity policy implementation and development shaping the trusts long term IT patching cycle, to ensure aseamless and consistent delivery of IT Services.Assist in the translation of Trust Long termstrategic plans, objectives and policy decisions into operational activity andprovide feedback to ensure continuous quality improvements.Maintain high awareness of developing standardsand innovations in the area of IT Security, and under the guidance of the Headof IT Security ensure the trust exploit opportunities.
Both financial andtechnological as necessary to deliver optimal and cost-effective patient care.Ensureservices are supported to agreed hours of service to agreed service levels byparticipation within the on-call rota.
This will require attendance on site forremedial or planned activities.Act as an authority andprovide specialist knowledge across the range of IT security procedures and practices,underpinned by theoretical knowledge and relevant practical experience.
For theTrust and ensure delivery of associated IT systems and services.Work with stakeholders to ensure clear definition and agreement ofservice.
In particular, with relation to possible downtime during patchmanagement.
Ensure these services are delivered and possible downtimecommunicated as necessary.Conduct risk assessments asappropriate and advise the Trust onIT Security concerns.
Under the instruction of the Head of IT Security ensure IT Security risks are clearly identified, recorded, managed anddirectly communicated to IT Senior Management Team accordingly.When required, liaise with external/third parties to ensure the Trusts IT Security stance is notcompromised.
When completing agreed patching tasks.
With relevance to externalsystems or services being connected to the Trusts network.Provide specialist knowledge as required or requested by otherdepartments on the procurement of new solutions, systems or services to ensurethey comply with the Trusts IT Security Strategy.
Work with the Heads of IT Services to ensure the ITsystems and services are affordable and cost effective.To contribute to the overall development of the Trust, to identifypresent and future opportunities, threats and risks in the IT environment withrelation to IT security.Promote effective use of IT systems and services, developing IT Securityawareness and promoting a culture of IT Security.Be responsible for managing and maintaining the various highly complexIT Security systems and services, as well as advising on future technologies,research and development.Participate in continuedprofessional development, training and courses as identified ensuring skillsand knowledge are kept current.Provide specialist knowledge and advice on the effective use of Trust ITServices to staff, including promotion of the use of IT Security Policies &IT Security awareness programs.Identify staff IT Security knowledge gaps,develop and promote an IT Security awareness program in conjunction with otherdepartments as required.Assist the Head of IT Security to identify anddevelop quality measures to ensure thehighest levels of service delivery are achieved.Carry out complex projects pertinent to the work of the Trust under thedirection of the Headof IT Security, assisting the production of management information, reports andrecommendations.Conduct vulnerability assessments and other associated activities asappropriate underpinned by theoretical knowledge and relevant practicalexperience.
within the Trust to Identify, remediate and mitigate risks to theTrust.
Liaise with NHS England, NCSC and other relevantbodies as required ensuring IT Security advisories, directives andnotifications are actioned and logged.
This includes but is not limited to threat& vulnerability alerts, vendor and other specialist threat intelligencefeeds.Ensure all systems and applications where applicable are kept up to dateand are encompassed in the patch management routine as detailed in the patchmanagement policy.
Assist the Head of IT Security with developing and maintaining an IncidentResponse Plan and Computer Emergency Response Team in relation to severe IT securityincidents.Take partin activities that lead to personal and/or team growth.
Includingresponsibility for providing briefings on developments in your field ofspecialist knowledge.Attendsupervision and appraisal sessions with the Line Manager.
Take a lead in identifyingown development needs.Lead on investigating IT Security issues using analytical &judgmental skills to fault find in addition to liaising with other staff anddepartments &/or external third parties as appropriate.The post holder is expected to work with the minimum of supervision andmay be expected to deal with other duties appropriate to their level and post.Travel to other Trust sites maybe required on an ad-hoc basis, thereforeyour own vehicle and a full clean UK drivers license is required.
Mileageexpense is available where appropriate for Trust business.
Assumewider responsibilities as assigned by the Head of IT Security Person Specification Experience Essential At least 3 years experience in an IT role, which should include IT Security responsibility & dealing with vulnerabilities, risks & threats.
Familiarity with an assortment of security technologies from different vendors (, Tenable Nessus, Microsoft XDR, Forcepoint Web) Qualifications Essential Achieved, or evidence of working towards & ability to obtain recognized IT Security qualifications such as CISMP, CISSP, CASP etc.
Evidence of continuing professional development.
Skills and Knowledge Essential Knowledge of NHS IT systems and services (desirable) Current knowledge on latest cyber threats & mitigation of.
Knowledge of hardening infrastructure systems both on premise & in the cloud.
Familiarity with patch management methodologies.
Familiarity with Microsoft cloud technologies (, Microsoft Exchange, Azure, Intune, SharePoint, Teams).
Confident and self-motivated Ability to work with others or part of a team Ability to prioritise workload and act under pressure