Information Security Analyst

We are seeking a highly skilled and motivated Information Security Analyst to join our Digital Data & Technology (DDaT) team. This is a pivotal role supporting the Head of Information and Cyber Security (CISO) in delivering cyber security services across the Trust and wider health and care system. Provide expert guidance on the selection, design, justification,implementation and operation of Cyber Security strategies, technologies,processes, procedures and standards. Support the development of controlsand management approaches to maintain the safety, confidentiality,integrity, availability and security of the Trust's digital infrastructure andsystems; including the protection of Trust and patient data and informationstored and processed by infrastructure or systems managed by, or under the control of the Trust Diversity makes us interesting... Inclusion is what will make us outstanding. Certificate of Sponsorship Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab) . From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab) . Additional information PRINCIPAL RESPONSIBILITIESSupport the CISO in developing, implementing and monitoring a strategic, comprehensive cyber, enterprise information security, resilience, information governance and IT risk management strategy and plan.Provide expert cyber security advice to senior stakeholders and technical teams across the organisation.Work directly with key stakeholders to facilitate risk assessment and risk management processes. Collaborate with all departments within the Trust (and ICS) where necessary to identify and disseminate high-quality information that facilitates effective cyber and information security management and improvement.Use advanced analytic tools (artificial intelligence) to determine emerging threat patterns and vulnerabilities. Scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolvedLead on audit and audit preparation relating to IT securityMaintaining compliance with various standards in place e.g. Data Security and Protection Toolkit, CareCERT, Cyber Essentials+, Network and Information Systems Regulations etc. Act as the Trusts advisor on cyber security protection, detection, response and recovery.Analyse complex data and oversee the production of detailed informationWork closely with the Emergency Preparedness, Resilience and Response teams to ensure that preparations include events relating to cyber security.Evaluate options and be able to persuade and influence others to ensure that risks in relation to cyber, resilience and information integrity and security are addressed appropriately.Develop business cases and propose funding allocations based around intelligence on the areas of greatest risk and benefit.Develop and implement a cyber, resilience and information integrity and security strategy, ensuring all partners endorse the strategy.Ensure that all local information and cyber security strategies and activities align with the national Plan.To assist with the development of disaster recovery and business continuity strategies for Trust digital services, wider stakeholders and partner organisations.Adherence to Professional StandardsAll activities will be conducted within the context of professional standards, including, but not limited to, PRINCE II and ITIL.This post requires continual upgrading of skills to reflect rapid changes in technology, the Trusts environment and the needs of the Trust. This is achieved through formal training; informal skills transfer and self-tuition.Business Change and TransformationWork closely and collaboratively with, the Trust Improvement Programme Board to ensure synergy for business transformation. Ensure the teams with area of responsibility develop their knowledge and ability to drive successful technology-based change management and to deliver successful training across a wide range of staff within the Trust. PRINCIPAL RESPONSIBILITIESSupport the CISO in developing, implementing and monitoring a strategic, comprehensive cyber, enterprise information security, resilience, information governance and IT risk management strategy and plan.Provide expert cyber security advice to senior stakeholders and technical teams across the organisation.Work directly with key stakeholders to facilitate risk assessment and risk management processes. Collaborate with all departments within the Trust (and ICS) where necessary to identify and disseminate high-quality information that facilitates effective cyber and information security management and improvement.Use advanced analytic tools (artificial intelligence) to determine emerging threat patterns and vulnerabilities. Scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolvedLead on audit and audit preparation relating to IT securityMaintaining compliance with various standards in place e.g. Data Security and Protection Toolkit, CareCERT, Cyber Essentials+, Network and Information Systems Regulations etc.