Cyber Security Analyst (Band 7) - IT and Data Services - Provide CIC

The Cyber Security Analyst is responsible for the identification and handling of threats, both internal and external, to the security of Provide and Provide group companies. The Cyber Security Analyst will be expected to research and identify cutting edge techniques and technologies which will strengthen the organisation’s cyber security position.

The Cyber Security Analyst will work closely with the Technology Security and Cloud Lead and Director of IT & Systems to ensure all areas of the Environment are maintained and developed to high standards, security is of the highest priority and part of the role will be to analyse gaps, recommend and implement improvements.

A strong knowledge of security hardening techniques, exploit mitigation and security incident management is essential and will be utilised when planning upcoming projects and BAU activities.

Main duties of the job

1. Provide strategic and technical expertise to design, implement, and manage advanced cybersecurity solutions.
2. Analyse security events and investigate security alerts, resolving or escalating appropriately.
3. Document security incidents, identifying process and tooling improvements.
4. Conduct security assessments through vulnerability testing and risk analysis.
5. Perform root-cause analysis of security breaches.
6. Develop and refine incident response playbooks.
7. Utilise threat intelligence to identify attack scale, type, and affected systems.
8. Act as primary contact for logging and managing security incidents and events.
9. Assist with internal and external audits, preparing required information.
10. Create and maintain security procedure manuals.
11. Promote cybersecurity awareness across the organisation.
12. Stay informed about legal, regulatory, and technological cybersecurity developments.
13. Communicate complex technical issues clearly to technical and non-technical stakeholders.
14. Use diplomacy and negotiation skills when agreeing priorities with senior management and suppliers.
15. Deliver technical presentations and training on cybersecurity topics.
16. Independently plan workload, make decisions, and implement improvements within organisational policies.
17. Act as lead specialist, resolving complex cybersecurity problems autonomously.
18. Assist with induction and professional development of junior team members.
19. Allocate tasks and oversee junior staff workload planning.

Working for our organisation

Provide is a Community Interest Company (social enterprise). We deliver a broad range of health and social care services in the community, and are committed to making sure that they are safe, responsive and of high quality. Provide is owned by its employees and has primarily social objectives. Any profits we make are reinvested into the local community or back into delivering services.

We work from a variety of community settings, such as community hospitals, community clinics, schools, nursing homes and primary care settings, as well as within people’s homes to provide more than 40 services to children, families and adults across Essex, Dorset, East Anglia and the North of England.

A highly respected, award winning health and social care provider. We expect our staff to demonstrate and uphold our values at all times:

Vision:Transforming Lives

Values:Care, Innovation and Compassion

Mission:An ambitious, employee owned social enterprise, growing in size and influence. We transform lives by treating, caring and educating people.

Provide is an equal opportunity employer committed to building a team that represents a variety of backgrounds, perspectives and skills, proud to have LGBT+, Ethnic Minority and Men’s Networks.

We welcome applicants from underrepresented groups. If you have the skills and experience for the job, please apply regardless of your background.

Detailed job description and main responsibilities

Operational or Strategic Responsibilities

1. Provide analytical, strategic, and technical skills to design, develop, implement, and use state-of-the-art technology cybersecurity solutions aimed at reducing risk.
2. Analysing security event data arising from activity across the organisation with the goal of detecting malicious activity.
3. Investigating security alerts and incidents generated by security tools within the organisation, resolving or escalating as appropriate.
4. Producing documentation relating to the processing of alerts and incidents which includes the identification of improvements to processes and/or tooling.
5. Conducting security assessments through vulnerability testing and risk analysis.
6. Analysing security breaches to identify the root cause.
7. Define and mature ‘playbooks’ for response to cyber threats.
8. Use threat intelligence to pinpoint scale of the attack, the type of attack and systems affected.
9. Provide incident response for confirmed security incidents.
10. Be the point of contact for Security incidents, events and requests and ensure all are logged.
11. Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate.
12. Creation and maintenance of procedure manuals.
13. Promoting Security awareness across the business.
14. Understand legal & regulatory requirements and procedures in place relating to Security.
15. Actively remain informed about new and evolving technological and cyber security change, including working towards and obtaining relevant professional certifications.

Communication and Relationship Skills

1. Use of tact and diplomacy when dealing with customers and suppliers.
2. Use of negotiation skills when setting and agreeing priorities with senior managers, e.g. when prioritising developments, agreeing system designs or new processes.
3. Give technical presentations and training on complex IT issues.
4. Communication of a range of complicated, detailed and difficult to explain multi-stranded IT issues to both peers and non-IT staff and suppliers.
5. Communication of complex IT issues and solutions with staff at various levels across the trust and to external technical teams, this requires excellent written and verbal communication skills.

Autonomy

1. Ensure their own training is up to date.
2. Keep up to date with national guidance and Provide policies, highlighting any required changes to the department’s manager.
3. Plan own workload and activities to meet project deadlines and provide user support.
4. Ability to work unsupervised and make decisions without referring to a manager to achieve agreed objectives.
5. Review, propose, develop and implement processes for own area of work.
6. Act as a lead specialist in own area of work.
7. Using knowledge gained through formal learning and work experience to make judgements on how to most effectively resolve IT problems where there may be a range of options.
8. Work within broad policies and national guidance that may require interpretation due to the complexity and technical nature of the guidance.

Responsibility for Human Resources/Supervision or Management of others

1. Assist with the induction of new members of staff.
2. Supporting the development of more junior members of the team.
3. Deliver training on a range of IT subjects to other members of the IT Team.
4. Allocates work to more junior members of staff.
5. Plans workload within own area of work.

Responsibility for Finance/Resources or Budget

1. Ordering and receipting of IT hardware and software which can often be of high value.
2. Responsible for the proper and safe use of IT equipment by users.

Use of Information Resources

1. Responsible for the planning, development, review, update and introduction of IT infrastructure and server related projects, e.g. implementation of new servers.
2. Ensuring databases are kept up to date and maintained to a high quality, this will include the Configuration Management Data Base.
3. Entering data into a range of IT systems and auditing this data when required.
4. Production of reports.
5. Using analytical skill for the production of statistics on the performance of the department and suppliers for the service managers, these may be circulated to Provide’s board members and Senior Management Team.
6. Email, telephone and face to face communication with customers and suppliers.
7. Making modifications and repairs to IT software, hardware and code.
8. Development of training materials and processes.

Responsibility for Patient Care

There is no responsibility beyond ‘incidental contact’ with patients.

Person specificationQUALIFICATIONS & EDUCATION

1. Educated to Degree level (Alternatively significant level of experience working at a similar level in a specialist area. Plus, recognised qualification such as ECSA or equivalent cyber security experience. Evidence of professional and/or personal development.
2. ITIL foundation certificate or higher
3. Obtained or working towards any of the below or equivalent: CEH CISM CISSP OSCP CASP+

WORK RELATED KNOWLEDGE & EXPERIENCE

1. Understanding of vulnerability management and related management tools.
2. Good knowledge of OWASP top 10
3. Understanding of penetration testing methodology and related tools and techniques
4. Ability to perform web application vulnerability assessments
5. Understanding of server, client and network technologies.
6. Understanding of attacker techniques, from post-exploitation to full system compromise and lateral movement.
7. Understanding of defender techniques.
8. Ability to perform internal security assessments.
9. Network Threat Protection and response / reporting.
10. PowerShell scripting
11. Azure and AWS administration
12. M365 administration and security
13. Good knowledge of firewalls and networking
14. Familiar with Kali OS
15. Familiar with Linux based OS’s
16. Experience with Bloodhound, Sharphound, NMAP and other security tools.
17. Experience with log management and SIEM
18. Experience of threat hunting
19. Experience creating security assessment reports and documentation.
20. Incident response reporting experience

FURTHER INFORMATION:

How will we contact you?

1. All correspondence for this post will be by email or text messaging. Please register for text messages on your TRAC account. Applicants are advised to check their email accounts regularly to ensure that email filters are set to allow our mails.
2. As we often have many applicants for jobs at Provide, we regret that we will only be able to contact those external applicants who are shortlisted for interview. Therefore if you have not heard from us within 2 weeks of the closing date, then please assume you have not been shortlisted for interview on this particular occasion. Internal candidates who are unsuccessful can seek feedback from the recruiting manager.
3. If you wish to contact the Recruiting Manager about the vacancy/role or for feedback after interview, their details are provided within the advert.

Checking progress on your application?

To check progress on your application, please log into yourTRACaccount. We aim to keep you updated on the status of your application as soon as we can.

Closing Date

Provide reserves the right to close this vacancy at any time or bring forward the closing date should it have an overwhelming response. We therefore encourage an early application to ensure consideration for this post.

Professional UK clinical registration required for the role?

If we require you to hold UK professional clinical registration to undertake a role we appoint you to, Provide will pay for your registration during the first year of your employment.

Provide CIC continues to encourage all colleagues to ensure they have been double vaccinated and received a booster vaccination.

We recognise taking the vaccine provides the best defence against COVID 19 for our patients, service users, customers, fellow colleagues, and their families.

Our staff have been trained in 'Anti-Fraud' and will use technology to examine identity/immigration documents.

Disability

If you have a disability and need assistance or more time to complete your application or attending interview, please contact a member of the HR Services Team on or .

Work Trials

Please check with your local Job Centre Plus to see if you are eligible for a Work Trial. If you are interested in trying this job first, please contact the HR Services team and we can help you make the arrangements with the Job Centre and the Recruiting Manager.

We are committed to equal opportunities, flexible working practices and the National Living Wage.

SuccessfulApplicant:

You will be required to bring all your documentation to your interview to show the recruiting manager and again at your pre-employment appointment with the Recruitment Co-Ordinators.

The information that you provide will be treated confidentially. If you fail to provide all of the information, Provide may not be able to fulfil our contractual obligations to you or may be prevented from complying with our legal obligations.

Employer certification / accreditation badges

This post will require a submission for Disclosure to be made to check for any unspent criminal convictions.

#J-18808-Ljbffr