ICT Senior Network and Cyber Security Analyst

Barts Health NHS Trust
London
1 year ago
Applications closed

Related Jobs

View all jobs

Senior IT Delivery Engineer

Cybersecurity & Connectivity Engineer

Senior IT Technician

Cybersecurity Operations Manager

ICT & Digital Technologies Teacher

B2B ICT Sales Executive

Job overview

Manage, and responsible for the operation, installation and maintenance of the Trust’s ICT network and security infrastructure, systems and software, providing advanced level operational support on a range of network devices and associated services in order to support over 15,000 users across 6 hospital sites, running 24/7/365.

Monitor networks to detect any suspicious or activities and take measures, such as installing firewalls, to defend against malicious attacks on the systems.

Correct flaws in any of the Trust’s security systems, solutions and programs while recommending specific measures that can improve the Trust’s overall security profile.

Main duties of the job

• Actively manage and maintain the Trust's network and security infrastructure, systems and software.

• Implement and recommend controls that will improve the Trust’s security posture.

• Regularly develop, maintain and update policies, procedures, guidelines and standards for all relevant systems and processes.

• Proactively monitor the infrastructure with the available tools to identify suspicious activities and take preemptive action to defend against them.

• Take the lead on vulnerability management.

• Ensure patching is done regularly in accordance with the agreed standards and completed within agreed procedures.

• Effectively and actively use threat intelligence to improve our security posture.

• Provide technical assistance and expertise during incident resolution.

• Work closely with relevant parties to ensure compliance with various standards.

Working for our organisation

Barts Health is one of the largest NHS trusts in the country, and one of Britain’s leading healthcare providers.

The Barts Health group of NHS hospitals is entering an exciting new era on our improvement journey to becoming an outstanding organisation with a world-class clinical reputation. Having lifted ourselves out of special measures, we now have the impetus and breathing space to chart a fresh course in which we are continually striving to improve all our services for patients.

Our vision is to be a high-performing group of NHS hospitals, renowned for excellence and innovation, and providing safe and compassionate care to our patients in east London and beyond. That means being a provider of excellent patient safety, known for delivering consistently high standards of harm-free care and always caring for patients in the right place at the right time. It also means being an outstanding place to work, in which our WeCare values and behaviours are visible to all and guide us in how we work together.

We strive to live by our WeCare values and are committed to promoting inclusion, where every staff member has a sense of belonging. We value our differences and fully advocate, cultivate and support an inclusive working environment.

Detailed job description and main responsibilities

We are dedicated to being an outstanding place to work and will work with you to get the best experience. We know flexible working is not a one size fits all and will mean something different to everyone. We are inclusive, so if you are interested in flexible working, please speak to the recruiting manager.

• Support in the regular review of IT Security risks and record identified risks in the risk register.
• Identify and recommend risk mitigation plans whilst ensuring that the relevant teams take appropriate action to implement the plans.
• Respond promptly to alerts from the various security monitoring tools and follow the Trust’s cyber incident response plan to take appropriate action.
• Provide relevant input to the technical and executive reports about cyber incidents and remediation activities.
• Carry out routine daily checks on the various security tools to ensure they are working optimally. 
• Identify relevant sources of threat intelligence updates that can be used to improve our security posture.
• Provide support in the design of new security systems or upgrade existing ones.
• Perform both internal and external security audits, as well as conduct security assessments through vulnerability testing and risk analysis.
• Use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
• Actively participate in the review of third-party vendors and software.
• Contribute and support the annual DPST audit. 

The full job description provides an overview of the key tasks and responsibilities of the role, and the person specification outlines the qualifications, skills, experience, and knowledge required. For both documents, please view the attachment/s below.

Person specification

Knowledge

Essential criteria

Significant technical knowledge of security principles, controls, risk and threat mitigation. Good general knowledge of IT infrastructure (network, PCs, firewalls, telephones, servers) Knowledge of web applications and their common vulnerabilities. Understanding of cyber security frameworks e.g CAF, NIST, DSPT, ISO 27001. Awareness and understanding of emerging IT developments and potential implications

Desirable criteria

Knowledge of Cloud technologies.

Communication

Essential criteria

Highly effective interpersonal and coordinating skills with the ability to interpret and communicate complex information to staff with varying degrees of technical know how. Excellent written and verbal communication skills suitable for a range of audiences, including chairing of meetings Able to document routine fixes in the ICT knowledge base and training documents Able to work effectively as part of a team Able to lead and direct individuals to achieve a common aim.

Qualifications

Essential criteria

Educated to degree level in an IT-related subject (or equivalent experience) Professional Cybersecurity qualification (CISMP, Security +, Cysa +) Professional Computer networking qualification (CCNA)

Desirable criteria

CISSP qualification ITIL Foundation qualification

Experience

Essential criteria

Significant experience of working in a large organisation (over 5,000 users) with a proven experience of leading or actively involved in a wide variety of cybersecurity responsibilities. Practical and extensive experience of threat detection, intrusion prevention/detection techniques and attack vectors. Technical and working knowledge of different security tools. Experience of working in an ITIL environment. Experience of conducting risk assessments and developing mitigation plans Experience of working with a wide range of 3rd parties; managed services; and managing relationships. Experience of using threat intelligence effectively to improve security posture. Demonstrable experience of vulnerability management and taking actions to remediate findings. Experience of conducting security assessment for third parties.

Desirable criteria

Experience of working in an enterprise network environment Previous experience in a similar position within the NHS or healthcare provider Demonstrable experience of IT security experience in an enterprise network. Experience of automating routine infrastructure tasks with scripting tools Experience of writing technical and executive reports. Demonstrable experience of reviewing and recommending IT security solutions and controls. Experience of responding to cyber incidents. Experience of participating in a DSPT audit.

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs Careers

Cyber Security Jobs for Career Switchers in Their 30s, 40s & 50s (UK Reality Check)

If you’re thinking about switching into cyber security in your 30s, 40s or 50s, you’re in good company. Across the UK, organisations of all sizes are hiring people from diverse backgrounds to protect systems, data & customers. But with hype around “hackers” & quick-win courses, it’s hard to separate reality from fiction. This guide gives you a UK reality check: which roles genuinely exist, what employers actually want, how training really works, what to expect on salary & progression & whether age matters. Whether you come from finance, project management, operations, law, HR or customer service, there is a credible route into cyber security if you approach it strategically.

Jobs

How to Write a Cyber Security Job Ad That Attracts the Right People

Cyber security is now a board-level priority for organisations across the UK. From financial services and healthcare to critical infrastructure, SaaS platforms and the public sector, demand for skilled cyber security professionals continues to grow. Yet despite this demand, many employers struggle to attract the right candidates. Cyber security job adverts often generate large volumes of applications, but few are a genuine match. Meanwhile, experienced security engineers, analysts and architects quietly ignore adverts that feel vague, unrealistic or disconnected from real security work. In most cases, the problem is not a lack of talent — it is the quality of the job advert. Cyber security professionals are trained to assess risk, spot weaknesses and question assumptions. A poorly written job ad signals organisational immaturity and weak security culture. A well-written one signals seriousness, competence and trust. This guide explains how to write a cyber security job ad that attracts the right people, improves applicant quality and positions your organisation as a credible security employer.

Education Jobs

Maths for Cyber Security Jobs: The Only Topics You Actually Need (& How to Learn Them)

If you are applying for cyber security jobs in the UK it can feel like “real security people” must be brilliant at maths. The reality is simpler: most roles do not need degree-level pure maths. What they do need is confidence with a small set of practical topics that show up repeatedly in day-to-day work across SOC, incident response, cloud security, AppSec, threat detection, IAM & security engineering. This guide strips the maths down to what actually helps you get hired. It includes a 6-week learning plan plus portfolio projects you can publish to prove the skills. You will focus on: Number systems & bitwise thinking (binary, hex, bytes, XOR) Modular arithmetic basics (enough to understand how modern crypto “works”) Probability & statistics for detection, triage & risk Discrete maths for logic, sets, graphs & complexity Security maths habits: estimation, false positive control & evidence-led reporting You will not waste time on heavy theory that rarely appears in junior or mid-level cyber security roles.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.