Senior Information Security Engineer
Job summary
An exciting opportunity has arisen to join our organisation in the role of Senior Information Security Engineer within the Digital Services department.
The aim of this post is to play a key role in safeguarding the Trust's critical systems and information assets. You will be a senior technical specialistwith CISSP certification, workinghands-onacross:
-
Cyber security architecture,implementation and monitoring.
-
Incident response and operational cyber resilience.
-
Vulnerability management and cyber risk reduction.
-
Supporting compliance with NHS and national cyber security standards.
The base for the role is Beechdale Divisional Headquarters, Nottingham however this is a hybrid role with a combination of a home/office working pattern. The expectation would be a balance of approximately 2/3 days on site in Nottingham on a weekly basis, with occasional site visits inLincoln. Applicants mustresideclose to or withinin the East Midlands to ensure prompt on-site support during major incidents or business continuity events.
Main duties of the job
Investigate and analyse complex technical information to identify cyber security threats and vulnerabilities across systems, networks, and applications. Design, implement, and maintain technical security controls to protect systems, data, and system boundaries from cyber attack, malware, ransomware, and insider threats. Support incident response activities, including investigation, containment, remediation, and reporting of information security incidents and data breaches. Lead and support vulnerability management, working with Infrastructure and Digital Services teams to reduce cyber risk through secure configuration and timely remediation. Provide specialist technical security advice to support secure system design, change management, and the introduction of new services or technologies. Support compliance with national and organisational cyber security requirements, including DSPT and NCSC guidance. Contribute to security policies, standards, audits, dashboards, and reports, and act as deputy for the Information & Cyber Security Manager when required.
About us
The information Security team are hybrid workers; therefore, the successful candidate will be required to ensure that suitable broadband connectivity is in place to allow them to carry out their work effectively, and that they adhere to the EMAS Home Working policy.
The successful candidate will need to be flexible, be willing to vary their working hours and be prepared to travel to Trust premises in the course of their duties to suit the demands of the IT functions of an emergency service.
Job description
Job responsibilities
The Senior Information Security Engineer is a senior technical specialist responsible for protecting the organisations information assets, systems, and infrastructure from cyber threats. The role provides hands-on technical expertise across cyber security engineering, incident response, vulnerability management, and secure system design, working closely with Infrastructure, Digital Services, and thirdparty suppliers.
The post holder will investigate complex security issues, implement effective technical controls, and provide expert advice to ensure systems are secure, resilient, and compliant with national cyber security requirements. The role supports a busy operational environment and contributes directly to maintaining the availability, integrity, and confidentiality of critical services and sensitive data.
You will have a minimum of 5 years IT experience in an Information Cyber Security role.
You will be able to re-organise workloads due to unexpected events and be capable of analysing a range of highly complex IT problems. You will be able to work well within a team and be happy to work autonomously for long periods of time.
Person Specification
Qualifications
- Degree in an associated IT subject or 5 years experience
- Evidence of continuing professional development in Information Security
- Certified Information Systems Security Professional (CISSP) certification
- ITIL Foundation
- Post graduate qualification in IT related subject
- Relevant professional qualifications
Experience
- Minimum 5 years' equivalent demonstrable experience within a similar Information Security ition including technical troubleshooting
- Experience in third level security analysis and interpretation of highly complex data.
- Experience of patching servers and endpoints
- Experience of security tools and vulnerability scanners
Knowledge and Skills
- Ability to produce technical reports and documentation to a wide-ranging audience
- Capable of analysing and resolving highly complex IT problems
- Able to present to a variety of audiences on complex issues
- Ability to make judgements independently of senior managerial support to support on call (out of hours) responsibilities
- Demonstrates leadership and management skills
Personal Attributes
- Able to work under intense pressure and make informative decisions in a reactive environment.
- Able to use judgement and negotiate on complex or contentious issues with conflicting priorities
- Able to re-prioritise in response to unexpected situations
- Ability to complete daily tasks unsupervised
- Strong organisational, management and time management skills
- Able to concentrate for long periods of time
- Standard keyboard skills
- Able to work at PC for more than 85% of the working day
- Must be a UK driving license holder, car driver and owner and able to travel to various locations across the EMAS region
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Employer details
Employer name
East Midlands Ambulance Service NHS Trust
Address
Home Based
Beechdale Road
Nottingham
NG8 3LL
Employer's website
https://www.emas.nhs.uk/