Cyber Security Operations Team Lead

Job description

Job responsibilities

In this role, you are accountable for

1. As the Security operations team lead you will support the Infrastructure Services Manager/Head of Cyber Security & infrastructure Services ensuring NHSBSA systems security is managed and appropriate access control and monitoring on all systems is maintained.

2. To work with NHSBSA staff and Third Parties to ensure that security standards, governance and processes are in place for producing and maintaining up to date, comprehensive, comprehensible documentation which will include IT service security blueprints for all systems and services.

3. Serves as a Subject Matter Expert (SME) and acknowledged point of contact to provide guidance on inquiries related to their area of responsibility, originating from both internal and external sources. Establishes the Cyber Security Operations team as the primary resource for advice on such matters and advises on standards and tools within their area of expertise.

4. Efficiently managing the workload of personnel and ensuring timely completion of assigned tasks to a superior standard. Continuously striving to improve both personal and business areas by coordinating and delivering work across various strands, including continuous improvement, project-related work, and operational tasks, while also promptly escalating issues as necessary.

5. Maintain detailed technical knowledge of IT Security products, systems, policies, and procedures used within the NHSBSA.

6. Ensure that all controls are in place to ensure continued compliance with the National Cyber Security Centre (NCSC) an the Department of Health and Social Care (DHSC) Cyber Assessment Framework (CAF)and continued adherence to HM Government Cyber security strategy and NCSC standards and best practice.

7. Supports the strategic direction of the Cyber security operation function by the development, maintenance, promotion and stewardship of Security Procedures and Standards, in accordance with the NHS BSAs requirements, IG policies and procedures, legislation and EU Directives.

8. Monitor, report, present or escalate issues as appropriate to the Head of Cyber Security & Infrastructure Services.

9. Implement, monitor and report on a number of areas including agreed service levels, KPI's and standards within security operations.

10. Tasked with offering proficient assistance and guidance throughout the entire lifecycle of a security solution implementation, encompassing both technical and non-technical aspects. This involves overseeing the migration of services across suppliers and working closely with architects to ensure that the solution and service design is accurately translated, built, delivered, and operated in accordance with security and business requirements.

11. Identify opportunities, engaging and fostering relationships and partnership working within the organisation, and with third parties, to identify and deliver value to the organisation.

12. Assist in the management of the security incident process by reviewing security incidents, vulnerabilities, and malfunctions related to the systems of NHS BSA. Take appropriate remedial actions, including addressing any performance-related targets not met by internal and external suppliers, to ensure the efficient resolution of incident.

13. Keeping abreast of technological and maintain an excellent understanding of the use of technology in delivering business objectives.

14. Research of the marketplace and constant awareness of industry trends and innovation using information to inform the Cyber security strategy of the NHSBSA and as input to design activities.

15. When required conduct forensically sound acquisitions of computer systems and associated media to accumulate evidence in the area of forensic computer science. This will require occasional periods of intense concentration to ensure any evidence collected can be used in a court of law.

16. Provide appropriate advice and guidance in penetration testing and improving the service offering.

17. Carry out reviews, internal audits and spot-checks to ensure the effective operation of (but not limited to): IDS/IPS, vulnerability and patch management, Email and Web Filtering, anti-malware, and hardening of operating systems and applications.

18. Provide expertise in the design and implementation of Specialist Security technologies and cloud technology systems such as, Azure, AWS, Oracle as well as physical device operating systems and the use of ancillary tooling for o/s management.

19. Fully engage and contribute to delivery of projects, change and continuous improvements by providing specialist information security advice.

20. Participating in procurement processes for hardware and software. Reviewing functional requirements and providing non-functional requirements to ensure the overall needs of the business are met from an ICT perspective.

In addition to the above accountabilities, as post holder you are expected to1. Undertake additional duties and responsibilities in line with the purpose of your role and as agreed by your line manager.2. Demonstrate NHSBSA values and core capabilities in all aspects of your work.3. Encourage an environment where your own and colleagues safety and well-being is promoted.4. Contribute to a culture which values diversity and inclusion.5. Follow NHSBSA policies, procedures, and protocols as they apply to your role.

Person Specification

Personal Qualities, Knowledge and Skills

• 1.Recent and demonstrable team and line management experience
• 2.Engaging and building relationships with a range of stakeholders to support delivery of business outcomes.
• 3.Developing, implementing, and maintaining effective control monitoring activities, ensuring compliance with Information Security Standards ISO27001, NHS DSPT, NCSC CAF
• 4.Experience of managing security technologies including; firewalls, anti-malware, IDS/IPS, web filtering, email filtering, SIEM, patch management, MDM, DLP
• 5.Designing and recommending appropriate controls to enable the achievement of Cyber security and wider business goals.

• 1.Evaluation of threat intelligence data from multiple sources to inform decision making.

Experience

• 1.Proven team leader and motivator with a demonstrable track record of the Management and development of security operation teams
• 2.Leading and managing staff to deliver organisational goals and objectives
• 3.Engaging and building relationships with a range of stakeholders to support delivery of business outcomes.
• 4.Experience & Demonstratable knowledge of Information Security practices such as ISO27001, DSPT.CAF, ITHC, Monitoring and auditing.
• 5.The production of ICT security reports/MI for relevant parties
• 6.Experience in security due diligence and security assurance reviews of 3rd party suppliers.
• 7.Hands on experience with the design of ICT security mitigation measures to meet Information Security work-based assessments.

• 1.Cloud Security & monitoring
• 2.Development of a security architecture design
• 3.Risk assessment and balancing security risks with business requirements.

Qualifications

• 1.A degree level qualification or equivalent experience in Cyber Security.
• 2.A Professional Certification or qualification in Information Security (CISA, CISMP, CISM, CISSP, CRISC) or other relevant professional IT security qualification.

• 1.IT Security Officer / IA Technical Architect at CCP associate or practitioner level. With the capability to enable effective IT security across a wide portfolio of ICT

Employer details

Employer name

NHS Business Services Authority

Address

Stella House

Goldcrest Way

Newcastle upon Tyne

NE15 8NY

Employer's website

https://careers.nhsbsa.nhs.uk/