Employer: NHS Business Services Authority
Location: Newcastle upon Tyne, Tyne and Wear, United Kingdom
Job Type: Full-time
Salary: £46,148 – £52,809 per year
Visa Sponsorship: Available
Closing Date: 26 February 2025
Job Summary
The NHS Business Services Authority (NHSBSA) is seeking a Cyber Security Team Leader to join its Digital, Data, and Technology (DDAT) team. This is a leadership role that involves ensuring the security of the NHSBSA’s network infrastructure and information systems, supporting modern and secure digital services, and developing a skilled cyber security team.
The successful candidate will be responsible for staff development, performance management, and well-being, while providing expert cyber security advice across various projects and operations. The role follows a hybrid working model, requiring 1-2 days per week in the office in Newcastle.
What We Offer
- 27 days of annual leave (increasing with service) plus 8 bank holidays.
- Flexible working options (including compressed hours and flexi-time).
- Hybrid working model (primarily remote).
- Career development and training opportunities.
- Health and well-being support, diversity, and inclusion networks.
- Excellent NHS pension scheme (23.7% employer contribution).
- NHS car lease scheme.
- Access to high street discounts and benefits.
Main Duties & Responsibilities
Security Operations
- Manage day-to-day security operations and oversee the security team.
- Ensure access control and monitoring on NHSBSA IT systems.
- Monitor and mitigate threats to NHSBSA’s information assets.
- Assess the effectiveness of firewalls, IDS/IPS, and security systems.
- Maintain compliance with ISO27001 standards and National Cyber Security Centre (NCSC) guidelines.
- Conduct forensic acquisitions of computer systems and media for investigations.
- Support the ICT security incident management process, reviewing and responding to security incidents.
- Perform internal audits, spot-checks, and security reviews.
- Provide technical guidance on security solution implementations.
- Assist in the migration of services between suppliers while maintaining security standards.
Knowledge Management
- Maintain up-to-date technical knowledge of cyber security systems and best practices.
- Research emerging cyber threats and industry trends to inform security strategy.
Relationship Management
- Work with internal teams and third parties to ensure adherence to security standards.
- Provide expert advice on security risks and mitigation strategies.
- Support the development of security governance frameworks.
Information Management
- Monitor and report on security KPIs, service levels, and incident response effectiveness.
- Conduct Information Risk Assessments and Cyber Security Assurance Reviews.
- Participate in procurement processes for security-related hardware and software.
People Management
- Lead and develop the cyber security team, ensuring skills development and performance management.
- Conduct appraisals, one-to-one meetings, and staff training.
- Support the recruitment and retention of skilled cyber security professionals.
Person Specification
Personal Qualities, Knowledge & Skills
Essential:
- Experience with ISO27001 compliance and security monitoring.
- Extensive knowledge of firewalls, IDS/IPS, anti-malware, SIEM, patch management, and cloud security.
- Ability to analyze threat intelligence data to inform decision-making.
- Strong understanding of IT risk management and security architectures.
Qualifications
Essential:
- Degree-level qualification or equivalent experience in IT or Cyber Security.
- ICT qualification or recent ICT experience.
- Relevant security certifications such as:
- CompTIA Security+ / Network+ / A+
- CCNA
- ITIL v3 or v4 Foundation
- BTEC HNC in Computing or Security
Desirable:
- Certified Information Security Manager (CISM), CISSP, CISA, or CRISC.
- Project Management Foundation (PRINCE2).
- Cloud Security & monitoring experience.
Experience
Essential:
- Experience in cyber security operations and risk assessment.
- Working with security due diligence and assurance for third-party suppliers.
- Hands-on experience in security solution design and implementation.
Desirable:
- Experience with penetration testing, database security, and forensic analysis.
- Knowledge of NHS Public Services Network (PSN) and NHS N3 security.
Visa Sponsorship & Immigration Requirements
- Skilled Worker sponsorship is available.
- Applicants must provide a criminal record certificate for any country they have lived in for 12 months or more in the past 10 years.
- Adult dependents (18+) are also subject to this requirement.
For further details on UK visa requirements, visit the UK Visas and Immigration website.
To apply, visit the NHS Business Services Authority website.
