The Cyber Security Analyst plays a critical role in safeguarding the Trust's digital infrastructure, clinical systems, and sensitive patient data against cyber threats. Working within the Digital Services team, the post holder will be responsible for monitoring security events, identifying vulnerabilities, responding to incidents, and ensuring compliance with relevant data protection and cybersecurity standards. This role is essential to maintaining the operational integrity of clinical and administrative systems, directly supporting the continuity of patient care and protecting the Trust from reputational, legal, and financial risks arising from cyber incidents.
Main duties of the job
The Cyber Security Analyst will be responsible for proactively monitoring and analysing network traffic, system logs, and security alerts to detect and respond to potential threats in real time. They will conduct regular vulnerability assessments, coordinate penetration testing, and support the implementation of technical controls to protect critical systems. The post holder will manage incident response activities, investigate security breaches, and produce detailed reports and recommendations. They will also play a key role in ensuring compliance with NHS Digital standards, the Data Security and Protection Toolkit (DSPT), and other regulatory requirements. Collaboration with clinical and non-clinical teams will be essential to raise awareness, deliver training, and support secure digital practices across the Trust.
About us
Based in the North East of England we provide a range of hospital and community health services from our leading facilities, including the Queen Elizabeth Hospital, Blaydon urgent care centre and Bensham Hospital, all within Gateshead.
Established in 2005, we were one of the first foundation trusts in the country and since then have consistently achieved the highest levels of care for patients.
We now employ around 4,800 staff and currently provide 444 hospital beds across the Gateshead region.
Our values should be the 'golden thread' which runs through everything we do - they are the core of who we are. Our five values can easily be remembered by the simple acronymICORE; Innovation, Care, Openness, Respect, Engagement.
We have a number of staff networks including the BAME network, D-Ability network, LGBTQ+ Network and the Women's Network, to challenge us and help us to constantly improve. Our armed forces network is one of our emerging networks.
The health and wellbeing of our staff is one of our highest priorities, and we offer a range of support and initiatives as part of our 'Balance' programme balancegateshead.com to cater for our diverse workforce, so that your individual needs can be supported.
Job responsibilities
Main Responsibilities:
Threat Monitoring and Response:
Monitor security systems and tools to detect and investigate suspicious activity.
Respond to security incidents, including malware outbreaks, phishing attacks, and attempted breaches, following Trust incident response protocols.
Vulnerability Management:
Conduct regular vulnerability scans and risk assessments across the Trusts IT infrastructure.
Work with infrastructure and application teams to remediate identified vulnerabilities and ensure timely patch management.
Security Operations:
Maintain and improve the Trusts security monitoring tools, configurations, and automated alerting systems.
Assist in the development and enforcement of IT security policies, procedures, and standards.
Compliance and Governance:
Support compliance with the Data Security and Protection Toolkit (DSPT), Cyber Essentials, and NHS Digital requirements.
Assist with audits and evidence gathering for internal and external reviews.
Awareness and Training:
Support the delivery of cybersecurity awareness campaigns and user training across the Trust.
Provide guidance to staff on best practices for data security, secure password use, phishing prevention, and secure handling of sensitive information.
Documentation and Reporting:
Maintain accurate documentation of incidents, configurations, and response actions.
Produce regular security performance reports and risk assessments for senior management.
Collaboration and Support:
Work collaboratively with clinical and non-clinical teams to assess system security requirements for new digital services or changes.
Provide expert advice on secure system design and configuration during IT project delivery.
Person Specification
Experience
* Experience working in an IT support, desktop support, or technical environment
* Experience using endpoint protection platforms (e.g. antivirus, EDR tools)
* High knowledge and proficiency in SCCM include being able to create and deploy packages and task sequences
* Awareness of NHS Digital's Data Security and Protection Toolkit (DSPT) or ISO 27001
* Basic working knowledge of AD and group policy management
Skills
* Effective communication with all levels of users.
* Strong analytical and problem solving skills
Knowledge
* Knowledge of PC hardware and operating systems, including installation, support and troubleshooting.
* Familiarity with NHS.
Qualifications
* Educated to A-level or equivalent in IT relevant subject
* Foundation-level certification in cyber security or IT
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
#J-18808-Ljbffr