At the Royal Berkshire NHS Foundation Trust we put our patients at the heart of every element of health and care that we provide. The Trust works together as a community to deliver its vision which is \"Working together to provide outstanding care for our community.\" Royal Berkshire Hospital have been rated 'Good' by CQC and have improved their overall rating to 'good'. We value candidates who bring their unique personalities, skills and experiences to the Trust. We encourage applicants to highlight individual achievements and strengths, showing how they align with the requirements outlined in the job description and person specification.
Role Overview
The role will support the CISO in delivering digital safety, security and overall improvement, adhering to the Target Operating Model. The Information Security Analyst will manage the delivery of all cyber security related services and provide expert guidance on the selection, design, justification, implementation and operation of Cyber Security strategies, technologies, processes, procedures and standards.
Responsibilities
* Support the CISO in developing, implementing and monitoring a strategic, comprehensive cyber, enterprise information security, resilience, information governance and IT risk management strategy and plan.
* Provide expert cyber security advice to senior stakeholders and technical teams across the organisation.
* Work directly with key stakeholders to facilitate risk assessment and risk management processes.
* Collaborate with all departments within the Trust (and ITS) where necessary to identify and disseminate high‑quality information that facilitates effective cyber and information security management and improvement.
* Use advanced analytic tools (artificial intelligence) to determine emerging threat patterns and vulnerabilities. Scope and deliver penetration tests and ensure actions from vulnerability assessments are resolved.
* Lead on audit and audit preparation relating to IT security.
* Maintain compliance with various standards in place e.g. Data Security and Protection Toolkit, CareCERT, Cyber Essentials+, Network and Information Systems Regulations etc.
* Act as the Trust’s advisor on cyber security protection, detection, response and recovery.
* Analyse complex data and oversee the production of detailed information.
* Work closely with the Emergency Preparedness, Resilience and Response teams to ensure that preparations include events relating to cyber security.
* Evaluate options and be able to persuade and influence others to ensure that risks in relation to cyber, resilience and information integrity and security are addressed appropriately.
* Develop business cases and propose funding allocations based around intelligence on the areas of greatest risk and benefit.
* Develop and implement a cyber, resilience and information integrity and security strategy, ensuring all partners endorse the strategy.
* Ensure that all local information and cyber security strategies and activities align with the national Plan.
* Assist with the development of disaster recovery and business continuity strategies for Trust digital services, wider stakeholders and partner organisations.
Professional Standards
* All activities will be conducted within the context of professional standards, including, but not limited to, PRINCE II and ITIL.
Business Change and Transformation
* Work closely and collaboratively with the Trust Improvement Programme Board to ensure synergy for business transformation.
* Ensure the teams with area of responsibility develop their knowledge and ability to drive successful technology‑based change management and to deliver successful training across a wide range of staff within the Trust.
Training and Certifications
* ITIL v3 Service Management Qualification.
* Educated to degree level or equivalent.
* Formal certification (ISACA: Certified Information Security Manager (CISM), CISSP, or CRISC) and/or formal training in information security standards and best practice (e.g. ISO 27001/2, COBIT) or equivalent work experience.
* Extensive experience developing and delivering an Information Security service to a large complex organisation using confidential and/or sensitive information.
* This post requires continual upgrading of skills to reflect rapid changes in technology, the Trust’s environment and the needs of the Trust. This is achieved through formal training, informal skills transfer and self‑tuition.
Desirable Criteria
* IT experience gained in both acute and community settings.
Disclosure and Barring
The postholder will have access to vulnerable people in the course of their normal duties and is therefore subject to the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975 (Amendment) (England and Wales) Order 2020. A Disclosure and Barring Service (DBS) check will be required. Applications will be considered from applicants requiring sponsorship alongside all other applications.
Staff Benefits
* Flexible working opportunities and a strong emphasis on your work, life balance.
* Annual leave – 27 days for new starters, plus bank holidays. Increasing to 29 days after 5 years and 33 days after 10 years NHS service. Pro rata for part‑time staff.
* NHS pension scheme.
* Employee Assistance Programme.
* Money Advice Service.
* Generous maternity, paternity and adoption leave for eligible staff.
* On‑site nursery (based at RBH).
* Full educational library services.
* Cycle to work scheme, lockable storage for cycles.
* Bus to work scheme.
* Excellent rail and bus links.
* A huge range of Health Service discounts at hundreds of big brands from holidays to gadgets and restaurants to retail.
#J-18808-Ljbffr