Overview
The NHS Counter Fraud Authority (NHSCFA) is the national body responsible for all matters relating to the prevention, detection and investigation of economic crime across the NHS. Further information about our work and annual plan for delivering this is available on our website.
An exciting opportunity has arisen to join the NHSCFA Technology team as an Information & Cyber Security Analyst. We are looking for someone with a proven background in Information/Cyber security and a flexible 'can do' attitude to work in the Information & Cyber Security Team who manage and maintain the security of NHSCFA ICT infrastructure and information systems.
You will work to proactively monitor IT systems; identify, manage and resolve security incidents, vulnerabilities, security alerts and threats; potentially perform penetration testing; and contribute to maintaining security certifications, assurances and accreditations.
Potential applicants can contact Simon Clark at simon.clark@nhscfa.gov.uk for an informal chat if they have any questions regarding the role.
Role requires Security Clearance. Interviews will be face to face at Canary Wharf 24th & 25th September. We reserve the right to close this vacancy before the advertised closing date should we receive a significant number of applications.
Responsibilities
* Manage, monitor, and develop NHSCFA cyber security operations and ICT security infrastructure to manage and reduce cyber risk and mitigate cyber threats.
* Actively monitor NHSCFA ICT systems: manage and operate IT security monitoring tools and systems, review IT system alerts, and triage to eliminate false positives.
* Identify threats that have entered the network.
* Evaluate and address system generated and user-reported security incidents: identify affected systems and scope of the incident, analyse running processes and configurations on affected systems, carry out in-depth threat intelligence analysis to identify an attack type, source, entry point, and possible remediation, and implement remediation or escalate incident.
* Support the ICT Security Incident Management Process as a member of the NHSCFA Security Incident Response Team.
* Manage ICT Security service requests and incidents via the NHSCFA Service Desk system.
* Ensure appropriate access control to systems is maintained.
Person Specification
Essential
* Experience of 1st-3rd level technical support of IT infrastructure or security, both in person and remote.
* Demonstrate detailed knowledge of: IT system monitoring (SIEM) and Security Incident Management.
* Demonstrate detailed knowledge of Information Security in several areas, including intrusion detection and prevention systems, vulnerability management, network technology and operations, Windows 10 and Windows Server, SUSE Linux, Microsoft 365, Information Security Management Systems ISO27001, Risk Management Process, and IT system auditing.
* Experience with IT security architectures.
* Demonstrate knowledge in encryption systems and security products (authentication, data loss prevention, SEIM) and firewall/WAF administration.
* Degree in computer science, information technology, or a related field OR equivalent experience in a related field with specialist security certification(s).
* Demonstrate a thorough understanding of the use of remote management tools for supporting a distributed user base.
Desirable
* Knowledge of information security in areas including Windows 10/Server, SUSE Linux, Microsoft 365, ISO27001, Risk Management, Public Services Network (PSN) and NHS N3, database security, and Microsoft Sentinel; experience with security architecture and testing.
* Recognised qualification in area of specialisation: EC-Council Certified SOC Analyst (CSA); EC-Council Certified Ethical Hacker; CompTIA Security+; CompTIA Network+.
About us
We have offices based in Coventry, Newcastle and London and also offer flexible and home-based working. The NHSCFA values and respects the diversity of its employees and aims to recruit a workforce which reflects our diverse communities. We welcome applications irrespective of age, disability, gender, race or ethnicity, religion or belief, sexual orientation, or other personal circumstances. We have policies and procedures in place to ensure fair treatment at every stage of the recruitment process, including consideration of reasonable adjustments for people who have a disability. We accept secondments from the public and private sector; you should have agreement to being released from your current role in principle prior to submitting an application form. When you apply for this role, you will be redirected to our recruitment system TRAC. Please apply without delay as we reserve the right to close vacancies when we have received sufficient applications. The CFA does not hold a sponsor licence in respect of skilled worker visas and so is unable to employ candidates requiring sponsorship.
Details
Date posted: 29 August 2025
Pay scheme: Agenda for change
Band: Band 6
Salary: £38,682 to £46,580 a year
Contract: Permanent
Working pattern: Full-time, Flexible working, Home or remote working
Reference number: 076-CFA7436235
Job locations: 7th Floor, HM Government Hub, 10 South Colonnade Canary Wharf, London, E14 4PU
Employer details
Employer name: NHS Counter Fraud Authority
Employer's website: https://cfa.nhs.uk/
#J-18808-Ljbffr