Overview
We are seeking a highly skilled and motivated Information Security Analyst to join our Digital Data & Technology (DDaT) team. This is a pivotal role supporting the Chief Information Security Officer (CISO) in delivering cyber security services across the Trust and wider health and care system.
The role will support the CISO in delivering digital safety, security and overall improvement, adhering to the Target Operating Model. The Information Security Analyst will manage the delivery of all cyber security related services, including cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber related assertions, policy and procedure lifecycle management, and ensuring the Trust's information compliance adheres to the Cyber Assurance Framework (CAF) and ISO27001.
Responsibilities
* Provide expert guidance on the selection, design, justification, implementation and operation of Cyber Security strategies, technologies, processes, procedures and standards.
* Support the development of controls and management approaches to maintain the safety, confidentiality, integrity, availability and security of the Trust's digital infrastructure and systems; including the protection of Trust and patient data and information stored and processed by infrastructure or systems managed by, or under the control of the Trust.
* Ensure technology, infrastructure, systems and supporting processes possess adequate and cost-effective protection against cyber threats and identified CyberSecurity risks.
* Provide expert advice on, and management of, the Trust's defence against cyber threats, data breaches and Cyber Security technologies.
* Develop and maintain controls and management approaches to protect Trust information and patient data stored and processed by infrastructure or systems managed by, or under the control of the Trust.
* Support the delivery of cyber, resilience and information security strategies in line with relevant standards and policies.
* Act as the Trust's advisor on cyber security protection, detection, response and recovery.
* Analyse complex data and oversee the production of detailed information for stakeholders.
* Work with Emergency Preparedness, Resilience and Response teams to ensure cyber security considerations are included in planning and response activities.
* Evaluate options and persuade stakeholders to address risks related to cyber, resilience and information integrity and security.
* Develop business cases and propose funding allocations based on risk intelligence and benefit analysis.
* Develop and implement cyber, resilience and information integrity and security strategies with partner endorsement.
* Ensure local information and cyber security strategies align with the national Plan and support disaster recovery and business continuity planning.
* Adherence to Professional Standards (e.g., PRINCE II and ITIL) and continual upskilling through formal training and self-directed learning.
* Collaborate with the Trust Improvement Programme Board to drive technology-based change and deliver training across staff.
Qualifications
Essential
* ITIL v3 Service Management Qualification
* Educated to degree level or equivalent
* Formal certification (ISACA: CISM, CISSP, or CRISC) and/or formal training in information security standards and best practice (e.g., ISO 27001/2, COBIT), or equivalent work experience
* Extensive experience of developing and delivering an Information Security service to a large complex organisation using confidential and/or sensitive information
Desirable
* IT experience gained in both Acute and Community settings
Other Considerations
Disclosure and Barring Service Check: This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and a DBS disclosure may be required.
Employer details
Royal Berkshire NHS Foundation Trust
Address: Royal Berkshire Hospital, Princes House, London Road, Reading, RG1 5UZ
Employer's website: https://www.royalberkshire.nhs.uk/
#J-18808-Ljbffr