Job overview
The Cyber Security Engineer will play an important role in protecting the digital infrastructure and information assets of Pennine Care NHS Foundation Trust. The post holder will be responsible for the technical operation and continual improvement of cyber security controls, taking a proactive approach to cyber defence and supporting the ongoing maturity of the Trust’s security posture.
The role will involve monitoring, detecting, and responding to cyber security threats and vulnerabilities using a range of security tools, including endpoint protection, vulnerability management, threat prevention services, and network security controls. The Cyber Security Engineer will also analyse security data and contribute clear, meaningful reporting and recommendations to both technical and non-technical stakeholders.
The post holder will work closely with internal teams and third-party suppliers to ensure systems and services meet agreed security standards, while supporting risk management, audit activities, and compliance with NHS cyber security guidance. Ongoing professional development is essential, with the role requiring continued learning to remain effective against an evolving cyber threat landscape.
Main duties of the job
Provide expert cyber security advice on phishing, computer security and cyber-crime. Prioritise and triage tickets and alerts from national and local systems, escalating by severity.
Ensure compliance with frameworks including DSPT, Cyber Assurance, CareCERT, Cyber Essentials and NIS Regulations. Support completion of the Data Security and Protection Toolkit.
Lead penetration testing, vulnerability management and cyber risk assessments, developing mitigation strategies through analysis of complex and sensitive information.
Investigate security incidents using technical logs, threat intelligence, MITRE frameworks and known TTPs. Deliver incident response, recovery and reporting (e.g., ICO/NHS CSOC), ensuring lessons learned.
Deploy, maintain and troubleshoot systems including O365, SharePoint, email, security tools and platforms. Maintain anti-virus and ensure secure patching across infrastructure.
Develop and maintain SOPs, support control selection, risk assessments and gap analysis, contributing to a proactive, cost-effective and resilient service.
Provide training, supervision and specialist technical guidance. Support Digital Services with configuration and operational security.
Contribute to policy development (Data Security, Acceptable Use), interpret legislation and best practice, ensuring compliance with NHS Digital standards.
Manage competing priorities to meet deadlines and stay current on emerging threats, vulnerabilities and threat actors.
Working for our organisation
We are proud to provide high quality mental health and learning disability services, both inpatient and in the community across five boroughs of Greater Manchester - Bury, Oldham, Rochdale, Stockport and Tameside and Glossop.
Our vision is for a happier and more hopeful life for everyone in our communities and our staff work hard to deliver the very best care for the people who use our services. We’re really proud of our #PennineCarePeople and do everything we can to make sure we’re a great place to work.
All individuals regardless of race, age, disability, ethnicity, nationality, gender, gender reassignment, sexual orientation, religion or belief, marriage and civil partnership are encouraged to apply for this post. We would also encourage applications from individuals with a lived experience of mental illness, either individually or as a carer.
If you come and work for us we will offer a range of benefits and opportunities, including:
* Generous annual leave entitlement for Agenda for Change and Medical and Dental staff.
* Flexible working opportunities to support your work/life balance
* Access to Continued Professional Development
* Involvement in improvement and research activities
* Health and Wellbeing activities and access to an excellent staff wellbeing service
* Access to staff discounts across retail, leisure and travel
Detailed job description and main responsibilities
For the Detailed job description and main responsibilities, please see attached Job Description and Person Specification.
Person specification
Education / Qualifications
Essential criteria
* Degree level qualification relevant for the role or demonstrable equivalent level of experience.
* Specialist knowledge acquired through post graduate diploma level or equivalent experience.
Experience
Essential criteria
* Previous experience of working in the cyber security field.
* Previous experience of working to KPI’s/KRI’s.
Desirable criteria
* Previous experience of working in digital in the NHS or a healthcare setting.
Knowledge
Essential criteria
* Knowledge of digital best practice, information security and information governance.
* Working knowledge of control / assurance frameworks.
* Understanding of security categorisations, Digital Assessment Technology Criteria and DPIAs.
Skills & Abilities
Essential criteria
* Proven ability for attention to detail.
* Advanced keyboard skills and the ability to maintain systems.
* Able to use own judgement to work within broad processes and policies.
* Able to effectively evaluate multiple options to aid decision making.
* Able to compile a legal register
* Able to build relationships with ease, gaining trust and maintaining confidentiality.
* Excellent communication skills in order to convey technical digital / cyber issues to a non-technical digital / cyber audience.
* Work effectively as part of a team and manage others.
📝 Application support - We recommend tailoring your application to each role you apply for, particularly your supporting information. This gives you the best chance of success. Your supporting information should clearly explain, with examples, how your skills and experience meet the essential and desirable criteria for the role.
We are aware of the increase in AI being used for job applications. AI can be a useful tool to assist in writing your application, but these tools may not understand the context or requirements of the job you are applying for and using for all your application will not be a true reflection of your skills and experience. Relying on AI for your whole application can negatively impact on your chances of success throughout the recruitment process as you will be asked to provide evidence to support what you have written. Take the time to proofread your application to ensure you can evidence what you have submitted, whether this is by your experience or certificates
We also offer virtual application support sessions each month, where you will learn some hints and tips to support you in completing your application form. To secure your place, and to find out more visit the on our website.
🌍 Sponsorship Information - We are an approved sponsoring organisation. Applications will be considered from applicants requiring sponsorship alongside all other applications. Please be aware, not all roles are eligible for sponsorship. You can review the list of eligible role and requirements on the
📬 After You Apply - Once your application is submitted, you’ll receive updates via email. Shortlisting is based on how well you meet the criteria outlined in the person specification. Only shortlisted candidates will be invited to interview, and invitations will be sent by email.
✅ If You're Offered the Role - If successful, the hiring manager will contact you directly with a verbal offer. They will then notify the Recruitment Team and submit the necessary paperwork. You’ll receive a formal conditional offer via email
🔍 Pre-Employment Checks - To confirm your suitability for the role, we will carry out pre-employment checks in line with. These include:
* Identity verification
* Right to work check
* Disclosure and barring service (DBS)/Criminal record check (dependent on role)
* Professional registration and/or qualification check
* Occupational health assessment
* Employment history and reference validation
All applicants external to Pennine Care NHS Foundation Trust will be required to provide their to cover the most recent three years employment. This information will used to validate employment history and references.
If you require sponsorship, we will assess your eligibility based on current If the role is not eligible and you cannot demonstrate your right to work, your conditional offer may be withdrawn.
🚀 Once Checks Are Complete -
The Recruitment Team will coordinate with you and the hiring manager to confirm a start date. You’ll be booked onto a Trust Welcome Session and receive your Pennine Care NHS Terms and Conditions.
📣 Additional Information -
We are committed to equality, diversity, and inclusion (EDI), and we strive to ensure our workforce reflects the communities we serve. We actively encourage applications from individuals of diverse backgrounds to help us grow, innovate, and improve.
If you wish to be considered under the Disability Confident Scheme, you will be guaranteed an interview if you meet the essential criteria for the role.
If you need reasonable adjustments during the recruitment process, please contact us on 0161 716 3181 as early as possible so we can support you.
Please note:
* We do not accept unsolicited contact from recruitment agencies. Hiring managers should not be contacted directly.
* We may close this vacancy early if we receive a high volume of applications. If you have a disability or long‑term health condition and need extra time or adjustments to complete your application, please contact us as soon as possible. We will ensure you are not disadvantaged where a reasonable adjustment is appropriate.