Cyber Security Principal Analyst - Incident Handling

Job reference: 01638

Location: Leeds

Closing date: 01/11/2020

Salary: £69,118 (including 30% RRP)

Employment type: Permanent

Hours per week: 37.5

About the role

This is an exciting time to join NHS Digital’s Data Security Centre as we continue to invest in improving the cyber resilience of the products we deliver to front line NHS organisations and develop the expert guidance we are able to provide directly to these organisations on a daily basis.

You can positively contribute to improving the Cyber stance of over 200 NHS Trusts across England. Helping to shape centrally funded Cyber resilience measures developed by NHS Digital’s DSC and encourage their utilisation throughout the estate.

This role is part of a strategic plan to alleviate the cyber threat to systems within the NHS. Read more about why this is more important now than ever here.

The Cyber Security Senior Analyst will work within the CSIRT (Cyber Security Incident Response Team) and act as an Incident Lead to coordinate all incident response activity within the CSOC (Cyber Security Operations Centre).

As a Cyber Security Principal Analyst you will be responsible for the following:

  • Act as a Line Manager for the Incident Handling pillar.

  • Deputise for the CSOC Lead in their absence.

  • Have experience of working with and / or for law enforcement or government departments for intelligence / investigation.

  • Keep up to date with the latest security and technology developments, researching and evaluating emerging cyber security threats along with ways to manage them.

  • Use advanced analytic tools (Windows ATP, Cisco StealthWatch) to understand emerging threat patterns and vulnerabilities.

  • Have solid experience of managing complex investigations / incidents, maintaining accurate logging and maintaining relationships with multiple stake holders. 

  • Generate reports for technical and non-technical stakeholders, creating documentation or detailed reports that provide narrative for complex subjects to board level / senior management.

  • Maintain the CSOC’s Disaster Recovery and Business Continuity plans and for coordinating this activity when enacted.

About you

This role requires significant experience and knowledge in the following areas:

  • Ability to utilise a variety of digital forensic tools for collecting, analysing, and presenting digital-related evidence.

  • In-depth knowledge of technologies, methods and tools of forensics investigations for IT security violations or potential threats.

  • Ability to investigate, troubleshoot, resolve and prevent the recurrence of incidents that interfere with the normal delivery of IT services.

  • Extensive knowledge of the processes, tools and techniques used within information security management. Ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data.

  • Demonstrable knowledge of domestic and international laws governing information security.

  • Masters level degree or equivalent level of experience and industry qualifications such as SANS, CREST, EC-Council.

  • Experience of mentoring and leadership.

  • Evidence of continuous professional development in the Cyber Security field.

  • SC clearance is required for this role.

The salary for this role is £69,118 comprised of a base salary of £53,168 plus a recruitment and retention premium of 30%.

What we offer

In addition to planned, transparent progression you can look forward to the following benefits:

  • Flexible working including part-time hours, job shares, flexible hours and part-remote set ups
  • 27 days annual leave increasing to 33 with service
  • Buy and sell annual leave scheme 
  • Contributory Pension (with a contribution from us equal to 20.6% of your earnings)
  • NHS Discounts including shops, restaurants, gym, mobile phones, and insurance
  • Employee benefit schemes which include our Season Ticket Loan and Car Lease schemes

For more information, visit Working at NHS Digital.

About us
We are the national information and technology partner to the health and care system. Our task is to build and run excellent digital products and services that NHS and care staff across the country can rely on every day.
Find out about the amazing work we do here.

Next steps

Interviews will take place remotely w/c 23rd November 2020. Applicants selected for interview will be contacted by email.

To view further information please see the attached role profile and to apply for the role click ‘Apply for job’ below.

We are unable to accept speculative CVs, all applications must be made through NHS Digital’s career site.

Within your application we are looking for you to demonstrate you have the skills and experience outlined in the role profile.

When uploading your CV, please remove any personal details to allow for your application to be reviewed anonymously.

If you have previously interviewed for this role (or a similar one) with NHS Digital and been unsuccessful, we encourage you to obtain feedback from your initial application to support your future career as we will not accept any further applications for a period of six months.

NHS Digital is undertaking a period of organisational change to ensure we have high calibre people, with the right skills to support us in delivering our business, now and in the future. While we deliver the organisational change required through to April 2021 we have identified that we still need to recruit to critical roles to maintain our delivery roadmap but we need to make you aware that should you be successful you may still be subject to a change initiative in the future. We want to be as transparent so you can build this into your decision-making process when considering at this time whether to apply for a role at NHS Digital.