Senior Security Analyst - SIEM Engineering

Cyber Operations' purpose is to support safe care and build public trust by building NHS England’s cyber resilience and enabling the wider health system to be cyber resilient, as well as supporting the Transformation Directorate’s purpose of delivering the best care and outcomes for the NHS.

An extraordinary health and care service deserves exceptional talent to support its delivery.

The Cyber Operations sub-directorate consists of 4 operational areas:

• Cyber Security Operations Unit (CSOU).
• Cyber Delivery Unit (CDU).
• Cyber Improvement.
• Chief Information Security Office Function (CISO).

The CSOC, part of the CSOU, function provides centralised monitoring and response across NHS England and the system. The CSOC consists of Threat Operations (ThreatOps), Security Operations (SecOps), Incident Management & response, Service Operations (ServiceOps) and Engineering.

To support our strategy to improve NHS England’s cyber resilience, we are recruiting for a Senior Security Analyst specialising in SIEM Engineering.

As we continue to grow and expand our services, it’s a great time to join NHS England and be part of the journey. The security landscape is constantly evolving, and this is your opportunity to think creatively and positively contribute towards improving the security resilience of health and care organisations across England.

Why work for us?

We value the different experiences our people bring to their work at NHS England. We're working to create an environment where everyone can make a full contribution no matter their background, identity, or circumstances.  Which means, we encourage applications from people of all backgrounds and abilities.  

Some of your responsibilities will include:

• Deploying feeds from data sources into the NHS England’s SIEM tool and ensuring compliance with the SIEM’s data modelling, both for newly developed services and for existing services being updated.
• Working closely with the Cyber Monitoring teams to manage the SIEM environment, enhance the SIEM capabilities, build alerting rules and conduct tuning activities for new and existing feeds deployed in the SIEM tool.
• Collaborating and conducting knowledge transfer activities with associated architects, engineers and subject matter experts.
• Providing clear and accurate SIEM status reporting for technical and non-technical stakeholders.
• Mentor and coach junior staff within the Cyber Security Operations Centre.

Important: Please be aware there are residency requirements you need to meet:

• All NHS Digital/England Cyber Security personnel must hold security clearance SC level as a minimum. To meet National Security Vetting requirements, you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role - will still be considered. More information on SC clearance can be found here.

Please make sure you meet these requirements before applying for this role. You don’t need to have SC already, however, failure to achieve the requirements for SC after offer, will result in the job offer being withdrawn. 

• a role as part of a dynamic team using data and digital technology to transform health and care
• a range of opportunities to build your experience in an environment where your
  work has a direct and positive impact
• a real commitment to your personal and professional development with access
  to a broad range of learning opportunities

We are a great place to work. What we do matters.

From April 2023, NHS England, Health Education England and NHS Digital became one single organisation, putting workforce, data, digital and technology at the heart of our plans to transform the NHS.  Our mission, to use data and technology to improve lives remains and we are currently recruiting critical, priority roles. Successful applicants should be aware that roles may be subject to change in the new organisation.

NHS England leads the NHS in England to deliver high quality care for all. We support NHS organisations to deliver better outcomes for our patients and communities, work to get the best possible value for taxpayers, and drive improvement across the NHS. This includes improving the health of the population and the quality of care, tackling inequalities, and delivering care more efficiently. 
 
Our outstanding teams are passionate about technology and public service, making use of everyone’s skills to improve people’s lives.

We collaborate to deliver world class tech and intelligence, so come and join us. We are committed to sustainability, diversity and inclusion; our people are at the heart of what we do.

To find out more about the type of work we do, please take a look at our website.

Interviews will take place from the 16th May via MS Teams. 

To view further information please see the attached role profile.

If you require a reasonable adjustment or support with your application, please contact [email protected] 

This post is not exempt from the Rehabilitation of Offenders Act 1974. We only ask applicants to disclose convictions which are not yet spent / unspent under the Rehabilitation of Offenders Act 1974. Following an offer of employment, we will carry out a Basic Disclosure and Barring Service (DBS) check as part of the pre-employment check process.