Cyber Operations' purpose is to support safe care and build public trust by building NHS England’s cyber resilience and enabling the wider health system to be cyber resilient, as well as supporting the Transformation Directorate’s purpose of delivering the best care and outcomes for the NHS.
An extraordinary health and care service deserves exceptional talent to support its delivery.
The Cyber Operations sub-directorate consists of 4 operational areas:
- Cyber Security Operations Unit (CSOU).
- Cyber Delivery Unit (CDU).
- Cyber Improvement.
- Chief Information Security Office Function (CISO).
The CSOC, part of the CSOU, function provides centralised monitoring and response across NHS England and the system. The CSOC consists of Threat Operations (ThreatOps), Security Operations (SecOps), Incident Management & response, Service Operations (ServiceOps) and Engineering.
To support our strategy to improve NHS England’s cyber resilience, we are recruiting for a Senior Security Analyst specialising in SIEM Engineering.
As we continue to grow and expand our services, it’s a great time to join NHS England and be part of the journey. The security landscape is constantly evolving, and this is your opportunity to think creatively and positively contribute towards improving the security resilience of health and care organisations across England.
Why work for us?
We value the different experiences our people bring to their work at NHS England. We're working to create an environment where everyone can make a full contribution no matter their background, identity, or circumstances. Which means, we encourage applications from people of all backgrounds and abilities.
Some of your responsibilities will include:
- Deploying feeds from data sources into the NHS England’s SIEM tool and ensuring compliance with the SIEM’s data modelling, both for newly developed services and for existing services being updated.
- Working closely with the Cyber Monitoring teams to manage the SIEM environment, enhance the SIEM capabilities, build alerting rules and conduct tuning activities for new and existing feeds deployed in the SIEM tool.
- Collaborating and conducting knowledge transfer activities with associated architects, engineers and subject matter experts.
- Providing clear and accurate SIEM status reporting for technical and non-technical stakeholders.
- Mentor and coach junior staff within the Cyber Security Operations Centre.
Important: Please be aware there are residency requirements you need to meet:
- All NHS Digital/England Cyber Security personnel must hold security clearance SC level as a minimum. To meet National Security Vetting requirements, you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role - will still be considered. More information on SC clearance can be found here.
Please make sure you meet these requirements before applying for this role. You don’t need to have SC already, however, failure to achieve the requirements for SC after offer, will result in the job offer being withdrawn.