At a Glance
- Tasks: Conduct security assessments and provide cyber security guidance to ensure NHS systems are secure.
- Company: Join NHS England's Chief Information Security Office and make a difference in healthcare.
- Benefits: Competitive salary, additional RRP payment, and opportunities for professional growth.
- Other info: Dynamic role with a chance to shape the future of NHS digital security.
- Why this job: Help improve cyber resilience in the NHS and protect patient data.
- Qualifications: Experience in cybersecurity risk management and relevant certifications like CISSP.
The predicted salary is between 66828 - 75218 £ per year.
Overview
NHS England\'s Chief Information Security Office (CISO) Function aims to enable safe care and build public trust by strengthening the cyber resilience of the NHS. The CISO supports the Transformation Directorate\'s goal of delivering the best care and outcomes for patients and enables faster, safer digital transformation of the NHS.
As part of the CISO Function, the Senior Cyber Security Advisor sits in the Secure Consulting Team, which provides specialist cyber security consultancy services to NHS England\'s Critical National Infrastructure and major national services, ensuring these services and digital programmes are Secure by Design. Senior Cyber Security Advisors ensure NHS England\'s systems operate from a cyber-resilient architecture, providing detailed cyber guidance to programme delivery teams, including architecture, software engineering and infrastructure, and supporting the management of cyber risk.
This is an exciting opportunity to help deliver cyber-resilient systems for the NHS. You will be supported and trusted to use your skills, knowledge and experience to make a real impact on improving people’s lives.
The role has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions. The role attracts an additional monthly RRP payment equal to 20% per annum. Please note that the RRP is non-contractual and subject to review.
Main duties of the job
As a Senior Cyber Security Advisor, you will:
- Conduct security assessments and threat modelling, articulate cyber risk and recommend mitigating controls to ensure systems are designed securely.
- Provide specialist cyber security guidance aligned to NHSE security policy and industry best practice, covering the main technology pillars, including Cloud (hybrid), IAM, software and infrastructure engineering.
- Proactively interact with delivery and service teams to gather information, provide guidance to resolve security issues and make recommendations to technical and non-technical stakeholders.
- Embed security culture within assigned programmes, enabling teams to build systems securely from the ground up.
- Define project-level strategies, addressing technology-related controls, risks and issues.
- Support programmes and projects in the delivery of secure systems.
- Conduct risk assessments within assigned programmes to determine potential impact and recommend mitigation strategies.
This is a critical role ensuring NHS England\'s security measures align with government and industry standards, and that appropriate measures are in place to mitigate cyber security risks. The security landscape is evolving, and this is an opportunity to contribute to improving the security resilience of NHS Services across England.
About us
Our work supports the NHS to deliver high-quality services for patients and best value for taxpayers. Our staff bring expertise across clinical, operational, commissioning, technology, data science, cyber security, software engineering, education and commercial specialisms, enabling us to design and deliver high-quality NHS services.
We lead the NHS in England by:
- Enabling local systems and providers to improve health outcomes and reduce health inequalities
- Making the NHS a great place to work where people can make a difference
- Ensuring the healthcare workforce has the right knowledge, skills, values and behaviours to deliver accessible, compassionate care
- Optimising the use of digital technology, research and innovation
Note: Earlier this year, Government announced that NHS England will gradually merge with the Department of Health and Social Care, leading to full integration aimed at creating a smaller, more strategic centre.
Job responsibilities
Please see the attached Job Description and Person Specification for more information about the role and responsibilities. Your supporting statement should provide demonstrable evidence and specific examples on how you meet the criteria for each of the key skills; this will be used in shortlisting and interview processes.
Important: Residency requirements apply. All NHS England Cyber Security personnel must meet National Security Vetting (NSV) requirements. SC clearances require 5 years continuous UK residency; in some cases this can be reduced to three years with additional overseas checks for the previous two years. This role may require secondary checks for overseas postings. If you do not meet these requirements, please do not apply. Further guidance is available at the UK government NSV page.
Successful candidates will be hired to the job title of Senior Security Advisor, which is advertised to attract the right skills for the role.
Applicants from within the NHS will be offered on a secondment basis only; agreement should be obtained from their employer prior to submitting the application. The fixed-term nature of this contract is for a short-term vacancy.
If you think you have the skills and experience we need, apply today. We occasionally close posts early due to high application volumes.
Person Specification
Knowledge
- Working knowledge of cybersecurity risk management tools, techniques, approaches and processes; ability to support secure organisational network operation and minimise cyber risks
- Extensive knowledge of providing technical or business guidance to clients (internal and external) and applying this knowledge to diverse situations
- Demonstrable knowledge of securing cloud and infrastructure environments in complex hybrid environments using Azure and AWS
Skills and Experience
- Proven ability to deploy and monitor information security systems, detect, resolve and prevent IT security violations to protect organisational data
- Proven ability to detect, monitor, analyse and prevent digital threats
Qualifications
- Certified Information Systems Security Professional (CISSP) or equivalent
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act 1975 and requires a Disclosure to be made to the DBS to check for any previous convictions.
Salary: £66,828 to £75,218 a year, includes an RRP payment of 20%.
Senior Cyber Security Advisor in Exeter employer: NHS England
NHS England is an exceptional employer, dedicated to fostering a supportive and innovative work culture that empowers employees to make a meaningful impact on public health. As a Senior Cyber Security Advisor, you will benefit from competitive remuneration, including a 20% Recruitment and Retention Premia, and have access to extensive professional development opportunities within a collaborative environment focused on enhancing the cyber resilience of the NHS. Join us in making a difference while enjoying the unique advantages of working within a vital national service committed to improving healthcare outcomes across England.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cyber Security Advisor in Exeter
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including NHS England, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through NHS England
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at NHS England. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Senior Cyber Security Advisor in Exeter
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at NHS England insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to NHS England that you’re committed to staying ahead in the game.
How to prepare for a job interview at NHS England
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at NHS England to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at NHS England.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
