Job Advert
This is a new role in the Digital and Security (DaS) Cyber Security team and an opportunity for you to impact the secure design of major NHS Scotland IT systems, directly influencing long term improvements in the delivery of patient care.
The Senior Cyber Security Architect is a highly visible, strategic consulting role responsible for leading the security aspects of design and implementation of national information systems. This role will engage with major IT and digital transformation projects to embed modern security good practice and underpin technology innovation in NHS Scotland.
This is an exciting time to join DaS as we continue to invest in building a national team, a Cyber Security Operations Centre (CSOC) and improving the cyber resilience of our national services.
In this role you will:
• Lead security design workshops and carry out cyber risk assessments, in collaboration with multi-stakeholder project teams and over several year programs, to deliver secure designs for new IT systems
• Advise national procurements and IT programs on good security practice, recommending security control options, solutions and designs to enable innovation and optimise security risk
• Contribute to and help maintain NHS Scotland Cyber Security Strategy
• Establish stand-alone cyber security improvement programs to build up good practice on our IT infrastructure (networks, endpoints, etc.) aligned to NSS and NHS Scotland digital strategy
• Work with the NHS Scotland Cyber Security Operations Centre (CSOC) to ensure that new systems are on-boarded to national security solutions (such as SIEM, ATP, etc.) and assisting investigations
• Write national standards and guidance for use in all health boards, particularly regarding the secure design, adoption and implementation of IT systems
• Engage and work with our key partners, in particular NHS Digital and Scottish Local Authorities, to understand and align our risk appetites and security practices to underpin new ways of working
• Work with our security authorities such as NCSC and Scottish Government to identify and implement new security advice and services, such as the NCSC Active Cyber Defence (ACD) services, within NHS Scotland
You will be a technology specialist who is either a cyber-security practitioner or who has worked in security roles (such as enterprise administrator) and is passionate and driven to learn about new technology, cyber risk and how to implement secure information systems.
You will have experience in delivering large IT projects – all technical, architecture, design and cyber security experience is relevant.
You will have leadership and influencer qualities – the ability to explain complex technical and security concepts to senior stakeholders, and help project owners understand options and decide the best way forward, will be essential.
You will be degree educated in a technical discipline and you will likely hold technical or security qualifications such as:
• Technical/architecture – supplier certification in various technology such as Cisco, Microsoft, Amazon, Checkpoint, Juniper, Fortinet, etc. Architecture knowledge or training such as TOGAF, Zachman framework or Open CA
• Security – experience or qualifications in information or cyber security such as information security manager, information security officer, CISSP, CISM, ISO27001 implementer or auditor, CEH, Incident Handler, etc.
Our benefits package includes pension scheme, comprehensive range of work life balance policies, occupational health services, learning resource centres and discounted leisure, financial and shopping benefits.
For an informal discussion on the post, please contact Colin Howarth, Head of Information Security, at colin.howarth@nhs.net or on 07968 982776. Further information on NSS is available from: www.nhsnss.org
Closing date for completed applications is 5 June 2020.
Please note that the majority of correspondence is sent by e-mail only, so please check your e-mail regularly (including junk folders).
NHS National Services Scotland is an equal opportunities employer and as committed participant in the disability confident scheme, guarantees to interview all disabled applicants who meet the minimum criteria for our vacancies