Job summary
- Main area
- DDaT
- Grade
- NHS AfC: Band 8a
- Contract
- Permanent
- Hours
- Full time - 37.5 hours per week
- Job ref
- 193-7563216COR
- Employer
- Royal Berkshire NHS Foundation Trust
- Employer type
- NHS
- Site
- Royal Berkshire Hospital
- Town
- Reading
- Salary
- £55,690 - £62,682 Per Annum
- Salary period
- Yearly
- Closing
- 14/11/2025 23:59
- Interview date
- 25/11/2025
Employer heading
Information Security Analyst
NHS AfC: Band 8a
At the Royal Berkshire NHS Foundation Trust we put our patients at the heart of every element of health and care that we provide. The Trust works together as a community to deliver its vision which is “Working together to provide outstanding care for our community.”
Royal Berkshire Hospital are pleased to announce that following our CQC inspection we have been rated ‘Good’ with inspectors reporting that we have made significant improvements. The Trust’s overall rating has also improved to ‘good’.
We are Compassionate in our thoughts, words and actions
We are Aspirational and have a true desire to be dynamic and to innovate
We are Resourceful and responsible in the way we work and live
We are Excellent in our development, fairness and sharing best practice
At the Royal Berkshire NHS Foundation Trust, we value candidates who bring their unique personalities, skills, and experiences to the Trust. When completing your application, we encourage you to highlight your individual achievements and strengths, showing us how they align with the requirements outlined in the job description and person specification. While we recognise that some applicants may use AI tools during the process, please be mindful that AI-generated responses can often lack the personal detail and relevance needed to demonstrate your suitability for the role. AI generated content is discouraged by the Trust and may diminish the candidates chances of success.
Amazing things happen at the Royal Berkshire NHS Foundation Trust; delivered by amazing people so why don’t you come and join us. We offer a range of learning and development for all employees may you be clinical or non-clinical.
Job overview
We are seeking a highly skilled and motivated Information Security Analyst to join our Digital Data & Technology (DDaT) team. This is a pivotal role supporting the Chief Information Security Officer (CISO) in delivering cyber security services across the Trust and wider health and care system.
The role will support the CISO in delivering digital safety, security and overall improvement, adhering to the Target Operating Model. The Information Security Analyst will manage the delivery of all cyber security related services. This will include cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber related
assertions, policy and procedure lifecycle management, and ensuring the
Trust's information compliance adheres to the Cyber Assurance Framework (CAF) and ISO27001.
Main duties of the job
Provide expert guidance on the selection, design, justification,
implementation and operation of Cyber Security strategies, technologies,
processes, procedures and standards. Support the development of controls and management approaches to maintain the safety, confidentiality, integrity, availability and security of the Trust’s digital infrastructure and systems; including the protection of Trust and patient data and information stored and processed by infrastructure or systems managed by, or under the control of the Trust
As the Information Security Analyst, you will ensure that technology,
infrastructure, systems and supporting processes possess adequate and
cost-effective protection against cyber threats and all identified Cyber
Security risks.
As the Cyber Security Analyst, you will provide expert advice on, and
management of, the Trust’s defence against cyber threats, data breaches
and Cyber Security technologies.
Support the development of controls and management approaches to
maintain the safety, confidentiality, integrity, availability and security of the Trust’s digital infrastructure and systems; including the protection of Trust Information Security Analyst and patient data and information stored and processed by infrastructure or systems managed by, or under the control of the Trust.
Working for our organisation
Diversity makes us interesting… Inclusion is what will make us outstanding.
Inequality exists and the journey to eliminate it is not easy. Every step we take will be a purposeful step forward to deliver a truly inclusive culture where all our people are enabled to deliver outstanding care, where background is no barrier, and where everyone can be their authentic self and we truly represent our patient community.
We are committed to equal opportunities and welcome applications from all sections of the community, regardless of any protected characteristics. Reasonable adjustments will be made for disabled applicants where possible. All applicants who have a disability and meet the minimum criteria for the post can opt for a guaranteed interview.
If you need additional help with your application please get in touch by calling the recruitment team on 0118 322 6997 or 0118 322 5342.
Our primary method of communication will be via email. However, if you would prefer to be contacted through a different method, please inform the recruitment team.
Detailed job description and main responsibilities
PRINCIPAL RESPONSIBILITIES
• Support the CISO in developing, implementing and monitoring a strategic, comprehensive cyber, enterprise information security, resilience, information governance and IT risk management strategy and plan.
• Provide expert cyber security advice to senior stakeholders and technical teams across the organisation.
• Work directly with key stakeholders to facilitate risk assessment and risk management processes.
• Collaborate with all departments within the Trust (and ICS) where necessary to identify and disseminate high-quality information that facilitates effective cyber and information security management and improvement.
• Use advanced analytic tools (artificial intelligence) to determine emerging threat patterns and vulnerabilities. Scoping and delivery of penetration tests and ensure actions from vulnerability assessments are resolved
• Lead on audit and audit preparation relating to IT security
• Maintaining compliance with various standards in place e.g. Data Security and Protection Toolkit, CareCERT, Cyber Essentials+, Network and Information Systems Regulations etc.
• Act as the Trusts advisor on cyber security protection, detection, response and recovery.
• Analyse complex data and oversee the production of detailed information
• Work closely with the Emergency Preparedness, Resilience and Response teams to ensure that preparations include events relating to cyber security.
• Evaluate options and be able to persuade and influence others to ensure that risks in relation to cyber, resilience and information integrity and security are addressed appropriately.
• Develop business cases and propose funding allocations based around intelligence on the areas of greatest risk and benefit.
• Develop and implement a cyber, resilience and information integrity and security strategy, ensuring all partners endorse the strategy.
• Ensure that all local information and cyber security strategies and activities align with the national Plan.
• To assist with the development of disaster recovery and business continuity strategies for Trust digital services, wider stakeholders and partner organisations.
Adherence to Professional Standards
• All activities will be conducted within the context of professional standards, including, but not limited to, PRINCE II and ITIL.
• This post requires continual upgrading of skills to reflect rapid changes in technology, the Trusts’ environment and the needs of the Trust. This is achieved through formal training; informal skills transfer and self-tuition.
Business Change and Transformation
• Work closely and collaboratively with, the Trust Improvement Programme Board to ensure synergy for business transformation.
• Ensure the teams with area of responsibility develop their knowledge and ability to drive successful technology-based change management and to deliver successful training across a wide range of staff within the Trust.
Person specification
Qualifications
Essential criteria
- ITIL v3 Service Management Qualification
- Educated to degree level or equivalent
- Formal certification (ISACA: Certified Information Security Manager (CISM). CISSP, or CRISC) and/or formal training in information security standards and best practice (e.g.: ISO 27001/2, COBIT), or equivalent work experience demonstrating understanding of the same.
Experience
Essential criteria
- Extensive experience of developing and delivering an Information Security service to a large complex organisation using confidential and/or sensitive information
Desirable criteria
- IT experience gained in both and Acute and Community setting
Employer certification / accreditation badges
Applicant requirements
The postholder will have access to vulnerable people in the course of their normal duties and as such this post is subject to the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975 (Amendment) (England and Wales) Order 2020 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service to check for any previous criminal convictions.
Documents to download
Further details / informal visits contact
- Name
- Eghosa Bazuaye
- Job title
- Associate Director of Operations
- Email address
- [email protected]
- Telephone number
- 0118 322 5111
List jobs with Royal Berkshire NHS Foundation Trust in Administrative Services or all sectors