To be responsible for the design, implementation, testing and administration of cloud security tools and system that provide both administrative and technical controls in support of organisational security policies and procedures.

To help develop and deliver the cyber security strategy and framework for the business, ensuring best practises for all aspects of information security and governance.

To work closely with leadership and staff to support the maintenance and evolution of a secure corporate environment and make recommendations for new security-related procedures and/or revisions.

Reports to : IT Security Manager.

Subordinate Titles : None.

Site : All Sites.

Primary Responsibilities :

- Work with and follow the guidance of the IT Security Manager.

- To be responsible for the design, implementation, testing and administration of security tools and system.

- To help develop and deliver the technical cyber security strategy and frameworks for the business.

- Participate in company-wide security audits (internal and external).

- Ensure compliance with all technical security and regulatory requirements including but not limited to ISO27001, GDPR, Cyber Essentials Plus, NHS Digital.

- Evaluate, implement, manage and maintain all cloud cyber security systems and protective measures against malware and misuse of systems or services.

- Comply with the CliniSys codes of conduct and guidelines.

- To be responsive to reasonable requests from your line manager.

- To behave as a role model : for delivering results; for enthusiasm and enjoyment of your work; for teamwork; for coaching and mentoring of colleagues and team members and for professional standards of behaviour.

Knowledge, Skills, Abilities :

- Experience with Microsoft 365 security configurations and best practices in tenant configuration; 365 Security Configurations (ATP, Defender and Security Center).

- Experience with endpoint management and Intune preferred.

- Ability to perform tenant and data governance review and configuration.

- A committed and highly motivated individual who is assertive and has sound judgement.

- Ability to make sound decisions and analyse problems based off the information captured through risk assessments of the infrastructure and business.

- Excellent analytical skills, with an ability to translate business needs into practical security posture.

- Solid knowledge of different security frameworks as applied to current network, server infrastructure and storage technologies.

- Adaptable / flexible to changing demands with an ability to implement and manage change.

- High degree of attention to detail as it pertains to security policies and security alerts.

- Excellent decision making / problem solving skills.

- High levels of commitment and ability to act when necessary.

- Proficiency with a wide range of security products.

Education And Experience :

- 3 years of experience in information security industry.

- 365 and Azure cloud services security certifications.

- Experience with security information and event management platforms and other security tooling, specifically exposure to CrowdStrike.

- Experience with vulnerability scanning solutions and secure configuration.