# Cyber Security Analyst

> NHS job listing from Job Clerk for Sheffield Health and Social Care NHS Foundation Trust.

## Canonical URLs

- **HTML:** https://www.jobclerk.com/job/cyber-security-analyst/443ee389-2d84-4a1a-bcc1-c639185449e3
- **Markdown:** https://www.jobclerk.com/job/cyber-security-analyst/443ee389-2d84-4a1a-bcc1-c639185449e3.md

## Summary

- **Status:** Live
- **Employer:** Sheffield Health and Social Care NHS Foundation Trust
- **Town:** Sheffield
- **Region:** North East and Yorkshire
- **Country:** England
- **Profession:** Administrative and IT
- **Grade:** Band 6
- **Salary:** £39,959 - £48,117 Per Annum
- **Contract type:** Permanent
- **Closing date:** 2026-06-14T23:59:00.000Z
- **Posted:** 2026-05-28T09:52:07.600Z
- **Source information URL:** https://www.healthjobsuk.com/job/UK/South_Yorkshire/Sheffield/Sheffield_Health_Partnership_University_NHS_Foundation_Trust/Digital_Services/Digital_Services-v8026142
- **Application URL:** https://apps.trac.jobs/job-advert/8026142?ShowJobAdvert=&feedid=9002
- **Employer website:** https://www.shsc.nhs.uk

## Job Content

### Job overview

Join SHPU as a Cyber Security Analyst and play a key role in protecting critical NHS systems and data.

This is an exciting opportunity to work with modern security tools, tackle real-world cyber challenges, and contribute to a proactive security team. If you’re passionate about cyber security and want to make a meaningful impact, we’d love to hear from you.

### Why Join SHPU?

- Make a Difference – Protect systems and data that directly support patient care and frontline services.
- Meaningful Work – Play a vital role defending against real and evolving cyber threats.
- Professional Growth – Develop your skills in a supportive environment with opportunities to learn new technologies and approaches.
- Forward-Thinking Team – Be part of a team committed to innovation, continuous improvement, and strong cyber resilience.

### Main duties of the job

The Cyber Security Analyst is responsible for protecting the Trust’s systems and data by identifying, analysing, and mitigating cyber security risks. The role involves monitoring security threats, responding to incidents, and ensuring compliance with NHS standards.

Key responsibilities include providing expert cyber security advice, conducting risk assessments, maintaining security tools and procedures, and staying up to date with emerging threats. The post holder will work closely with internal teams and external bodies (e.g. NHS England, NCSC) to manage security alerts and improve the organisation’s security posture.

The role also requires contributing to policy development, delivering security awareness activities, supporting vulnerability management and patching, and providing hands-on technical support to Digital Services.

Effective prioritisation, stakeholder engagement, and the ability to manage complex information are essential.

### Detailed job description and main responsibilities

The Cyber Security Analyst role is part of the Digital Technical Services team and reports directly to the Infrastructure and Cyber Security Manager. This position is responsible for supporting the Trust’s cyber security capability by maintaining and continuously improving security tools, technologies, and processes.

The post holder will monitor, analyse, and investigate potential security threats, ensuring the confidentiality, integrity, and availability of NHS systems and data. Working proactively, the Cyber Security Analyst will identify vulnerabilities, respond to incidents, and contribute to strengthening the organisation’s overall security posture.

This role plays a critical part in protecting the Trust from evolving cyber threats while ensuring compliance with relevant industry standards, NHS guidelines, and regulatory requirements. The successful candidate will collaborate closely with internal teams and stakeholders to promote best practice, support risk management activities, and help drive ongoing security improvements across the organisation.

Main Duties

- Provide professional advice on cyber security including phishing, computer security and cybercrime.Be responsible for advising and guiding stakeholders with the interpretation of relevant cyber policy to enable compliance with organisational standards.
- Identify potential security risks and develop strategies to mitigate these. This involves receiving complex and sensitive information, to enable conducting risk assessments, analysing security threats, and developing risk treatment plans.
- Conduct risk assessments as appropriate and advise the Trust on IT Security concerns. Under the instruction of the Infrastructure and Cyber Security manager ensure IT Security risks are clearly identified, recorded, managed and directly communicated to Digital Senior Management Team accordingly.
- Maintain high level knowledge of new threat vectors, tactics, techniques and procedures (TTPs) and vulnerabilities.
- Maintain compliance with various standards in place e.g., Data Security and Protection Toolkit, NHS Cyber Alerts, Cyber Essentials, Network, and Information Systems Regulations etc.
- Liaise with NHS England, National Cyber Security Centre (NCSC) and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds.
- Provide specialist technical contribution into drafting and/or maintaining of the Trust’s formal Digital Security related policies. Respond to high-priority, complex, sensitive and critical events and incidents, in a timely manner. Provide actionable recommendations and mitigation measures to prevent or reduce the impact of potential breaches.
- Assist with the interpretation and communication of developments in national cyber security legislation, policy and best practice. (this will involve analysing complex digital information which is multifaceted where there may be a number of potential outcomes)
- Work with the Trust’s Communications Team to formulate communication across the Trust to raise awareness and alertness to any cyber threats and best practices
- Analyse computer, server and network logs including vulnerabilities and known attacks and cross reference on the MITRE framework and known TTPs. this will involve analysing complex digital information which is multifaceted where there may be a number of potential outcomes.
- Ensure the ongoing management, maintenance and use of cyber security standard operating Procedures (SOPs). Prioritisation of work based on severity, knowing when and how to escalate as necessary and offering advice to technical team members around prioritisation.
- Ensure that all security and vulnerability releases are being deployed to all on premise and hosted servers and end point devices safely and effectively, using your judgement to mitigate any service impacting issues
- Regularly carry out research on products and services as part of your role, exploring findings and making use of effective new technologies.
- Support in the selection of controls and engage in risk assessments and controls gap analysis.
- Lead on specialised workstreams and projects such as undertaking cyber risk assessments, that are complex in their nature.
- Plan, prioritise and manage conflicting agendas and priorities in order to meet challenging deadlines.
- Provide specialist assistance to Digital Services on technical security issues including hands on technical configuration and day-to-day operation of devices and software.

## Job Details

Join SHPU as a Cyber Security Analyst and play a key role in protecting critical NHS systems and data.

This is an exciting opportunity to work with modern security tools, tackle real-world cyber challenges, and contribute to a proactive security team. If you’re passionate about cyber security and want to make a meaningful impact, we’d love to hear from you.

Make a Difference – Protect systems and data that directly support patient care and frontline services.

Meaningful Work – Play a vital role defending against real and evolving cyber threats.

Professional Growth – Develop your skills in a supportive environment with opportunities to learn new technologies and approaches.

Forward-Thinking Team – Be part of a team committed to innovation, continuous improvement, and strong cyber resilience.

## Job Description

The Cyber Security Analyst is responsible for protecting the Trust’s systems and data by identifying, analysing, and mitigating cyber security risks. The role involves monitoring security threats, responding to incidents, and ensuring compliance with NHS standards.

Key responsibilities include providing expert cyber security advice, conducting risk assessments, maintaining security tools and procedures, and staying up to date with emerging threats. The post holder will work closely with internal teams and external bodies (e.g. NHS England, NCSC) to manage security alerts and improve the organisation’s security posture.

The role also requires contributing to policy development, delivering security awareness activities, supporting vulnerability management and patching, and providing hands-on technical support to Digital Services.

Effective prioritisation, stakeholder engagement, and the ability to manage complex information are essential.

## Responsibilities

The Cyber Security Analyst role is part of the Digital Technical Services team and reports directly to the Infrastructure and Cyber Security Manager. This position is responsible for supporting the Trust’s cyber security capability by maintaining and continuously improving security tools, technologies, and processes.

The post holder will monitor, analyse, and investigate potential security threats, ensuring the confidentiality, integrity, and availability of NHS systems and data. Working proactively, the Cyber Security Analyst will identify vulnerabilities, respond to incidents, and contribute to strengthening the organisation’s overall security posture.

This role plays a critical part in protecting the Trust from evolving cyber threats while ensuring compliance with relevant industry standards, NHS guidelines, and regulatory requirements. The successful candidate will collaborate closely with internal teams and stakeholders to promote best practice, support risk management activities, and help drive ongoing security improvements across the organisation.

Main Duties

Provide professional advice on cyber security including phishing, computer security and cybercrime.Be responsible for advising and guiding stakeholders with the interpretation of relevant cyber policy to enable compliance with organisational standards.

Identify potential security risks and develop strategies to mitigate these. This involves receiving complex and sensitive information, to enable conducting risk assessments, analysing security threats, and developing risk treatment plans.

Conduct risk assessments as appropriate and advise the Trust on IT Security concerns. Under the instruction of the Infrastructure and Cyber Security manager ensure IT Security risks are clearly identified, recorded, managed and directly communicated to Digital Senior Management Team accordingly.

Maintain high level knowledge of new threat vectors, tactics, techniques and procedures (TTPs) and vulnerabilities.

Maintain compliance with various standards in place e.g., Data Security and Protection Toolkit, NHS Cyber Alerts, Cyber Essentials, Network, and Information Systems Regulations etc.

Liaise with NHS England, National Cyber Security Centre (NCSC) and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to threat & vulnerability alerts, vendor and other specialist threat intelligence feeds.

Provide specialist technical contribution into drafting and/or maintaining of the Trust’s formal Digital Security related policies. Respond to high-priority, complex, sensitive and critical events and incidents, in a timely manner. Provide actionable recommendations and mitigation measures to prevent or reduce the impact of potential breaches.

Assist with the interpretation and communication of developments in national cyber security legislation, policy and best practice. (this will involve analysing complex digital information which is multifaceted where there may be a number of potential outcomes)

Work with the Trust’s Communications Team to formulate communication across the Trust to raise awareness and alertness to any cyber threats and best practices

Analyse computer, server and network logs including vulnerabilities and known attacks and cross reference on the MITRE framework and known TTPs. this will involve analysing complex digital information which is multifaceted where there may be a number of potential outcomes.

Ensure the ongoing management, maintenance and use of cyber security standard operating Procedures (SOPs). Prioritisation of work based on severity, knowing when and how to escalate as necessary and offering advice to technical team members around prioritisation.

Ensure that all security and vulnerability releases are being deployed to all on premise and hosted servers and end point devices safely and effectively, using your judgement to mitigate any service impacting issues

Regularly carry out research on products and services as part of your role, exploring findings and making use of effective new technologies.

Support in the selection of controls and engage in risk assessments and controls gap analysis.

Lead on specialised workstreams and projects such as undertaking cyber risk assessments, that are complex in their nature.

Plan, prioritise and manage conflicting agendas and priorities in order to meet challenging deadlines.

Provide specialist assistance to Digital Services on technical security issues including hands on technical configuration and day-to-day operation of devices and software.

## Person Specification

### Experience

**Essential**

- Specialist knowledge acquired through post graduate diploma level or equivalent experience.
- Previous experience of working in the cyber security field.

**Desirable**

- Experience of working within IT for the NHS or wider healthcare community.
- Understanding of Information Governance and IT policies and procedures within an NHS environment.

### Knowledge and skills

**Essential**

- Knowledge of existing and emerging key Microsoft and Cyber Security technologies and understanding of how they can be applied to achieve digital objectives.
- Excellent communication skills to convey technical digital / cyber issues to a non-technical digital / cyber audience
- Able to undertake complex audits of technical Infrastructure, record results, interpret them and report outcomes accurately
- Able to prioritise and organise own work ensuring this is completed in an accurate and timely manner.

**Desirable**

- Experience delivering, implementing or operating IT infrastructure (networks, servers, desktop, etc.)
- Digital Assessment Technology Criteria and Data Protection Impact Assessments
- Experience of working within IT for the NHS or wider healthcare community

### Training and qualifications

**Essential**

- Educated to Degree Level in an appropriate IT discipline, or equivalent, relevant experience.
- ITILv4 Qualification

**Desirable**

- Professional Cyber Security qualification.

## Documents

- [cyber security analyst jd & ps (pdf, 483.5kb)](https://www.healthjobsuk.com/documents?vdoc=10313307)

## Agent Notes

- This Markdown page is generated from the same Job Clerk job record as the HTML job detail page.
- Use the canonical HTML URL for user-facing references.
- Use the application URL when the user wants to apply on the source NHS site.