Senior Information Security Engineer

Job overview

An exciting opportunity has arisen to join our organisation in the role of Senior Information Security Engineer within the Digital Services department.

The aim of this post is to play a key role in safeguarding the Trust’s critical systems and information assets. You will be a senior technical specialist with CISSP certification, working hands-on across:

• Cyber security architecture, implementation and monitoring.

• Incident response and operational cyber resilience.

• Vulnerability management and cyber risk reduction.

• Supporting compliance with NHS and national cyber security standards.

The base for the role is Beechdale Divisional Headquarters, Nottingham however this is a hybrid role with a combination of a home/office working pattern. The expectation would be a balance of approximately 2/3 days on site in Nottingham on a weekly basis,  with occasional site visits in Lincoln. Applicants must reside close to or within in the East Midlands to ensure prompt on-site support during major incidents or business continuity events.

Main duties of the job

Investigate and analyse complex technical information to identify cyber security threats and vulnerabilities across systems, networks, and applications. Design, implement, and maintain technical security controls to protect systems, data, and system boundaries from cyber attack, malware, ransomware, and insider threats. Support incident response activities, including investigation, containment, remediation, and reporting of information security incidents and data breaches. Lead and support vulnerability management, working with Infrastructure and Digital Services teams to reduce cyber risk through secure configuration and timely remediation. Provide specialist technical security advice to support secure system design, change management, and the introduction of new services or technologies. Support compliance with national and organisational cyber security requirements, including DSPT and NCSC guidance. Contribute to security policies, standards, audits, dashboards, and reports, and act as deputy for the Information & Cyber Security Manager when required.

Detailed job description and main responsibilities

The Senior Information Security Engineer is a senior technical specialist responsible for protecting the organisation’s information assets, systems, and infrastructure from cyber threats. The role provides hands-on technical expertise across cyber security engineering, incident response, vulnerability management, and secure system design, working closely with Infrastructure, Digital Services, and third‑party suppliers.

The post holder will investigate complex security issues, implement effective technical controls, and provide expert advice to ensure systems are secure, resilient, and compliant with national cyber security requirements. The role supports a busy operational environment and contributes directly to maintaining the availability, integrity, and confidentiality of critical services and sensitive data.

You will have a minimum of 5 years IT experience in an Information Cyber Security role.

You will be able to re-organise workloads due to unexpected events and be capable of analysing a range of highly complex IT problems. You will be able to work well within a team and be happy to work autonomously for long periods of time.