Job Introduction

What does it take to become a leading security professional in one of the top health and social care organisation in the UK? It takes people who care about people and keeping information secure and the services that turn lives around every day - providing encouragement, delivering innovative services and generally improving life for individuals with a learning disability or those affected by drug and alcohol misuse or mental health problems. But it's not just our front-line teams that make a difference to lives. So do the dedicated teams who work behind the scenes to support the vital work we do.

Turning Point is looking for an Information Security Analyst to join the team based in our Manchester Office reporting to the Head of Security.

Role Responsibility

This role is about developing and maturing of the information security management system (ISMS) and governance processes, provide technical guidance and expertise and ensuring operational security. More specifically the role will involve:

Information Security Management                                           

• Support and collaboration in writing technical policies and standards as part of the ISMS and promote compliance in line with international security standards (i.e. ISO27001), Public Sector security (i.e. HMG Cyber Essentials, Cloud Security Principles, NHS toolkit and InfoSec Standards), and corporate policies. 
• Support in maintaining the ISMS with applicable legislation e.g. Data Protection Act, Computer Misuse act, etc.
• Contribute to the creation and maintenance of relevant security documentation for appropriate systems and on occasion lead technical input to these.
• Support the Head of Security to risk assess security in terms of impact to systems and service confidentiality, integrity and availability, and report and escalate results of risk assessments.

Security Engineering

• Provide security consultancy, advice and guidance to implementation teams involved in the design, development, delivery and change of Turning Point products and services.
• Assist in the provision of designs and technical solutions in support of corporate security policies and external standards.
• Produce, review and constantly test and evaluate effectiveness and efficiency of technical security controls, configurations standards and procedures in line with security requirements, business needs, delivering enhancements where applicable.
• To be a security representative for all ICT technical deliveries, initiatives and project implementations in the absence of Head of Security

Security Operations

• Collaborate in the specification and design of automated security tools and, in conjunction with the implementation teams, support the installation, configuration of such tools including maintenance and monitoring activities.
• Actively monitor security tools deployed within the Turning Point  (anti-virus, configuration control, vulnerability management, IDS/IPS, SEIM, DLP), escalate issues, assist with remediation and maintain these systems.  Ensure that the ICT infrastructure is appropriately patched.
• Provide on call support with particular reference to a security incidents.  Keeping IMT aware of the incident and next steps to resolution.
• Ensure the escalation of any real or potential security breaches and vulnerabilities.
• Provide information and leadership to ICT teams during incident response in order that appropriate remedial steps can be taken.  Undertake technical investigations as a result of security incident to understand route cause and identify actions to reduce / remove risk.

Other duties

• This role will involve some travel to various locations to support the needs of the business.
• Nurture good l relationships with stakeholders to ensure that any security issues are communicated and we are able to assess the level of risk and deploy appropriate response.
• Promoting continuous process improvement, in relation to security matters, within IM&T.

The Ideal Candidate

The successful candidate should have an inter-personal and technical skill set which aligns with the following:

Personal effectiveness

• An understanding of information security management system(s), e.g. ISO 27001, NIST
• Demonstrable experience in a similar full time security role
• A technical aptitude to understand security of IT systems, networks and security architectures
• Demonstrable knowledge of Risk Management
• Understanding of Asset Management
• Internal Auditing experience in Information Security
• Incident Management and security investigations methodologies
• Experience of monitoring the operation of networks, servers and desktops security controls
• Ticket and Request Management experience in an ITIL environment
• Evidence of ability to make sound decisions
• Evidence of ability to manage a varied and challenging workload
• Able to effectively communicate verbally and in writing
• Excellent report writing skills
• Ability to effectively prioritize and execute tasks in a high pressure environment

Technical effectiveness

• Knowledge of Cloud  Information Security: SaaS, PaaS, IaaS and inparticular O365, Azure, Oracle
• Understanding hardening techniques and processes e.g. CIS benchmarks
• Knowledge of Cisco ASA capability and configuration, router and switch capability and configuration, and VPN capability and configuration.
• Extensive practical knowledge of Windows server and desktop operating environments, and their security and audit controls, particularly Windows 7/10 and Windows Server 2008/2012/2016/2019.
• Knowledge of server virtualisation such as VMWare and Hyper V.
• A good understanding of intrusion detection technologies
• Significant practical knowledge of MS-Exchange and all aspects of its security and audit controls.

About us

Why Turning Point?

As a leading health and social care provider with more than 300 locations across England, we take real pride in the services we offer.

Across the varied regions, sectors and settings we operate within, our organisation is held together by a shared vision – and our people are connected by the same values. These include belief in potential, confidence in communication, embracing positive change and always treating each other as individuals.

We run all of our services on a not-for-profit basis; instead, we invest every penny back into our services and people. We never stop believing in change for the better, and we work constantly to improve the lives of the people we support.

Our people bring our vision to life. So, if you are enthusiastic, motivated and committed to support others to fulfilling their potential, here at Turning Point, we don't just offer you a job – we offer you a career.

What Benefits Will I Receive?

Of course, we know it's not about the money. But that doesn't mean we don't reward our people for their invaluable work with a benefits package that includes:

• Comprehensive opportunities to learn and develop, with silver accreditation from Investors in People
• 31 days’ paid holiday a year, increasing with each year of service up to 33 days. Plus the option to purchase additional holidays
• Flexible benefit options including cycle to work schemes and season ticket loans
• Competitive pension and life assurance schemes
• Employee assistance programme and access to online health and wellbeing support
• Flexible working patterns to support work-life balance
• Access to a wide range of discounts, including cinema tickets, grocery and high-street shopping and gym memberships

We reserve the right to close this advert early if we are able to appoint to the vacancy before the advertised closed date.

Turning Point