Technical Security Supervisor

This vacancy is open to employees of Isle of Wight NHS Trust and Portsmouth Hospitals University NHS Trust only.

NHS Band 7:  49387 - 56515 per annum (effective from 01/04/2026)

Hours Per Week:  37.5 full time

Contract Type: Fixed term for 2 years

Job purpose

As team leader for the Technical Services Security Team the post holder will be the lead IT Security technical role in the provision of effective efficient and fully integrated IT operational services that maximise their availability and integrity for end-users and optimise the value gained by the Trust from its investment in IT.  They will work across the Digital and the wider organisation to ensure that the Trust maintains the highest standards of compliance and defence against cyber security threats ensuring that cyber security is a golden thread running through all our processes and planning.   This will be achieved by:

• Oversee Security Operations: Ensure the smooth and efficient operation of security services across the Group Model across two hospitals maintaining a safe and secure environment for patient and operational data.
• Risk Assessment and Management: Conduct regular risk assessments in support of the Digital Service operations and working alongside the IT Security Architect for new services. Identifying potential security threats and implementing appropriate measures to mitigate these risks in both hospitals.
• Policy Implementation: support the development and adoption of hospital security policies and procedures ensuring compliance with NHS guidelines and local regulations.
• Staff Supervision and Training: Lead train and supervise Security team members ensuring they are equipped with the skills and knowledge necessary to perform their duties effectively in a dual hospital setting.
• Incident Response Coordination: Coordinate and manage the response to security incidents ensuring timely and effective resolution while minimizing disruption to hospital operations. Ensuring effective escalation communications are designed and implemented.

Job summary

Team Management

• In the absence of the Technical Services Manager ensure tasks are appropriately prioritised and scheduled skills appropriately utilised procedures documented and followed adequate coverage for absence and Out-of-Hours support is in place and consistent up-to-date documentation is established and maintained.
• Provide the immediate line management for the Security Specialists within the Technical Security Team.
• Monitor security standards for the Technical Services team monitoring achievement against these and devising improved ways of working working with the Technical Services Manager.
• As a team leader take a lead role in the daily scrum held within the team to ensure the team collaboration and focus is aligned to the business outcomes.
• Play a leading role in contributing to the Technical Services team working processes and operating procedures.
• Facilitate Triage of incoming workloads and allocation of work throughout the team as required.
• Ensure that Technical Services team and external contractors work in a responsible and safe manner and have due regard for health and safety regulations.

System Design & Hosting

Secure System Architecture: Design and implement robust security architectures for IT solutions ensuring the integration of security principles such as least privilege defense in depth and secure by design throughout the IT solutions lifecycle.

• Access Control Management: Develop and enforce access control policies ensuring that only authorized personnel have access to sensitive systems and data using multi-factor authentication role-based access and other security mechanisms.
• Data Encryption and Protection: Implement strong encryption protocols and secure data handling practices to protect sensitive information both in transit and at rest ensuring compliance with relevant regulations and standards.
• Vulnerability Management: Conduct regular vulnerability assessments and security testing (e.g. penetration testing) to identify and mitigate potential security weaknesses in system design and hosting environments.
• Incident Detection and Response: Design and implement systems for real-time monitoring and logging enabling the timely detection investigation and response to security incidents and breaches.
• Compliance and Audit Support: Ensure that systems are designed and hosted in accordance with relevant regulatory requirements and industry standards providing necessary documentation and support during security audits and compliance assessments.

Software and Hardware Installation

• Secure Configuration and Hardening: Ensure that all software and hardware installations follow secure configuration guidelines and hardening practices to minimize vulnerabilities and reduce the attack surface.
• Patch Management: Oversee the timely installation of security patches and updates for both software and hardware across the entire IT landscape & two hospitals ensuring that systems are protected against known threats and vulnerabilities.
• Malware Protection: Implement and configure antivirus anti-malware and intrusion detection/prevention systems during installation to safeguard against malicious software and unauthorized access.
• Access Control Implementation: Configure and enforce strict access controls during software and hardware installation ensuring that only authorized users can access and modify system components.
• Data Backup and Recovery Setup: Establish and verify secure data backup and recovery procedures during installation ensuring that critical data is protected and can be restored in the event of a failure or breach.
• Documentation and Compliance: Maintain detailed records of software and hardware installations including configurations security settings and compliance with industry standards to support ongoing security management and audits.

Infrastructure Developments/Innovation

• Secure Infrastructure Design: support the development of secure infrastructure solutions incorporating advanced security measures and best practices into the planning design and implementation of new technologies.
• Emerging Threat Mitigation: Proactively identify and address emerging security threats and vulnerabilities adapting infrastructure developments to stay ahead of potential risks and ensure ongoing protection.
• Integration of Security Technologies: Evaluate select and integrate cutting-edge security technologies and tools within the infrastructure to enhance overall security posture and support innovative solutions.
• Scalability and Flexibility: Ensure that infrastructure developments are designed with scalability and flexibility in mind allowing for secure expansion and adaptation to future technological advancements.
• Automation and Orchestration: Implement automation and orchestration tools to streamline security processes within infrastructure developments improving efficiency consistency and responsiveness to security incidents.
• Collaboration with Stakeholders: Work closely with cross-functional teams including IT operations and management to align infrastructure innovations with security requirements and Hospital Group aims ensuring that security is integrated into all phases of development.

For additional information please read attached full job description.

Qualifications :

Qualifications

Essential

• ITIL v3 Foundation
• Degree-level Qualification or equivalent in a Computing or analytical field
• Technical Accreditation in one or more of the following: -
  • Microsoft MCP/MCSA/MCSE
  • Cisco CCNA
  • CompTIA Security .
  • Certified Ethical Hacker (CEH) 

Desirable

ISO27001

CISSP

Additional Information :

The health and wellbeing of our staff is at the forefront of everything we do. We are proud to be able to offer our staff some fantastic benefits including our on-site Nursery access to our free Beach Hut for those long summer days our on-site Wellness Centre including a gym and a swimming pool access to our fantastic staff networks including LGBTQ Race Equality and Disability and awards ceremonies to recognise your achievements. We believe we can offer support to all of our staff when they need it the most.

We welcome the unique contributions that you can bring in terms of your education opinions culture ethnicity race sex gender identity and expression nation of origin age languages spoken veterans status colour religion disability sexual orientation and beliefs.

Remote Work :

No

Employment Type :

Contract