Are you passionate about Information Security and Business Continuity?
We welcome applications from individuals wishing to become an Apprentice and gain experience in information security within the NHSBSA.
You will develop new skills and knowledge whilst working with an established team gaining valuable work experience and a recognised apprenticeship qualification with some additional recognised information security qualifications (BCS Certificate in Information Security Management Principles) and (Certified Security Risk Manager).
In this role, you are accountable for:
- Assisting the Information Security Risk and Business Continuity Manager in managing the organisations ISO27001 certified Information Security Management System
- Undertaking information security assurance assessments and producing NHSBSA Information Security Assurance Documentation (ISAD) for the certification of business systems
- Understanding and employing a scenario-based approach to information risk assessment
- Monitoring and reporting on compliance with information security policies, standards and procedures
- Engaging with senior management (SIRO and Information Asset Owners) to ensure that they understand the information security risks relevant to their service area and to the organisation as a whole
- Undertaking information security risk assessments through the evaluation of events and consequences
- Producing information security evidence (control assessments) to facilitate the effective and consistent application of the information security risk management process, ensuring that controls are reasonable, proportionate to risk and aligned with business requirements
- Responsible for the collation of organisational data for the BCMS (Business Continuity Management System) software solution for deeper analysis and review
- Responsible for the regular upload of updated raw data to the BCMS software solution
- Undertaking service and organisational level business impact analysis and risk assessment
- Support the Business Continuity Manager and Business Continuity Specialist in the general maintenance and governance of the NHSBSA BCMS
- Update and maintain of key Business Continuity documentation (working with BC Specialist)
- Undertaking information security risk assessments through the evaluation of events and consequences and identifying suitable information security risk treatment options for detailed analysis
- Monitoring and reporting on the effectiveness of information security controls based on the analysis of information security metrics and measures data, Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs)
- Participating in the development, delivery and management of the information security education, training and awareness programme
- Developing and delivering information security management awareness training for all levels of the organisation, including online and face-to-face sessions
- Scoping and conducting information security internal audits in accordance with the ISMS internal audit schedule
- Providing support to staff in establishing information security management arrangements for new services/programmes/projects - ensuring that information security controls reflect best practice and are embedded within processes and procedures
- Collating information from various systems to assist the Information Security Risk and Business Continuity Manager in producing risk management analysis and reports
Requirements and prospects Desired skills
- Excellent interpersonal and people skills
- Knowledge and awareness of IS (Information Systems) management and best practice
- Excellent communications skills
- Some understanding of the tools and technologies available to protect and monitor information systems
- Some knowledge of the technical and non-technical components of security in relation to the delivery of information systems, e.g.: Data protection and information governance policies and good practice.
- Knowledge of risk management techniques and the application of a risk-based approach to managing security.
- Theoretical and/or practical experience of what is required in an Information Security focussed role
- Theoretical and/or practical experience of what is required in a risk management role
- Awareness of the processes involved in managing Information Security incidents
- Experience in managing the collation and analysis of data including report writing of findings
IT Support roles e.g. Help Desk, First line Software Development Roles
- An A Level in ICT or
- An International Baccalaureate at Level 3 in ICT, or
- A Level 3 apprenticeship in a similar subject, or
- A BTEC Extended Diploma in IT (180 credits), or
- A minimum of 12 months of experience within the last 24 months or 18 months in the last 36 months in an IT role. Specific roles that are acceptable are:
You may also have a combination of qualifications and experience which demonstrate the minimum foundation needed for the programme. In this instance you could still be considered for the programme.
If you hold international equivalents of the above qualifications, at the time of your application you must be able to provide an official document that states how your international qualifications compare to the UK qualifications.
Find out more here:
The initial contract for this apprenticeship is 24 months, however the vision is that a permanent opportunity could be available to those that perform well during their apprenticeship and achieve their qualification.Things to consider
Come and work for us and you'll receive a benefits package that rewards your hard work and commitment, including:
- A minimum of 27 days annual leave per year which increases with length of service plus Bank Holidays and the option to purchase additional leave
- Time off for volunteering
- Flexible working options
- A generous Pension Scheme
Access to loads of online and high street discounts including:
- Mobile phones
- Meals out
- Perhaps most importantly - a good work/life balance
QA's apprenticeships are funded by the Education & Skills Funding Agency (ESFA), an executive agency of the Department for Education.
To be eligible for a Government funded apprenticeship you must have lived in the UK or European Economic Area (EEA) for the last 3 consecutive years.