Security Engineer

Job Description

CliniSys - End to end solutions for the diagnostic journey

Europe’s largest diagnostic IT vendor

Laboratory test results help inform the 70% of patient diagnoses and care planning.

 

For over 30 years CliniSys Group has been at the forefront of diagnostics workflow, order communications and information management solutions supporting radiology, cardiology and all pathology disciplines including anatomical or cellular, molecular and genetics. These encompass the complete workflow from order, clinical decision support, collection, processing, analysis, results and reporting, through integration into the clinical workflow.

 

CliniSys Group has built an unrivalled reputation for the deployment of complex diagnostics networks and academic centres – and is the only vendor repeatably delivering across all disciplines end to end – at scale.

Making healthcare smarter and more efficient.

Summary:

  • To be responsible for the design, implementation, testing and administration of security tools and system that provide both administrative and technical controls in support of security policies and procedures.
  • To help develop and deliver the cyber security strategy and framework for the business, ensuring best practises for all aspects of information security and governance.
  • To work closely with leadership and staff to support the maintenance and evolution of a secure corporate environment and make recommendations for new security-related procedures and/or revisions.

Responsibilities:

  • Work with and follow the guidance of the Head of Group IT & Security
  • To be responsible for the design, implementation, testing and administration of security tools and system
  • To help develop and deliver the cyber security strategy and framework for the business, ensuring best practises for all aspects of information security and governance.
  • Work with management and the change control board to verify all security related production modifications are properly approved
  • Determines security violations and inefficiencies by conducting periodic audits
  • Participate in company-wide security audits (internal and external)
  • Ensure compliance with all ICT security and regulatory requirements including but not limited to ISO27001, GDPR, Cyber Essentials Plus, NHS Digital
  • Develop, maintain and update documentation and processes relating to ISO 9001, ISO 20000, ISO27001 & Cyber Essentials Plus
  • Be a key contact for the management of information security incidents/cyber security incidents
  • Evaluate, implement, manage and maintain all cyber security systems and protective measures against malware and user misuse of systems or services
  • Comply with the CliniSys codes of conduct and guidelines
  • Promote and support correct GDPR best practice within the workplace
  • To be responsive to reasonable requests from your line manager
  • To behave as a role model: for delivering results; for enthusiasm and enjoyment of your work; for teamwork; for coaching and mentoring of colleagues and team members and for professional standards of behaviour
  • Performing vulnerability and penetration tests, identifying, and defending against threats, and developing disaster recovery plans

Knowledge, skills, abilities:

  • 5 years of experience in information security industry
  • Experience with security information and event management platforms and other security tools
  • Experience with vulnerability scanning solutions and secure configuration
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform
  • Familiarity with ISO 27001, GDPR and other security frameworks
  • CISSP, CISM, CISA or other security related certifications

Depending on the experience of a candidate’s skills and expertise, CliniSys offers a competitive basic salary plus a generous package and a great work environment.