Cyber Operations purpose is to support safe care and build public trust by building NHS England’s cyber resilience and enabling the wider health system to be cyber resilient, supporting the Transformation Directorate’s purpose of delivering the best care and outcomes for the NHS. The Cyber Operations sub‑directorate consists of four operational areas:
- Cyber Security Operations Unit (CSOU)
- Cyber Delivery Unit (CDU)
- Cyber Improvement Programme (CIP)
- Chief Information Security Office Function (CISO)
Responsibilities
- Work within the Cyber Security Operations Centre (CSOC) providing technical engineering support to core security platforms and services, ensuring systems are operational, monitored and maintained in line with service requirements.
- Assist in the day‑to‑day operation of CSOC platforms, including monitoring platform health, managing data ingestion issues, maintaining detections and responding to system‑generated alerts.
- Provide technical input into handling cyber and IT security incidents, supporting investigation, containment and recovery activities in line with agreed incident management processes.
- Assist with the diagnosis and resolution of service incidents relating to security tooling such as SIEM, XDR and logging pipelines, escalating issues where appropriate and contributing to root cause analysis.
- Assist in the delivery of approved changes to cyber security systems, tooling and configurations through formal change management processes, ensuring changes are implemented safely and documented.
- Contribute to routine service activities including system checks, access management, user support requests and the maintenance of standard operating procedures and technical documentation.
- Support multi‑tenant threat platforms such as XDR and SIEM solutions, helping maintain analytics, queries and dashboards and flagging issues or improvements.
- Assist in onboarding by supporting data ingestion, enrichment and integrations.
- Assist in maintaining and monitoring security tooling across identity, access, network and XDR technologies, ensuring system health and data flow.
As a Trainee Cyber Engineer, you will work within the CSOC under senior guidance, receiving hands‑on experience and training in cyber security operations, including XDR, SIEM and incident response.
NHS England has a wide range of statutory functions, responsibilities and regulatory powers focused on supporting the wider NHS to deliver high‑quality care and carrying out functions best done once for all NHS services. Our staff bring expertise across clinical, operational, commissioning, technology, data science, cyber security, software engineering, education and commercial specialisms, enabling us to design and deliver high‑quality NHS services.
In March 2025 the Government announced that NHS England and the Department of Health and Social Care will increasingly merge functions, ultimately leading to NHS England being fully integrated into the department. If you currently work within the NHS and are successful at interview, we will initiate an Inter Authority Transfer (IAT) via the Electronic Staff Record (ESR). We will retrieve key data from your current or previous NHS employer to support onboarding, including competency status, Continuous Service Dates (CSD) and annual leave entitlement. Staff recruited from outside the NHS will usually be appointed at the bottom of the pay band, and colleagues with a contractual office base are expected to spend on average at least 40% of their time working in our offices.
#J-18808-Ljbffr…
