About the organisation

St Patrick’s Mental Health Services seeks a CyberSecurity Manager on a full time, permanent basis. The position will proactively secure, support and manage on premise and cloud-based ICT infrastructure and services in order to ensure their Confidentiality, Availability & Integrity 

The CyberSecurity Manager will report to the Chief Information Security Officer.

The standard working hours applying to the post is 35 hours per week. Details of starting and finishing times, which may vary in accordance with hospital needs, will be notified to you by your Head of Department/Deputy. There may be times when you will be required to work outside of the normal office hours.

The benefits

By joining us, you become part of Ireland’s largest independent, not-for-profit mental health service provider, bringing lots of opportunities for your career. We offer you many employee benefits, including:

• A competitive salary range 
• 25 days annual leave 
• Pension scheme
• Hybrid working opportunities
• Ongoing training
• Paid study leave and funding for further education
• Support for career advancement and professional development
• Subsidised canteen and onsite gym
• Central locations with onsite parking or Bike to Work and TaxSaver Commuter Ticket schemes.

Responsibilities

• Design and maintain enterprise-wide security architecture aligned with business goals
• Assist CISO in developing, implementing, and maintaining the CyberSecurity Strategy and Policies, as well as security standards, guidelines, and reference architectures
• Evaluate, lead on the deployment of, and manage Security tools & technologies (including Monitoring tools, SIEM, firewalls, endpoint protection, etc).
• Stay current with emerging threats, vulnerabilities, and mitigation strategies (liasing with national, international & industry bodies)
• Collaborate with stakeholders (IT, DPO, Digital Health) to ensure regulatory alignment (e.g. GDPR, ISO27001), deploying solutions to evidence compliance
• Manage vendor relationships and 3rd-party risk assessments, including threat intelligence management, vulnerability assessments, pen-testing & risk analysis
• Provide technical leadership during Incident Response Planning, security incidents & investigations, and lead threat modelling, risk assessments, and secure design reviews
• Work to the organisation’s Change Managements processes
• Oversee the processes to deploy & secure end user devices (ensuring OS & 3rd party patches are compatible with applications), and enhance those processes as required
• Oversee the organisation’s highly available infrastructure & applications (Deployment, Security, Maintenance, Patching, Monitoring, Capacity Management & Documentation as required) to ensure ICT can meet organisational requirements
• Providing training & mentoring to other team members
• Must be willing to take part in an On-Call rota agreement across a range of ICT services
• Status reporting on security metrics & risk posture to the Management Team & CISO
• In carrying out all duties, the employee must ensure that all Hospital procedures, Health & Safety policies, and legislative requirements are met at all times

This job description is not intended to be a comprehensive list of all duties.  The person appointed may be required to perform other duties as appropriate which may be assigned to them from time to time and to contribute to the development of the position. The person appointed will be assigned specific targets in terms of tasks and revenue.

Person specification

Qualifications and/or experience

Candidates must have:

• 10+ years Systems & Security Management experience in a similar size organisation
• Experience in vendor management
• Current certifications (e.g. ISC2 CISSP / CCSP, and Microsoft, e.g. SC-100/200/300)
• Experience with compliance, including audit (e.g. ISO27001 or proprietary) 
• Experience with regulated organization (Healthcare experience is preferred) 

Desirable, but not essential 

• Bachelor’s or Master’s Degree in Information Systems or CyberSecurity

Professional knowledge, competencies, and skills

• Experience in managing and securing Microsoft IAM and productivity platforms (A.D., Entra Id & Connect, M365 (incl. Exchange Online & M365 licensing – E3 & E5)
• Integrated security solutions in a hybrid environment (Windows 11 Deployment & Patching, as well as endpoint protection (Firewalls/XDR))
• Experience with Change Management for patching and updating Microsoft & 3rd  party products (e.g. firmware, OS patches, endpoint applications and cloud web consoles)
• Experience in managing remote access solutions (VPN & PRA)
• Experience in managing Authentication (e.g. SAML/SSO protected by MFA)
• Experience with on-premise to cloud migrations, and hybrid deployments
• Experience with Business Continuity & Disaster Recovery Planning
• Experience in management of highly available on-premise environments (VMware servers/FC SAN storage/ Leading online & offline backup solutions)
• Experience in working with Dell hardware solutions (laptops/servers/storage) and Asset Discovery / Intelligence solutions (including AI solutions)

Terms and Conditions

Tenure:

1.0WTE Full time, Permanent contract, pensionable as below.

Working Week:

The standard hours applying to this position is 35 hours per week. 

Salary:

The salary for the position is commensurate with experience.

Annual Leave:

The annual leave associated with the position 25 days.

Pension:

All pensionable staff become members of the pension scheme after successful completion of probation. The scheme is a defined contribution scheme with a deduction from the salary of the employee of 4%. In respect of an internal appointment being made the individuals existing pension arrangements will continue.

Probation:

The appointee will be appointed in a probationary capacity for the first six months during which time the job holder’s performance will be subject to ongoing review.  

Any extension to or suspension of the period of probation will be in line with the European Union (Transparent and Predictable Working Conditions) 2022.

Health:

The appointee must be fully competent and capable of undertaking the duties attached to the position and be in a state of health such as would indicate a reasonable prospect of ability to render regular and efficient service.

Character:

The appointee must be of good character.

Retirement Age:

Normal retirement age for employees is 66 years which at present is also normal pension age.

Please note:

It is a condition of employment that the successful candidate must submit written confirmation of having successfully completed recognised training in the Mental Health Act by date of commencement.