Log In

Don't have an account? Sign up now

Lost Password?

Sign Up

Password will be generated and sent to your email address.

IT Jobs Near me

Cyber Security Lead

Exeter, Devon
NHS England

Vacancy:2715
Salary Details: Band 8B – £76,663 – £89,082 (Which is inclusive of a 30% Recruitment and Retention Premium)
Location: Leeds or Exeter
Vacancy Type: Permanent
Hours Per Week:37.5
Working Pattern: Full-time, flexible working options considered
Additional allowances:30% RRP
Closing Date:04 Jun 2023

Cyber Operations purpose is to support safe care and build public trust by building NHS England’s cyber resilience and enabling the wider health system to be cyber resilient, supporting Transformation Directorate’s purpose of delivering the best care and outcomes for the NHS.

We are recruiting for Cyber Security Leads; these are new roles within our recently formed Security Governance, Risk & Compliance (GRC) team, part of the Chief Information Security Office (CISO). They are positions of real purpose, integral to our strategic plans, delivered across a national Health and Social Care system which includes 220 individual NHS Trusts; 13 Arm’s Length Bodies and over 40,000+ primary care organisations.

The Security GRC function is primarily internal facing, responsible for providing leadership with accurate information regarding cyber and information security risks, supporting organisational objectives and decision making.

GRC provides an understanding of the risk exposure across the organisation, working alongside other CISO functions to maintain a functioning security framework; enabling proactive security risk management.

Important: Please be aware there are residency requirements you need to meet:

All of our Cyber Security personnel must hold security clearance SC level as a minimum. To meet National Security Vetting requirements, you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role – will still be considered.

Please make sure you meet these requirements before applying for this role. You don’t need to have SC already, however, failure to achieve the requirements for SC after offer, will result in the job offer being withdrawn.

The role

This wide-ranging role is key to ensuring that our critical national systems and data remain protected and resilient; you will help embed strong governance, support the prioritisation of security risk and compliance activities across NHSE teams, ensuring that programmes deliver securely.

In addition, you will hold shared management responsibility for: –

  • Deputising for the Head of GRC and managing a team of security GRC analysts and related outputs, when required.
  • Development and delivery of a comprehensive GRC operating model for the new NHSE, enabling risk driven, evidence-based decision making
  • Development and delivery of an effective security policy management lifecycle, ensuring policies are harmonised, accessible, aligned and risk focussed
  • Management and tracking of security risks on behalf of the CISO, working with relevant stakeholders to bring risk within appetite and tolerance
  • Supporting the design and optimisation of key controls to reduce security risk, provide assurance and meet compliance requirements
  • Contribute to the development of ‘security by design’, ensuring this is included in relevant NHSE directorate & organisational strategies and business plans
  • Proactively identifying, monitoring, and managing applicable statutory, regulatory, and contractual obligations and compliance requirements, partnering with relevant stakeholders to inform requirements, ensuring that business plans and security related activities are aligned and prioritised accordingly

About you

To be successful in this role, the ability to manage your own workload and to present findings to a high standard are a must. This is a crucial and influential role requiring excellent negotiating and analysis skills and the ability to communicate with all key stakeholders at all levels of seniority.

In addition to being a holder of industry certifications (such as: CISA, CRISC, CISSP, CISM, Security +), some of the key skills and experience you’ll bring are:

  • Detailed knowledge of and the ability to utilise tools and techniques for assessing the effectiveness of information security measures, identifying potential risk exposures, and protecting the availability, confidentiality and audit trails of information from destruction or manipulation.

  • Proven knowledge of IT security policies, standards, and procedures; ability to utilise a variety of administrative skill sets and technical knowledge to ensure cyber security compliance.

  • Specialist knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting information security across the organisation.
  • Detailed knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data.
  • Detailed knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organisational network operation and minimise negative effect by cybersecurity risks.
  • Extensive knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply this knowledge appropriately to diverse situations.
  • Specialist knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.

Though not essential, the ideal candidate will have:

  • An understanding of the National Cyber Security Centre Cyber Assessment Framework (CAF), ISO27000 series, NIST and NIS
  • Membership of professional body such as ISACA/ISC
  • An understanding of HMG cyber and security strategies and associated policies

What’s in it for you

  • a role as part of a dynamic team using data and digital technology to transform health and care
  • a range of opportunities to build your experience in an environment where your
    work has a direct and positive impact
  • a real commitment to your personal and professional development with access
    to a broad range of learning opportunities

About us

NHS Digital became part of NHS England on 1 February 2023 to help us to better support the NHS as one, streamlined organisation with digital, technology and data at the heart of our plans. Successful applicants should be aware that roles will be subject to change in the new organisation, but our mission, to use data and technology to improve lives, will remain.

We are a great place to work. What we do matters.

Our outstanding teams are passionate about technology and public service, making use of everyone’s skills to improve people’s lives.

We collaborate to deliver world class tech and intelligence, so come and join us. We are committed to sustainability, diversity and inclusion; our people are at the heart of what we do.

Find out about the amazing work we do by visiting our website .

Why you should apply

We value the different experiences our people bring to their work. We’re working to create an environment where everyone can make a full contribution no matter their background, identity, or circumstances. Which means, we encourage applications from people of all backgrounds and abilities.

Our work matters. You matter.

What we offer you:

  • we’re moving to a hybrid working approach which offers you an informal, flexible way of blending home and office working
  • flexible working opportunities – we value and respect the diversity of our employees, and applications from prospective candidates who require flexible working arrangements are welcomed; these include part-time hours, job sharing, flexible hours and part-remote set ups
  • 27 days annual leave increasing to 33 days with service
  • ability to buy and sell annual leave
  • a generous pension (with our contribution equal to 20.6% of your earnings)
  • NHS Discounts including shops, restaurants, gym, mobile phones, and insurance
  • employee benefit schemes including our Season Ticket Loan, Car Lease and Bike to Work schemes

Next steps

Our application process is straight forward, you will need to upload a copy of your CV and input a supporting statement. Your supporting statement is your opportunity to demonstrate how you meet the skills, knowledge, experience and qualifications required for the role.

Our assessment process comprises of 2 stages;

  • First stage interviews will take place from 15th June via MS Teams.
  • Second stage interviews will take place from 4th July via MS Teams.

Applicants who are shortlisted for interview will be contacted by email.

This post is not exempt from the Rehabilitation of Offenders Act 1974. We only ask applicants to disclose convictions which are not yet spent / unspent under the Rehabilitation of Offenders Act 1974. Following an offer of employment, we will carry out a Basic Disclosure and Barring Service (DBS) check as part of the pre-employment check process.

Job Overview

  • Date Posted:
  • Location: Exeter, Devon
  • Job Title: Cyber Security Lead
Apply for job
Parent and Partner sites: Search Jobs Near Me | Part Time Jobs Near Me | Construction Job Board | Jobsu.co.uk
© All Rights Reserved 2023 | IT Jobs Near Me