Head of Information & Cyber Security

Job summary

We are seeking an exceptional and forward thinking Head of Information & Cyber Security to lead our Trust's security strategy, ensuring our information, systems, and digital services remain resilient, compliant, and protected against evolving cyber threats.

This is a senior leadership position, accountable to the Board for establishing and maintaining a Trust-wide information security management program, responsible for shaping our information security governance framework, providing expert advice to executive leadership, developing an organisational security culture, and ensuring we meet all relevant regulatory and legislative requirements.

Main duties of the job

The Head of Information & Cyber Security is responsible for shaping and executing the Trust's information & cyber security strategy, ensuring alignment with Trust priorities and digital transformation goals.

This role will oversee the design, implementation, and continuous improvement of security policies, frameworks, standards and controls and manage the Trust's approach to risk assessment, threat intelligence, incident response and business continuity.

As Head of Information & Cyber Security you will be responsible for ensuring compliance with key regulations and standards including NIS2, DSPT, CAF, ISO27001, Cyber Essentials Plus, Data Protection Act 2018 and UK GDPR.

You will oversee the effective security operations, monitoring, vulnerability management and penetration testing programmes and act as the key point of contact with external partners such as the NHS Cyber Security Centre, suppliers and third-party security providers.

About us

We manage three major locality hospitals at North Tyneside, Wansbeck and Hexham, plus a number of smaller community hospitals and clinics from Tynemouth to Berwick on Tweed, covering one of the largest geographical areas of any NHS trust in the country. Leading in innovation and quality - opening a state of the art Northumbria Specialist Emergency Care Hospital, the first of its kind in England. Do you want to work in one of the best performing NHS organisations in England? Work in an organisation that supports its staff and focuses on staff experience as much as it does the experience of its patients? You can live and breathe in an area that has the cleanest air, cost effective living, great nightlife, some of the best schools with a wealth of history available on your doorstep. Sound too good to be true? Well it isn't, this is what you get when you work for Northumbria Healthcare, this is the Northumbria Way! Please read 'applicant guidance notes' before submitting your application.

Job description

Job responsibilities

Responsible for developing and strengthening information and cyber security provision and implementing strong risk management strategies to protect the organisation

To develop, maintain and effectively manage the implementation of policies, standards and controls in line with best practice, providing guidance and support to colleagues to ensure security and safety

Develop the strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program

Maintain and enhance the Information Security Management system (ISMS)

To ensure that all changes to the IT environment comply with information security requirements

Oversee security performance assessment of suppliers and internal resources

Provide specialist advice on information and cyber security and increase awareness amongst staff

To work with colleagues to ensure pro-active monitoring of IT infrastructure

Ensure adherence to standards such as ISO27001, Cyber Essentials Plus and GDPR

Identify threats, assess their impact, and take appropriate action to resolve and prevent them

Ability to influence and present at Committee/Board level

Respond to or manage security incidents/breaches, oversee patching/vulnerabilities or hardening systems including detection, response, recovery, and post-incident analysis

To develop business cases for Trust capital investments around technical security

Person Specification

Qualifications

Essential
  • Educated to Masters level (or relevant experience)
  • Certified Information Security Manager (CISM) certification or Certified Information Systems Practitioner (CISSP)
  • Evidence of continuing professional development
Desirable
  • PRINCE2, project management, (or equivalent experience) and change management methodologies

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website.

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants.

Employer details

Employer name

Northumbria Healthcare NHS Foundation Trust

Address

Manufacturing & Innovation Hub Northumbria Healthcare NHS Foundation Trust

Avenue Road

Seaton Delaval

NE25 0QJ

Employer's website

https://www.northumbria.nhs.uk/



Apply Now
Apply Now

Job Details

Company
Northumbria Healthcare NHS Foundation Trust
Location
Seaton Delaval, NE25 0QJ, United Kingdom
Salary
£76965.00 to £88682.00
Posted