Oversight Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security across departments. Support Information Governance and Data Protection with policy harmonisation … New and existing systems, applications, and infrastructure. Cloud service configurations (IaaS, SaaS, PaaS). Network architecture, including firewalls, VPNs, and segmentation. Identity and Access Management (IAM) implementations, including PIM / PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from … a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal / external audits and security assessments. Track and report on compliance with standards and regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO27001). More ❯
NHS Bristol, North Somerset and South Gloucestershire Integrated Care Board
infrastructure, data pipelines, security, governance and scalability. You will ensure the environment remains robust, trusted and aligned with the highest standards of data protection and interoperability, including SATRE and ISO27001, giving partners and the public confidence their data is safe. This hands-on role suits a leader who thrives on managing complexity and problem solving. Collaboration is key, working with … of the SWSDE platform, ensuring security, stability, and scalability at all times. Manage and monitor system security , including threat detection, risk management, and incident response, ensuring compliance with SATRE, ISO27001, DSPT, and NHS cybersecurity frameworks. Develop and maintain secure data pipelines from contributing NHS and partner organisations, ensuring interoperability, data quality, and adherence to governance standards. Provide technical leadership to … as Prince 2 and Managing Successful Projects Experience of identifying and interpreting National policy. Experience of researching best practice (globally, private and public sector), interpreting its relevance and processes / practices which could be implemented successfully to achieve system reform (advising on policy implementation) Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act More ❯
Proven background in Cyber Governance, Risk & Compliance or Information Security . Experience building management and board-level reports . Familiarity with CAF , SCF , or other security control frameworks (ISO27001, NIST, etc.). Good understanding of risk management and supplier assurance . Excellent communication and stakeholder management skills. Comfortable working in a hybrid model - 3 days More ❯
