Head of Cyber Risk and Assurance

Job overview

An exciting opportunity has opened up for a Head of Cyber Risk and Assurance to join us.

The Head of Cyber Security, Risk & Compliance serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and patient information in compliance with the Trust's information security policies.

A key element of the role is working with executive management to determine acceptable levels of risk for the Trust. This position is responsible for establishing and maintaining an information security management programme to ensure that information assets are adequately protected.

The role holder, leads and owns the Trust’s information security / Cyber strategy; drives and owns the Trust’s information security / Cyber posture, using a risk-based approach; and takes a comprehensive approach to information security. The role manages the information and technology risk to the Trust’s IT facilities and information from internal and external threats; advises the Trust at a strategic level on existing and emerging threats; and owns and develops the necessary IT security policies, standards, and procedures.

• Leadership of the information security / Cyber governance function across the Trust, working closely with the Head of Cyber Security Operations and the Trust Data Privacy Officer to ensure that a comprehensive approach to policy-setting is effectively implemented in all aspects of Trust activity.
• The post holder will have experience in the provision of robust governance and assurance services across the entire IT security portfolio of activities. The post holder will have excellent stakeholder and communication skills. They will be able to lead a team to create a network of relationships necessary in the delivery of Cyber security, including partners such as NHSE, GM Region and the ICS
• Development of an information security / cyber vision and strategy that is aligned to Trust priorities and enables and facilitates the organisation's objectives, and ensures senior stakeholder buy-in and mandate.
• Implementation and monitoring of a strategic, comprehensive information security cyber program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed.
• Development, communication and implementation of Trust-wide information security / cyber policies, ensuring consistent application of policies and standards, including privacy, risk management, compliance and business continuity management.
• Maintenance of said strategy, policy and control framework documentation.

Working for our organisation

The Northern Care Alliance NHS Foundation Trust (NCA) provides hospital and integrated health and social care services to over one million people living across Greater Manchester. Our 20,000 colleagues care for people in hospital and in the community, working across Bury, Rochdale, Oldham and Salford, to save and improve lives.

As a large NHS trust we are committed to enhancing the health of our local population by delivering consistently high standards of care and working closely with local authorities and key partners. We believe in our power and potential to make a difference and we’re always looking for people who demonstrate our three core values - care, appreciate and inspire – to join our team.

In return, we can offer you a job role with purpose and flexibility. The size and scale of the NCA means we can provide more challenge and opportunities so your career can always be moving in the right direction. By joining us you can also access a competitive benefits package, including, a fantastic annual leave allowance, flexible working opportunities and protected hours for health and wellbeing activities, helping you to achieve more personal downtime and a better work-life balance.

Detailed job description and main responsibilities

To read more information about the advertised role, and the main job duties/responsibilities please open the Job Description and Person Specification located under the supporting documents heading. You can also read more information about working at the Northern Care Alliance within the attached Candidate Information Pack or by visiting our careers website: www.careers.northerncarealliance.nhs.uk

Person specification

Qualifications

• Educated to a minimum of Master’s degree level, or equivalent post graduate qualification
• Degree level or equivalent qualification specifically in IT/Informatics
• Evidence of management development through Continuous Professional Development and/or formal management course

• Specialist training in areas such as: Cyber Security, Risk Management, PRINCE2 or MSP

Professional Registration

• Relevant professional body registration (CISSP / CISM)

Knowledge

• A demonstrated knowledge of information security standards (e.g., NIST, ISO-27001), rules and regulations related to information security and data confidentiality (e.g., PCI, NIST, NSA) and other various security standards and policies
• Proficiency in developing physical and digital security protocols and procedures
• Proven track record of leadership
• Evidence of developing teams/others
• Demonstrable track record in delivering complex targets and objectives to tight deadlines
• Experience of motivating and inspiring staff managed directly and indirectly to work together to achieve a common objective

Skills

• Highly developed specialist knowledge and experience of managing Information Security acquired over a significant period
• Significant knowledge and experience of applying budgeting, benefits tracking and demand management principles to both capital and revenue allocations
• Significant knowledge and understanding of the NHS, including the political, strategic and operational environment in which it operates
• Significant knowledge and experience of risk management
• Demonstrates significant level of communication skills
• Ability to work to agreed goals, in a self-directed and professional manner
• Organisation and time management skills to manage and deliver a range of multiple tasks and projects to tight deadlines
• Ability to engage and influence and persuade a broad range of individuals and professional groups at all levels of seniority
• Proactive, creative and flexible approach to identifying and taking forward opportunities, shaping new ideas and partnerships

• Knowledge and experience of Capital planning

We understand the importance of balancing work and home life. We are committed to supporting flexible working for our people wherever possible and all our colleagues are given the opportunity to discuss potential for flexible working. Speak to us about how we might be able to accommodate a flexible working arrangement.

The Northern Care Alliance NHS Foundation Trust (NCA) serves a diverse population, and each Care Organisation works hard to ensure all services are accessible and fair.

We respect the value of difference. So, our aim is to employ a workforce representative of the communities we serve. Regardless of age, disability, gender, marital status, trans status, pregnancy and maternity, race, sexual orientation, religion or belief, all are welcome.

As a Disability Confident Employer, guaranteed interviews are also available to disabled applicants when essential role requirements have been met.

If you require any reasonable adjustments to the application process, please contact [email protected]

For posts advertised on a fixed term contract basis, we will offer secondments only for NHS appointments. Fixed term contracts will be only be offered for external non-NHS appointments.

In applying for this post, you give the Trust permission to use your data for recruitment purposes.

Please note that this vacancy may be withdrawn at any time should we receive sufficient applications or if it is filled via the internal redeployment process.

Keep up to date with the latest job opportunities and information across the Northern Care Alliance by following us on Twitter and Facebook: @NCACareersNHS