Band 7 Cyber Security Risk Lead Officer
NHS Jobs Yeovil
PURPOSE OF THE ROLE: The Cyber Security Risk Lead Officer will be responsible for providing pragmatic, risk-based solutions to enable the ICS to pursue its Digital, Data and Technology (DDaT) Strategy and Cyber Security Strategy objectives in a responsible and compliant manner.
Cyber Threats are an ongoing and ever-changing risk to the information and trust required to maintain health and care services for the residents of Somerset. We are seeking an individual with a passion for cyber security and is capable of using strong relationships across the system to spot emerging risks, insights and trends.
KEY RESPONSIBILTIES OF THE ROLE: The Cyber Security Risk Lead Officer is accountable for: Leading the management of information security related risks and supporting across-team working with different departments and organisations, including Information Governance, and Risk teams, and Somerset ICS partners.
Supporting business continuity planning for GP IT and the Common technology platforms for the ICS. Ensuring routine testing and documentation is in place and that teams are educated and complying with requirements. Working with colleagues across the ICS to ensure compliance with Cyber Security standards and to manage information security risks.
Building a framework and reporting schedule to ensure that we are complying with Data Security standards. Supporting compliance (through working with Cyber Security colleagues across the ICS) with information security and data privacy across all common projects and programmes.
Assuring that Cyber Security assessments are undertaken during the scoping of every new DDaT project or programme and during every risk mitigation options analysis. Advocating for a common framework to assess cyber security across the ICS. Ensuring all statutory notification and reporting requirements are met.
Working with specialist colleagues and external organisations to obtain high-quality competent advice on cyber security requirements and risk management Developing a clear cyber security compliance framework, aligned to the ICS partner risk appetite.
Co-creating, implementing, and maintaining compliance policies and procedures in line with relevant legislation, regulations, and industry best practices. Overseeing all certificates and accreditations in the annual renewal process. Identifying and developing partnership working opportunities, and relationships both within the ICS and with its wider stakeholders.
Liaise with other Government, Non-Government organisations, statutory agencies and public and private sector organisations to develop collaborative approaches which can deliver the ICSs DDaT Strategy and Cyber Security Strategy goals. Implementing control processes and maintaining data quality during analysis and interpretation of security incidents and alerts.
Planning, creating and implementing cyber information campaigns to maintain colleague awareness of cyber risks, threats and vulnerabilities. Communication You can present analysis and visualisations in clear ways to communicate complex messages to a variety of audiences.
Finance You will be a budget holder for a cross ICS budget for the programme and will be accountable to every organisation that contributed to that budget You will have to assess and procure software to support framework compliance HR You can design and deliver training staff on new systems and processes Information Resources You can design and adapt information systems from specifications of others.
You can draft reports and information using more than one information system Research & Development You can lead the collection of information and creation of recommendations for improvements You can check data to identify errors and check for accuracy Autonomy/Freedom to Act You can ensure that cyber security processes are aligned to business needs and strategy You can use initiative on a regular basis You have the ability to prioritise own work and approaches new tasks flexibly You can take inputs and establish coherent frameworks that work You can demonstrate a very strong knowledge of security and data privacy when it comes to personal and health information Mental Effort You can quickly read and interpret complex documents from a range of sources and distil to what is relevant.
Cyber Threats are an ongoing and ever-changing risk to the information and trust required to maintain health and care services for the residents of Somerset. We are seeking an individual with a passion for cyber security and is capable of using strong relationships across the system to spot emerging risks, insights and trends.
KEY RESPONSIBILTIES OF THE ROLE: The Cyber Security Risk Lead Officer is accountable for: Leading the management of information security related risks and supporting across-team working with different departments and organisations, including Information Governance, and Risk teams, and Somerset ICS partners.
Supporting business continuity planning for GP IT and the Common technology platforms for the ICS. Ensuring routine testing and documentation is in place and that teams are educated and complying with requirements. Working with colleagues across the ICS to ensure compliance with Cyber Security standards and to manage information security risks.
Building a framework and reporting schedule to ensure that we are complying with Data Security standards. Supporting compliance (through working with Cyber Security colleagues across the ICS) with information security and data privacy across all common projects and programmes.
Assuring that Cyber Security assessments are undertaken during the scoping of every new DDaT project or programme and during every risk mitigation options analysis. Advocating for a common framework to assess cyber security across the ICS. Ensuring all statutory notification and reporting requirements are met.
Working with specialist colleagues and external organisations to obtain high-quality competent advice on cyber security requirements and risk management Developing a clear cyber security compliance framework, aligned to the ICS partner risk appetite.
Co-creating, implementing, and maintaining compliance policies and procedures in line with relevant legislation, regulations, and industry best practices. Overseeing all certificates and accreditations in the annual renewal process. Identifying and developing partnership working opportunities, and relationships both within the ICS and with its wider stakeholders.
Liaise with other Government, Non-Government organisations, statutory agencies and public and private sector organisations to develop collaborative approaches which can deliver the ICSs DDaT Strategy and Cyber Security Strategy goals. Implementing control processes and maintaining data quality during analysis and interpretation of security incidents and alerts.
Planning, creating and implementing cyber information campaigns to maintain colleague awareness of cyber risks, threats and vulnerabilities. Communication You can present analysis and visualisations in clear ways to communicate complex messages to a variety of audiences.
You can build long-term strategic relationships You can influence stakeholders and manage relationships effectively You can communicate negative and positive information to stakeholders You can work within a strategic context and communicate how activities meet strategic goalsAnalysis & Judgement You can identify opportunities to use new digital technologies to enhance benchmarking capability in alignment with the roles objectives You can describe and work within environmental constraints, finding the most appropriate solution for users.
Planning & Organisational Skills You can facilitate and deliver complex project outcomes within defined timescales You can ensure projects or initiatives are delivered on time to quality standards and in a cost-effective manner, adjusting plans as required You can plan training delivery for a new system that impacts on the whole organisation time Policy & Service Development You can contribute to the development of strategy and policies.Finance You will be a budget holder for a cross ICS budget for the programme and will be accountable to every organisation that contributed to that budget You will have to assess and procure software to support framework compliance HR You can design and deliver training staff on new systems and processes Information Resources You can design and adapt information systems from specifications of others.
You can draft reports and information using more than one information system Research & Development You can lead the collection of information and creation of recommendations for improvements You can check data to identify errors and check for accuracy Autonomy/Freedom to Act You can ensure that cyber security processes are aligned to business needs and strategy You can use initiative on a regular basis You have the ability to prioritise own work and approaches new tasks flexibly You can take inputs and establish coherent frameworks that work You can demonstrate a very strong knowledge of security and data privacy when it comes to personal and health information Mental Effort You can quickly read and interpret complex documents from a range of sources and distil to what is relevant.
You can absorb large amounts of conflicting information and use it to produce solutions.
My Four WheelsDorchester (Dorset), 18 mi from Yeovil
industries -Driving industry (HGV driver, delivery driver, van driver, LGV driver and bus driver).
Finance industry (finance manager, accountant, analysts, supervisor and director).
IT industry (IT support, cyber security, web designer, engineers and web...
My Four WheelsWeston-super-Mare, 31 mi from Yeovil
industries -Driving industry (HGV driver, delivery driver, van driver, LGV driver and bus driver).
Finance industry (finance manager, accountant, analysts, supervisor and director).
IT industry (IT support, cyber security, web designer, engineers and web...
Bristol, 35 mi from Yeovil
Location
UK Wide
About the job you're considering
Capgemini’s Global Cybersecurity Practice (of over 4,000 professionals) delivers projects, consulting and Managed Run services in all areas of IT and OT, from networks to cloud services...