Total 8 job vacancies by NHS Jobs

Leadership Provide leadership and direction to the information security and business continuity service, including wider directorate and business teams Mentor and coach others, helping to develop our long-term capability including identify capability gaps and solutions Contribute to the development of long-term strategic plans for information security and business continuity, identifying risks and issues and developing mitigation strategies with clear outcome measures.Communicating between the technical and non-technical Identify the needs of business and technical stakeholders. Effectively manage stakeholder expectations. Demonstrate excellent communication skills and can manage difficult conversations or negotiations, including highly complex, sensitive and/or contentious information. Represent information security and business continuity on various internal and external groups.Data protection and freedom of information Support information gathering and creating supporting narrative / recommendations for complex data protection and freedom of information requests. Conduct information system searches and investigations that are highly complex / sensitive in nature, to meet data protection or freedom of information needs. Provide advice and expert knowledge to projects / programmes / operational services to ensure that information systems are designed to meet data protection requirements.Financial management Understand how to balance cost versus value. Consider the impact of user needs. Contribute and develop economic investment cases for information security including financial models for implementation, and running of servicesGovernance and assurance Evolve and define governance. Take responsibility for working with and supporting other staff in wider governance. Assure services across sets of services. Use tools such as standards, guardrails, and principles to effectively govern delivery.Information Security and Business Continuity Demonstrate in-depth knowledge of information security and business continuity, including analysing + testing Trust-wide capabilities and identifying improvement areas. Ensure that our security posture is maintained, monitored/measured and be responsible for leading interventions where standards are not met (example: security patching). Develop, maintain, and improve our data and technology Business Continuity & Disaster Recovery Plans, enabling us to respond to and recover from business continuity events ensuring we can provide a safe level of service to the public during the event, and ensuring we can manage the recovery process and incorporating learning. Lead vulnerability audits, security & penetration tests, forensic audits, or related investigations ensuring all findings are evaluated, and where appropriate, fed into continuous service improvement activities to continuously improve our security posture and resilience. Responsible for ensuring standards around information security and business continuity are embedded into service design. Provide subject matter expertise in major incidents, cyber security incident and/or events caused by or affecting information security. Act as the Problem Owner for highly complex, or sensitive information security matters (from identification through to resolution). Undertake Data Protection Impact Assessment (DPIA) and Information Security Assessment (ISA) activities, including supply chain / 3rd party assessments, aligned with projects / operational services. Maintain and improve the Information Security Assessment lifecycle, and Information Risk Management documentation for IT systems and data. Ensure that access to Trust systems is appropriately managed, regularly audited, and lead investigations as required. Provide expert advice on information transfer agreements with partner organisations in support of the Information Governance function. Partner with the Organisational Development and Information Governance teams and support the delivery of information security awareness and training.Making and informing risk-based decisions Make decisions characterised by managed levels of risk and complexity and recommend decisions as risk and complexity increase. Resolve disputes between wider peers and indirect stakeholders, considering all views and opinions.Policies, procedures, and processes Develop, maintain, and improve all directorate information security and business continuity policies & procedures, considering regional and national policies and practices, ensuring that both manual and electronic information across the Trust is included in-scope. Including, but not limited to DSPT, NIS, ISO / IEC series standards, cyber essentials, etc.Risk management Conduct information security risk assessments and control selection activities. Responsible for the management of information security and business continuity risks (for technology and data), including identifying new risks and ensure we are actively managing risk controls (for your portfolio that you are leading on).Service focus, monitoring, and reporting See the bigger picture and investigate how to get the best out of the underlying services to support the organisations strategic objectives and business priorities. Take complex reporting data from multiple sources, compare, and interpret against service baseline and industry standards and provide a supporting narrative. Responsible for service reporting for information security and business continuity, in-line with Trust-agreed reporting measures (example: security dashboard, security operations centre performance, etc). Ensure we comply with external reporting for information security and business continuity (example: NHS Cyber Alerts).Strategy Apply strategy, using and challenging patterns, standards, policies, roadmaps, and vision statements. You can provide guidance. Evaluate current information security and business continuity strategies to ensure business requirements are being met and exceeded where possible Responsible for managing and updating underpinning / enabling information security strategies that support the business objectives Ensure alignment of operating procedures and policies in-line with national, sector (ICS) and industry best practice where it makes sense to do so.Understanding the whole context Understand trends and practices outside your team and how these will impact your work. See how your work fits into the broader strategy and historical context. Consider the patterns and interactions on a larger scale.User focus Explain the difference between user needs and the desires of the user. Champion user research to focus on all users. Prioritise and define approaches to understand the user story, guiding others in doing so. Offer recommendations on the best tools and methods to use.Community of practice Develop and maintain a network of professionals to enable continuous learning and a community which can share, learn, and keep up to date on the information security and business continuity landscape, within the wider Digital, Data and Technology teams. Other Duties: Deputise for the Head of Information Security & Business Continuity as required. Occasional work may be required outside of core business hours to support major projects / programmes. All other reasonable requests

What Were Looking For: Experience in public involvement or patient engagement, ideally in research or healthcare. Strong leadership and team management skills. Strategic thinking with the ability to translate vision into action. Excellent communication skills to engage with researchers, public contributors, and stakeholders. This role offers the opportunity to lead meaningful change in medical research. If you're ready to make a difference, apply today!

Please see attached the job description for full job details. For further enquiries please contact the Recruitment team.

If you like what you've read and would like more information on the duties and responsibilities of this role, please click on the attached Job Description and Person Specification.

If you like what you've read and would like more information on the duties and responsibilities of this role, please click on the attached Job Description and Person Specification.

Execute all levels of testing (System, Integration, and Regression) detecting and tracking solution defects and inconsistencies. Design and develop automation/test scripts (Automation first approach), providing timely solutions and supporting documentation, including test packs for customer(s). Present test evidence and lead discussions around findings. Complete all aspects of Functional & Non-Functional testing ensuring collaboration with the development team to develop effective strategies and test plans. Complete security test scripts on products such as XSS and SQL injection tests where applicable on products, generating detailed reports for technical and non-technical staff and stakeholders. Investigate security alerts and provide incident response, feeding back to relevant parties where necessary. Help troubleshoot and resolve issues and conduct post-release/ post-implementation testing Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.

At this role level, you will: be involved in strategic decision-making and be central to assuring services to improve the security and resilience of our organisational infrastructure. lead the information security and business continuity team, including managed services and accountability for performance and quality measures. regularly collaborate and find agreement with senior stakeholders, providing direction and challenge be proactive in identifying problems and translating these into non-technical descriptions that can be widely understood. Skills required for this role Leadership Provide leadership and direct line management for staff in the Information Security and Business Continuity team and vendors / managed service providers and provide subject matter expertise to wider directorate service teams. Mentor, coach, and line manage teams and services (including managed services) - developing their skills and capabilities to meet the needs of the organisation and healthcare partners, as well as building on existing recruiting capabilities to address new needs or skill gaps. Develop and lead the implementation of long-term strategic plans for information security and business continuity, identifying risks and issues and developing mitigation strategies with clear outcome measures. Communicating between the technical and non-technical Identify the needs of business and technical stakeholders, ensuring information security and business continuity principles are embedded in all we do. Effectively manage stakeholder expectations Demonstrate excellent communication skills and can manage difficult conversations or negotiations, including highly complex, sensitive and/or contentious information. Present, interpret and explain complicated information to large groups of people to influence understanding and change. Represent information security and business continuity on various internal and external groups, including Trust board-level and/or committee meetings. Data protection and freedom of information Act as the main point of contact for data protection or freedom of information queries and issues Instigate, commission, oversee or conduct information system searches and investigations to meet data protection or freedom of information needs. Provide advice and expert knowledge to projects / programmes / operational services to ensure that information systems are designed to meet data protection requirements. Financial management Understand how to balance cost versus value. Consider the impact of user needs. Responsible for the budget for your services (pay and non-pay) and know how and when to escalate issues. Contribute and develop economic investment cases for information security, including business planning processes covering sounds financial models for implementation, and running of the services. Governance and assurance Evolve and define governance, taking ownership and responsibility for ensuring adherence to IT requirements in the Data Security & Protection Toolkit (DSPT), and other appropriate governance frameworks. Take responsibility for working with and supporting other staff in wider governance. Assure services across sets of services. Use tools such as standards, guardrails, and principles to effectively govern delivery. Information Security and Business Continuity Demonstrate in-depth knowledge of information security and business continuity, including analysing + testing Trust-wide capabilities and identifying improvement areas. Ensure that our security posture is maintained, monitored/measured and be responsible for leading interventions where standards are not met (example: security patching) Develop, maintain, and improve our data and technology Business Continuity & Disaster Recovery Plans, enabling us to respond to and recover from business continuity events ensuring we can provide a safe level of service to the public during the event, and ensuring we can manage the recovery process and incorporating learning. Lead, plan and execute all required vulnerability audits, security & penetration tests, forensic audits, or related investigations ensuring all findings are evaluated, and where appropriate, fed into continuous service improvement activities to continuously improve our security posture and resilience. Responsible for supporting the design, development, testing and transition of any new information security services into operations. Provide subject matter expert leadership in major incidents and events caused by or affecting information security. Act as the Problem Owner for information security and business continuity matters (ITIL) Responsible for the Information Security Assessment lifecycle, and Information Risk Management documentation for IT systems and data Responsible for ensuring that access to Trust systems is appropriately managed, regularly audited, and lead investigations as required. Provide expertise on information transfer agreements with partner organisations in support of the Information Governance function. Partner with the Organisational Development and Information Governance teams in the planning, development and delivery of information security awareness and training. Making and informing risk-based decisions Act as a point of escalation Be trusted by senior risk owners as an expert in information security and business continuity. Apply risk methodologies at the most complex levels of risk. Policies, procedures, and processes Responsibility for information security and business continuity for data and technology, ensuring that policies and procedures are both effective in terms of protection, but realistic and enabling for the business. Develop, maintain, and improve all directorate information security and business continuity policies & procedures, considering regional and national policies and practices, ensuring that both manual and electronic information across the Trust is included in-scope. Risk management Responsible for the management of information security and data and technology business continuity risks, including identifying new risks and ensuring we are actively managing risk controls. Service focus, monitoring, and reporting See the bigger picture and investigate how to get the best out of the underlying services to support the organisations strategic objectives and business priorities. Monitor and enforce information security and business continuity principles, policies, and procedures both on a regular basis, and on-demand (as/when required) Take complex reporting data from multiple sources, compare, and interpret against service baseline and industry standards and provide a supporting narrative. Responsible for service reporting for information security and business continuity, in-line with Trust-agreed reporting measures Strategy Apply strategy, using and challenging patterns, standards, policies, roadmaps, and vision statements. You can provide guidance. Challenge and lead changes to policy and processes that support business outcomes, with business architecture, legal and political implications. Ensure alignment of operating procedures and policies in-line with national, sector (ICS) and industry best practice where it makes sense to do so. Understanding the whole context Understand trends and practices outside your team and how these will impact your work. See how your work fits into the broader strategy and historical context. Consider the patterns and interactions on a larger scale. User focus Explain the difference between user needs and the desires of the user. Champion user research to focus on all users. Prioritise and define approaches to understand the user story, guiding others in doing so. Community of practice Responsible for research and development activities relating to the highly complex field of information security and business continuity. Develop and maintain a network of professionals to enable continuous learning and a community which can share, learn, and keep up to date on the information security and business continuity landscape, within the wider Digital, Data and Technology teams. Other Duties: Deputise for other members of the CIO Leadership Team as required. Occasional work may be required outside of core business hours to support major projects / programmes. All other reasonable requests

Please see the attached job description for the full job details. For further enquiries please contact the Recruitment Team.