Job Description
NHS Digital is the national digital, data and technology delivery partner for the NHS and social care system. NHS Digital create powerful tools and services that support NHS staff at work, help people get the best care, and use the nation's health data to drive research and improve services. The scope of the products and services provided is vast, from building and running the core IT and data infrastructure, platforms and live services on which the NHS and social care system relies, through to designing and developing digital products that help NHS and care staff do their work and that put people in control of their health and care.
With the merger between NHS Digital and NHS England in full flow, we are entering an exciting phase in our development as a trusted delivery partner to the NHS and all those who rely on the unparalleled breadth and depth of the critical services it provides. This is your chance to be part of an organisation that makes a very real and positive contribution to the NHS, every day and on a national scale.
The role
Reporting to the Executive Director, National Cyber Security Operations for NHSD, you will have full accountability as the CISO to promote trust and resilience in NHS Digital's services and data by providing thought leadership and an integrated security design, risk management and assurance service to the business, extending to include NHS England & Health Education England as the organisations merge. Your responsibilities will include, but not be limited to:
Providing strong internal delivery leadership to shape a new security culture, driving continuous security improvement activities across the Directorate and organisation, contributing to the broader culture of the newly merged NHS England. This will role-model a world class function to other NHS organisations. Delivering the CISO function for NHS Digital , establishing and agreeing control framework(s) through a comprehensive GRC programme; assessing and evaluating information security risks, identifying control gaps, monitoring compliance, and risk managing these with stakeholders and using a data-driven approach to providing data-driven risk reporting to ensure continuous security improvement. Managing the team that develops and manages Security Policies in line with risk appetite and establishing BISO structures across the newly merged organisations to support the internal risk management and supply chain assurance activities Building strong and effective relationships with Senior Leaders and teams within NHS Digital, as well as suppliers and security providers to build resilience, capability and strengthen security within NHS Digital, ensuring the best value for money Leading efforts to internally assess, evaluate and make security recommendations to senior management teams and committees regarding the adequacy of the security controls in their functions and across the organisationThis leadership role, one of being a functional lead as well as being a deputy for the Executive Director Security brings with it a level of accountability that is integral to the effective operation of the Cyber Operations function and the broader organisation, ensuring functional objectives are delivered with effective governance, risk and compliance factored into all lifecycle and operational management, which will drive best practice data security across NHS Digital directorates, programmes, and services.
The successful candidate will be someone with a track-record of successfully implementing security improvements within complex organisations.
About you
Essential Criteria
Leadership & stakeholder management
Strong evidence of inclusive leadership, managing & influencing complex stakeholders, developing high performing security teams and contributing to broader corporate leadership. You will need to be adept at negotiating & ensuring delivery of security improvements against competing organisational goals. Risk & Change Management Significant experience of actively managing security risks in large organisations, implementing frameworks (e.g. NIST, ISO27001, CAF, Cyber Essentials Plus) proportionately, establishing and delivering risk reduction activities across large organisations and leading assurance & strategic risk reporting work across security domains.CISO Operational & technical security expertise
Experience establishing, delivering, and improving enterprise CISO & BISO capabilities including the use of control frameworks, security risk advice to 'secure' and 'assure', and GRC capabilities built on deep technical knowledge. What's in it for you a role as part of a dynamic team using data and digital technology to transform health and care a range of opportunities to build your experience in an environment where yourwork has a direct and positive impact a real commitment to your personal and professional development with access
to a broad range of learning opportunities
About us NHS Digital is a great place to work. What we do matters. Our outstanding teams are passionate about technology and public service, making use of everyone's skills to improve people's lives. We collaborate to deliver world class tech and intelligence, so come and join us. We are committed to sustainability, diversity and inclusion; our people are at the heart of what we do.
Why you should apply
We value the different experiences our people bring to their work at NHS Digital. We're working to create an environment where everyone can make a full contribution no matter their background, identity, or circumstances. Which means, we encourage applications from people of all backgrounds and abilities.
Our work matters. You matter.
What we offer you:
we're moving to a hybrid working approach which offers you an informal, flexible way of blending home and office working flexible working opportunities - we value and respect the diversity of our employees, and applications from prospective candidates who require flexible working arrangements are welcomed; these include part-time hours, job sharing, flexible hours and part-remote set ups 27 days annual leave increasing to 33 days with service ability to buy and sell annual leave a generous pension (with our contribution equal to 20.6% of your earnings) NHS Discounts including shops, restaurants, gym, mobile phones, and insurance employee benefit schemes including our Season Ticket Loan, Car Lease and Bike to Work schemes