Deputy Director Chief Information Security Officer Closing Date - 23:55 on Monday 23rd March 2026 You will receive a salary between £96,981 - £130,000 which includes any applicable skills payment, depending on skills and experience. In addition, the role attracts a non-concessionary payment of £3030 (subject to security compliance) and London Pay Addition of £6250 if contracted to a London work location. The skills payment will be discussed and assessed at interview. Grade: SCS 1 - Open to applicants on promotion Working Pattern:Requests for flexible working patterns will be considered and should be discussed with the Hiring Manager upon application. A small amount of home working is possible but there is an expectation that most of this role will be office based. Clearance: DV clearance required About Us GCHQ is the nation's intelligence, cyber and security agency. We work to make the UK the safest place to live and work online; connect the national security community securely; and provide insights and counter threats through SIGINT and effects. Our people work closely with MI5 and MI6 as well as defence, international, and industry partners across a variety of locations, with major hubs in Cheltenham, London and Manchester as well as other sites in the UK and overseas. We live by the values of ingenuity, integrity, impact and teamwork as we work to keep the UK safe, resilient and prosperous in an uncertain world. A role with us means you will do unique and challenging work in a supportive environment, making a meaningful difference to national security. About the Role The UK Intelligence Community (UKIC) is seeking an outstanding Chief Information Security Officer (CISO) to lead cyber security and information governance across some of the nation's most sensitive missions. Accountable to the UKIC Infosec Director, this is one of themost high profile technical leadership roles in government, shaping the strategic direction of information security to protect the UK against the most capable and persistent adversaries. The successful candidate will ensure operational resilience and secure innovation in support of national intelligenceobjectives, delivering results ina highly complexand rapidly evolving environment. As CISO, you willwork with colleagues to set and implement the organisation's cyber and information security strategy, striking the right balance between capability, acceptableriskand technological progress. You will integrate security governance intoa complex set of crossagencyorganisational decision making,forumsensuring that information risks are managed effectively and proportionately, and that security is embedded at every level. This includes advising executive boards and senior leaders on the potential implications of majorprogrammes, andguiding the organisations in safely embracing innovation and digital transformation. You willbe responsible fordesigning andleading the UKIC's end-to-end risk management framework. This includes defining and tracking cybersecurity KPIs, producing regular reports for senior stakeholders, conducting organisation wide riskassessmentsand overseeing vulnerability management to ensure compliance with relevant frameworks. You willbe responsible fordesigningincident response and business continuitystrategies and ensuring they are implemented by business areas. Your leadership will be central to developing sustainable security budgets and resourcing strategies that ensure capabilitiesremainstrong in the face of emerging threats. This role demands exceptional communication skills and the ability to influence at the highest levels of government. You must be confident presenting complex security concepts to both technical and non technical audiences, including boards,ministersand cross government stakeholders. You will draw onsignificant experiencedelivering robust security strategies in complex organisations anddemonstratedeep knowledge of cyber threat landscapes, risk managementpracticesand modern security technologies.International relationships are a critical element of this role, so familiarity working with key allied governments would be valuable. You should bringexpertisein securing cloud environments and emerging technologies within digital transformation programmes, alongside a strong understanding of regulatory compliance frameworks such as NIST, ISO27001, GDPR andGovS007. Professional certifications such as CISSP, CISM or CCISO are highly desirable. A proventrack recordin embedding a positive security culture, mentoring high performingteamsand managing supplier security will be critical to your success. This is a unique opportunity to take on one of the most influential cyber security leadership roles in the UK. Protecting the nation's intelligence capabilities requires vision, strategicacumenand operational excellence. If you are ready to take on this challenge, and have the skills,integrityand commitment to safeguard national security, we invite you to join us in delivering a secure future for UK intelligence. The role can be based in Cheltenham,Manchesteror London, with a regular presencerequiredin those locations. The ability to undertake occasional international travel is desirable. Key Responsibilities Develop,maintainand articulate a clear understanding of the cyber and information security risks inherent across the whole organisationin order toprovide assurance to the UKIC Group Senior information risk owner (SIRO). Create and implement information security strategy which supports the organisation indeterminingthe right balance between the organisation's cyber and information security capabilities, acceptable level of risk and speed of technology progress. Ensure an effective cyber and information security governance framework that isintegrated with overall organisational governance. Define and track cybersecurity KPIs, producing regular executive andboard levelreports on security posture. Enable the organisation to innovate safely byadvisingsenior leadership on the potential risks and implications of major decisions thatimpactinformation security. Oversee the creation and implementation of relevant policies and standards which ensure effective information risk management. Identifyand deliver opportunities for improvement of the security operations functionto ensuretimelydetection and response to security incidents. Lead and mentor high performing information security professionals, fostering a culture of professional development. Play a leading role in multiple Technical and programme boards. Work closely with stakeholders from across the UK Intelligence Community to ensure an end-to-end approach to cyber security and ensure that cyber security is embedded at all levels. Person Specification Essential Criteria, qualifications and experience Exceptional communication skills, with the ability to present complex security concepts to both technical and non-technical stakeholders at all levels. Proven experience developing and implementing information security strategies and policies within a complex organisation. In-depth understanding of cybersecurity threats,technologiesand risk management practices. One or more professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Chief Information Security Officer (CCISO) are highly desirable. Deep understanding of cloud security. Experience leading an operational cyber security function, or the delivery of cyber security capabilities. Extensive knowledge of relevant public and private sector cyber security practice. SCS Competency Framework The role is broad and varied in scope, but particularly focused on the following SCS1 Behaviours (Level 5): Seeing the Big Picture Making Effective Decisions Driving Innovation and Change Providing Customer Value How to apply To apply, you will need to copy and paste the following into the relevant sections of the application form: a statement of suitability outlining how your personal skills, qualities and experiences demonstrate your suitability for the role. We ask that you structure your statement with a sub-heading for each of the essential criteria listed above and, below each, include evidence of how you meet that criterion. a CV setting out your career history, with key responsibilities and achievements. Please ensure you have provided reasons for any gaps within the last two years. It is important that through your CV and supporting statement, you give evidence and examples of proven experience of each of the elements of the essential criteria. Please note - the application form consists of two stages; an initial eligibility check, followed by a full application form. It is at the full application form stage that you will have the opportunity to input your suitability statement and CV information. If you have any questions about the role and/or would like to discuss the role in more detail, please email emailprotected who will direct your enquiry appropriately. What to expect Our recruitment process is fair, transparent, and based on merit. Here is a brief overview of each stage, in order: Your application will be sifted to assess your evidence against the essential criteria above. If shortlisted . click apply for full job details
Mar 03, 2026
Full time
Deputy Director Chief Information Security Officer Closing Date - 23:55 on Monday 23rd March 2026 You will receive a salary between £96,981 - £130,000 which includes any applicable skills payment, depending on skills and experience. In addition, the role attracts a non-concessionary payment of £3030 (subject to security compliance) and London Pay Addition of £6250 if contracted to a London work location. The skills payment will be discussed and assessed at interview. Grade: SCS 1 - Open to applicants on promotion Working Pattern:Requests for flexible working patterns will be considered and should be discussed with the Hiring Manager upon application. A small amount of home working is possible but there is an expectation that most of this role will be office based. Clearance: DV clearance required About Us GCHQ is the nation's intelligence, cyber and security agency. We work to make the UK the safest place to live and work online; connect the national security community securely; and provide insights and counter threats through SIGINT and effects. Our people work closely with MI5 and MI6 as well as defence, international, and industry partners across a variety of locations, with major hubs in Cheltenham, London and Manchester as well as other sites in the UK and overseas. We live by the values of ingenuity, integrity, impact and teamwork as we work to keep the UK safe, resilient and prosperous in an uncertain world. A role with us means you will do unique and challenging work in a supportive environment, making a meaningful difference to national security. About the Role The UK Intelligence Community (UKIC) is seeking an outstanding Chief Information Security Officer (CISO) to lead cyber security and information governance across some of the nation's most sensitive missions. Accountable to the UKIC Infosec Director, this is one of themost high profile technical leadership roles in government, shaping the strategic direction of information security to protect the UK against the most capable and persistent adversaries. The successful candidate will ensure operational resilience and secure innovation in support of national intelligenceobjectives, delivering results ina highly complexand rapidly evolving environment. As CISO, you willwork with colleagues to set and implement the organisation's cyber and information security strategy, striking the right balance between capability, acceptableriskand technological progress. You will integrate security governance intoa complex set of crossagencyorganisational decision making,forumsensuring that information risks are managed effectively and proportionately, and that security is embedded at every level. This includes advising executive boards and senior leaders on the potential implications of majorprogrammes, andguiding the organisations in safely embracing innovation and digital transformation. You willbe responsible fordesigning andleading the UKIC's end-to-end risk management framework. This includes defining and tracking cybersecurity KPIs, producing regular reports for senior stakeholders, conducting organisation wide riskassessmentsand overseeing vulnerability management to ensure compliance with relevant frameworks. You willbe responsible fordesigningincident response and business continuitystrategies and ensuring they are implemented by business areas. Your leadership will be central to developing sustainable security budgets and resourcing strategies that ensure capabilitiesremainstrong in the face of emerging threats. This role demands exceptional communication skills and the ability to influence at the highest levels of government. You must be confident presenting complex security concepts to both technical and non technical audiences, including boards,ministersand cross government stakeholders. You will draw onsignificant experiencedelivering robust security strategies in complex organisations anddemonstratedeep knowledge of cyber threat landscapes, risk managementpracticesand modern security technologies.International relationships are a critical element of this role, so familiarity working with key allied governments would be valuable. You should bringexpertisein securing cloud environments and emerging technologies within digital transformation programmes, alongside a strong understanding of regulatory compliance frameworks such as NIST, ISO27001, GDPR andGovS007. Professional certifications such as CISSP, CISM or CCISO are highly desirable. A proventrack recordin embedding a positive security culture, mentoring high performingteamsand managing supplier security will be critical to your success. This is a unique opportunity to take on one of the most influential cyber security leadership roles in the UK. Protecting the nation's intelligence capabilities requires vision, strategicacumenand operational excellence. If you are ready to take on this challenge, and have the skills,integrityand commitment to safeguard national security, we invite you to join us in delivering a secure future for UK intelligence. The role can be based in Cheltenham,Manchesteror London, with a regular presencerequiredin those locations. The ability to undertake occasional international travel is desirable. Key Responsibilities Develop,maintainand articulate a clear understanding of the cyber and information security risks inherent across the whole organisationin order toprovide assurance to the UKIC Group Senior information risk owner (SIRO). Create and implement information security strategy which supports the organisation indeterminingthe right balance between the organisation's cyber and information security capabilities, acceptable level of risk and speed of technology progress. Ensure an effective cyber and information security governance framework that isintegrated with overall organisational governance. Define and track cybersecurity KPIs, producing regular executive andboard levelreports on security posture. Enable the organisation to innovate safely byadvisingsenior leadership on the potential risks and implications of major decisions thatimpactinformation security. Oversee the creation and implementation of relevant policies and standards which ensure effective information risk management. Identifyand deliver opportunities for improvement of the security operations functionto ensuretimelydetection and response to security incidents. Lead and mentor high performing information security professionals, fostering a culture of professional development. Play a leading role in multiple Technical and programme boards. Work closely with stakeholders from across the UK Intelligence Community to ensure an end-to-end approach to cyber security and ensure that cyber security is embedded at all levels. Person Specification Essential Criteria, qualifications and experience Exceptional communication skills, with the ability to present complex security concepts to both technical and non-technical stakeholders at all levels. Proven experience developing and implementing information security strategies and policies within a complex organisation. In-depth understanding of cybersecurity threats,technologiesand risk management practices. One or more professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Chief Information Security Officer (CCISO) are highly desirable. Deep understanding of cloud security. Experience leading an operational cyber security function, or the delivery of cyber security capabilities. Extensive knowledge of relevant public and private sector cyber security practice. SCS Competency Framework The role is broad and varied in scope, but particularly focused on the following SCS1 Behaviours (Level 5): Seeing the Big Picture Making Effective Decisions Driving Innovation and Change Providing Customer Value How to apply To apply, you will need to copy and paste the following into the relevant sections of the application form: a statement of suitability outlining how your personal skills, qualities and experiences demonstrate your suitability for the role. We ask that you structure your statement with a sub-heading for each of the essential criteria listed above and, below each, include evidence of how you meet that criterion. a CV setting out your career history, with key responsibilities and achievements. Please ensure you have provided reasons for any gaps within the last two years. It is important that through your CV and supporting statement, you give evidence and examples of proven experience of each of the elements of the essential criteria. Please note - the application form consists of two stages; an initial eligibility check, followed by a full application form. It is at the full application form stage that you will have the opportunity to input your suitability statement and CV information. If you have any questions about the role and/or would like to discuss the role in more detail, please email emailprotected who will direct your enquiry appropriately. What to expect Our recruitment process is fair, transparent, and based on merit. Here is a brief overview of each stage, in order: Your application will be sifted to assess your evidence against the essential criteria above. If shortlisted . click apply for full job details
Hybrid role to be based in our Edinburgh or London office. About us Seccl is the Octopus-owned embedded investment platform that's on a mission to helping more people to invest - and invest well. We're B-Corp certified with an amazing product-market fit, impressive early traction and the potential to transform an outdated industry, for the better. We've been growing fast and will scale even faster over the next few years. We're also proud to be part of Octopus, the £multi billion group that's on a mission to breathe new life into broken industries, through companies like Octopus Energy, Octopus Investments and Octopus Money. Check out the Seccl website for the latest on our products and our mission to shape the future of investments. The role Reporting into the Chief risk officer (CRO), the head of information security risk role is responsible for the day to day management and continual improvement of the information security management system (ISMS). You will be responsible for designing, implementing, and monitoring Seccl's Information Security Management System (ISMS). You will also provide second line oversight of all security activities at Seccl. On a typical day you will be Shaping and driving our information security strategy alongside the CRO and executive team, ensuring security enables - not slows - our growth. Partnering with Risk to define and embed our security risk appetite, making smart, commercially aware decisions in a fast-moving environment. Evolving and strengthening our ISMS, continuously improving policies, controls and processes as we scale. Owning oversight of third party security reviews and customer due diligence, helping us move quickly while maintaining high standards. Turning security metrics and risk insights into clear, actionable reporting for senior leadership and governance forums. Leading internal audits and control effectiveness reviews, including ISO 27001/27002 controls, with a focus on pragmatism and continuous improvement. Driving resilience across the business - from business continuity and disaster recovery testing to hands on incident oversight and lessons learned. Acting as our Data Protection Officer, championing GDPR compliance, advising on DPIAs and confidently engaging with regulators and data subjects when needed. This role's for you if You hold current CISSP certification. You bring significant experience leading Information/Cyber Security in a regulated environment. You've operated within ICO regulated environments and understand the practical realities of GDPR compliance. You have strong working knowledge of risk methodologies, security frameworks and industry standards. You're comfortable with modern cloud technologies and understand the security considerations that come with them. You're a certified ISO 27001 Lead Auditor and/or Implementer, with hands on experience applying the standard in practice. You have a solid technical foundation in IT or security, allowing you to engage credibly across engineering and leadership teams. This role isn't for you if You rely on a lot of top down direction. Here, you'll have a lot of freedom and ownership of your role, and you'll be expected to shape your own progression. You're not comfortable working in a fast paced environment. Our speed and scalability are what set us apart; you need to be able to act quickly and think on your feet. You struggle to follow through on ideas. We value people who do what they say they will. If you care about something, you have the freedom here to make it happen. You don't like change. You'll get on great here if you relish the ambiguity of rapid growth and are willing to embrace uncertainty. What's in it for you We offer a generous mix of benefits for the things that really matter to our people, including: A salary between £110,000 and £130,000 - dependant on experience + reviewed annually 27 days holiday + bank holidays (some can be flexible) + day off on your birthday + three days (full time) per year for Dependant leave Two volunteering days per year Option to work abroad for up to six weeks a year Secclbrate - our recognition programme that offers a mix of flexible rewards including extra pay, additional holiday and increased learning budget Length of service award - one month paid sabbatical at eight years 6% employer pension contribution, and life assurance Private medical insurance with AXA Health Enhanced Parental leave MacBook and up to £500 home office set up budget £750 per person learning budget Health and wellbeing initiatives including free therapy via Wellness Cloud, mental health support via Headspace Strong financial wellbeing focus including access to Octopus Money, Octopus Share Incentive Plan and will writing offering via Octopus Legacy Perkbox - Flexi points giving you a range of discounts and perks including free weekly coffee, gym and retail discounts Access to initiatives like Cycle to Work and Octopus Electric Vehicle Leasing Our culture We're proud to put people first, creating a culture where we truly listen to what matters most to them. Our transparent and inclusive environment encourages diversity of thought, challenge and experimentation. Check out our Glassdoor page for the latest reviews or our LinkedIn for company updates and insights from the team. Interview process Interviewing is a two way thing, and we want you to have the time and opportunity to get to know us, as much as we are getting to know you. Our interviews are conversational, so come with questions and be curious. In general, you can expect the interview process to look a bit like this, (following an initial chat with one of our Talent team): First stage - 45 mins competencies based interview with the hiring manager and Head of operational resilience Second stage - one hour technical interview or assessment with the hiring manager and current Head of information security risk Final stage - 45 mins bar raiser culture based interview with the CTO and Operations director We'll only close this role once we have enough applications for the next stage. Please submit your application as soon as possible to make sure you don't miss out and you should expect to hear back from us within one to two weeks of applying. Our aim is to build a diverse and inclusive company of awesome people, with unique skills, passions and experiences. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status. If this sounds like your kind of thing, we encourage you to apply even if you don't tick every box. We'd love to hear from you!
Feb 28, 2026
Full time
Hybrid role to be based in our Edinburgh or London office. About us Seccl is the Octopus-owned embedded investment platform that's on a mission to helping more people to invest - and invest well. We're B-Corp certified with an amazing product-market fit, impressive early traction and the potential to transform an outdated industry, for the better. We've been growing fast and will scale even faster over the next few years. We're also proud to be part of Octopus, the £multi billion group that's on a mission to breathe new life into broken industries, through companies like Octopus Energy, Octopus Investments and Octopus Money. Check out the Seccl website for the latest on our products and our mission to shape the future of investments. The role Reporting into the Chief risk officer (CRO), the head of information security risk role is responsible for the day to day management and continual improvement of the information security management system (ISMS). You will be responsible for designing, implementing, and monitoring Seccl's Information Security Management System (ISMS). You will also provide second line oversight of all security activities at Seccl. On a typical day you will be Shaping and driving our information security strategy alongside the CRO and executive team, ensuring security enables - not slows - our growth. Partnering with Risk to define and embed our security risk appetite, making smart, commercially aware decisions in a fast-moving environment. Evolving and strengthening our ISMS, continuously improving policies, controls and processes as we scale. Owning oversight of third party security reviews and customer due diligence, helping us move quickly while maintaining high standards. Turning security metrics and risk insights into clear, actionable reporting for senior leadership and governance forums. Leading internal audits and control effectiveness reviews, including ISO 27001/27002 controls, with a focus on pragmatism and continuous improvement. Driving resilience across the business - from business continuity and disaster recovery testing to hands on incident oversight and lessons learned. Acting as our Data Protection Officer, championing GDPR compliance, advising on DPIAs and confidently engaging with regulators and data subjects when needed. This role's for you if You hold current CISSP certification. You bring significant experience leading Information/Cyber Security in a regulated environment. You've operated within ICO regulated environments and understand the practical realities of GDPR compliance. You have strong working knowledge of risk methodologies, security frameworks and industry standards. You're comfortable with modern cloud technologies and understand the security considerations that come with them. You're a certified ISO 27001 Lead Auditor and/or Implementer, with hands on experience applying the standard in practice. You have a solid technical foundation in IT or security, allowing you to engage credibly across engineering and leadership teams. This role isn't for you if You rely on a lot of top down direction. Here, you'll have a lot of freedom and ownership of your role, and you'll be expected to shape your own progression. You're not comfortable working in a fast paced environment. Our speed and scalability are what set us apart; you need to be able to act quickly and think on your feet. You struggle to follow through on ideas. We value people who do what they say they will. If you care about something, you have the freedom here to make it happen. You don't like change. You'll get on great here if you relish the ambiguity of rapid growth and are willing to embrace uncertainty. What's in it for you We offer a generous mix of benefits for the things that really matter to our people, including: A salary between £110,000 and £130,000 - dependant on experience + reviewed annually 27 days holiday + bank holidays (some can be flexible) + day off on your birthday + three days (full time) per year for Dependant leave Two volunteering days per year Option to work abroad for up to six weeks a year Secclbrate - our recognition programme that offers a mix of flexible rewards including extra pay, additional holiday and increased learning budget Length of service award - one month paid sabbatical at eight years 6% employer pension contribution, and life assurance Private medical insurance with AXA Health Enhanced Parental leave MacBook and up to £500 home office set up budget £750 per person learning budget Health and wellbeing initiatives including free therapy via Wellness Cloud, mental health support via Headspace Strong financial wellbeing focus including access to Octopus Money, Octopus Share Incentive Plan and will writing offering via Octopus Legacy Perkbox - Flexi points giving you a range of discounts and perks including free weekly coffee, gym and retail discounts Access to initiatives like Cycle to Work and Octopus Electric Vehicle Leasing Our culture We're proud to put people first, creating a culture where we truly listen to what matters most to them. Our transparent and inclusive environment encourages diversity of thought, challenge and experimentation. Check out our Glassdoor page for the latest reviews or our LinkedIn for company updates and insights from the team. Interview process Interviewing is a two way thing, and we want you to have the time and opportunity to get to know us, as much as we are getting to know you. Our interviews are conversational, so come with questions and be curious. In general, you can expect the interview process to look a bit like this, (following an initial chat with one of our Talent team): First stage - 45 mins competencies based interview with the hiring manager and Head of operational resilience Second stage - one hour technical interview or assessment with the hiring manager and current Head of information security risk Final stage - 45 mins bar raiser culture based interview with the CTO and Operations director We'll only close this role once we have enough applications for the next stage. Please submit your application as soon as possible to make sure you don't miss out and you should expect to hear back from us within one to two weeks of applying. Our aim is to build a diverse and inclusive company of awesome people, with unique skills, passions and experiences. All applicants will be considered for employment without attention to age, ethnicity, religion, sex, sexual orientation, gender identity, family or parental status, national origin, or veteran, neurodiversity or disability status. If this sounds like your kind of thing, we encourage you to apply even if you don't tick every box. We'd love to hear from you!
Job Description Grade: SCS 1 - Open to applicants on promotion Working Pattern: Requests for flexible working patterns will be considered and should be discussed with the Hiring Manager upon application. A small amount of home working is possible but there is an expectation that most of this role will be office based. Location: The role can be based in Cheltenham, London or Manchester, but the successful candidate would be expected to spend time in each of the three locations. Salary: You will receive a salary between £96,981 - £130,000 which includes any applicable skills payment, depending on skills and experience. In addition, the role attracts a non-concessionary payment of £3030 (subject to security compliance) and London Pay Addition of £6250 if contracted to a London work location. The skills payment will be discussed and assessed at interview. Clearance: DV clearance required. About Us GCHQ is the nation's intelligence, cyber and security agency. We work to make the UK the safest place to live and work online; connect the national security community securely; and provide insights and counter threats through SIGINT and effects. Our people work closely with MI5 and MI6 as well as defence, international, and industry partners across a variety of locations, with major hubs in Cheltenham, London and Manchester as well as other sites in the UK and overseas. We live by the values of ingenuity, integrity, impact and teamwork as we work to keep the UK safe, resilient and prosperous in an uncertain world. A role with us means you will do unique and challenging work in a supportive environment, making a meaningful difference to national security. About the Role The UK Intelligence Community (UKIC) is seeking an outstanding Chief Information Security Officer (CISO) to lead cyber security and information governance across some of the nation's most sensitive missions. Accountable to the UKIC Infosec Director, this is one of the most high-profile technical leadership roles in government, shaping the strategic direction of information security to protect the UK against the most capable and persistent adversaries. The successful candidate will ensure operational resilience and secure innovation in support of national intelligence objectives, delivering results in a highly complex and rapidly evolving environment. As CISO, you will work with colleagues to set and implement the organisation's cyber and information security strategy, striking the right balance between capability, acceptable risk and technological progress. You will integrate security governance into a complex set of cross agency organisational decision-making, forums ensuring that information risks are managed effectively and proportionately, and that security is embedded at every level. This includes advising executive boards and senior leaders on the potential implications of major programmes, and guiding the organisations in safely embracing innovation and digital transformation. You will be responsible for designing and leading the UKIC's end-to-end risk management framework. This includes defining and tracking cybersecurity KPIs, producing regular reports for senior stakeholders, conducting organisation-wide risk assessments and overseeing vulnerability management to ensure compliance with relevant frameworks. You will be responsible for designing incident response and business continuity strategies and ensuring they are implemented by business areas. Your leadership will be central to developing sustainable security budgets and resourcing strategies that ensure capabilities remain strong in the face of emerging threats. This role demands exceptional communication skills and the ability to influence at the highest levels of government. You must be confident presenting complex security concepts to both technical and non-technical audiences, including boards, ministers and cross-government stakeholders. You will draw on significant experience delivering robust security strategies in complex organisations and demonstrate deep knowledge of cyber threat landscapes, risk management practices and modern security technologies. International relationships are a critical element of this role, so familiarity working with key allied governments would be valuable. You should bring expertise in securing cloud environments and emerging technologies within digital transformation programmes, alongside a strong understanding of regulatory compliance frameworks such as NIST, ISO27001, GDPR and GovS007. Professional certifications such as CISSP, CISM or CCISO are highly desirable. A proven track record in embedding a positive security culture, mentoring high-performing teams and managing supplier security will be critical to your success. This is a unique opportunity to take on one of the most influential cyber security leadership roles in the UK. Protecting the nation's intelligence capabilities requires vision, strategic acumen and operational excellence. If you are ready to take on this challenge, and have the skills, integrity and commitment to safeguard national security, we invite you to join us in delivering a secure future for UK intelligence. The role can be based in Cheltenham, Manchester or London, with a regular presence required in those locations. The ability to undertake occasional international travel is desirable. Key Responsibilities Develop, maintain and articulate a clear understanding of the cyber and information security risks inherent across the whole organisation in order to provide assurance to the UKIC Group Senior information risk owner (SIRO). Create and implement information security strategy which supports the organisation in determining the right balance between the organisation's cyber and information security capabilities, acceptable level of risk and speed of technology progress. Ensure an effective cyber and information security governance framework that is integrated with overall organisational governance. Define and track cybersecurity KPIs, producing regular executive and board level reports on security posture. Enable the organisation to innovate safely by advising senior leadership on the potential risks and implications of major decisions that impact information security. Oversee the creation and implementation of relevant policies and standards which ensure effective information risk management. Identify and deliver opportunities for improvement of the security operations function to ensure timely detection and response to security incidents. Lead and mentor high performing information security professionals, fostering a culture of professional development. Play a leading role in multiple Technical and programme boards. Work closely with stakeholders from across the UK Intelligence Community to ensure an end-to-end approach to cyber security and ensure that cyber security is embedded at all levels. Person Specification Exceptional communication skills, with the ability to present complex security concepts to both technical and non-technical stakeholders at all levels. Proven experience developing and implementing information security strategies and policies within a complex organisation. In-depth understanding of cybersecurity threats, technologies and risk management practices. Professional certifications such as CISSP, CISM or CCISO are highly desirable. Deep understanding of cloud security. Experience leading an operational cyber security function, or the delivery of cyber security capabilities. Extensive knowledge of relevant public and private sector cyber security practice. SCS Competency Framework Seeing the Big Picture Making Effective Decisions Driving Innovation and Change Providing Customer Value How to apply Copy and paste a statement of suitability outlining how your personal skills, qualities and experiences demonstrate your suitability for the role. Structure your statement with a sub-heading for each of the essential criteria listed above and, below each, include evidence of how you meet that criterion. Provide a CV setting out your career history, with key responsibilities and achievements. Include reasons for any gaps within the last two years. It is important that through your CV and supporting statement, you give evidence and examples of proven experience of each of the elements of the essential criteria. Please note - the application form consists of two stages; an initial eligibility check, followed by a full application form. It is at the full application form stage that you will have the opportunity to input your suitability statement and CV information. For questions about the role or to discuss the role in more detail, email who will direct your enquiry appropriately. What to expect Your application will be sifted to assess your evidence against the essential criteria above. If shortlisted, you will be invited to participate in a Staff Engagement Session with a small group of GCHQ staff. Full details of the assessment process will be made available to shortlisted candidates. You will be invited to attend a panel interview, where your motivational fit, values, competency evidence and technical experience will be assessed. The application process may take around 6 - 9 months to process including vetting, so we advise you continue any current employment until you have received your final job offer . click apply for full job details
Feb 28, 2026
Full time
Job Description Grade: SCS 1 - Open to applicants on promotion Working Pattern: Requests for flexible working patterns will be considered and should be discussed with the Hiring Manager upon application. A small amount of home working is possible but there is an expectation that most of this role will be office based. Location: The role can be based in Cheltenham, London or Manchester, but the successful candidate would be expected to spend time in each of the three locations. Salary: You will receive a salary between £96,981 - £130,000 which includes any applicable skills payment, depending on skills and experience. In addition, the role attracts a non-concessionary payment of £3030 (subject to security compliance) and London Pay Addition of £6250 if contracted to a London work location. The skills payment will be discussed and assessed at interview. Clearance: DV clearance required. About Us GCHQ is the nation's intelligence, cyber and security agency. We work to make the UK the safest place to live and work online; connect the national security community securely; and provide insights and counter threats through SIGINT and effects. Our people work closely with MI5 and MI6 as well as defence, international, and industry partners across a variety of locations, with major hubs in Cheltenham, London and Manchester as well as other sites in the UK and overseas. We live by the values of ingenuity, integrity, impact and teamwork as we work to keep the UK safe, resilient and prosperous in an uncertain world. A role with us means you will do unique and challenging work in a supportive environment, making a meaningful difference to national security. About the Role The UK Intelligence Community (UKIC) is seeking an outstanding Chief Information Security Officer (CISO) to lead cyber security and information governance across some of the nation's most sensitive missions. Accountable to the UKIC Infosec Director, this is one of the most high-profile technical leadership roles in government, shaping the strategic direction of information security to protect the UK against the most capable and persistent adversaries. The successful candidate will ensure operational resilience and secure innovation in support of national intelligence objectives, delivering results in a highly complex and rapidly evolving environment. As CISO, you will work with colleagues to set and implement the organisation's cyber and information security strategy, striking the right balance between capability, acceptable risk and technological progress. You will integrate security governance into a complex set of cross agency organisational decision-making, forums ensuring that information risks are managed effectively and proportionately, and that security is embedded at every level. This includes advising executive boards and senior leaders on the potential implications of major programmes, and guiding the organisations in safely embracing innovation and digital transformation. You will be responsible for designing and leading the UKIC's end-to-end risk management framework. This includes defining and tracking cybersecurity KPIs, producing regular reports for senior stakeholders, conducting organisation-wide risk assessments and overseeing vulnerability management to ensure compliance with relevant frameworks. You will be responsible for designing incident response and business continuity strategies and ensuring they are implemented by business areas. Your leadership will be central to developing sustainable security budgets and resourcing strategies that ensure capabilities remain strong in the face of emerging threats. This role demands exceptional communication skills and the ability to influence at the highest levels of government. You must be confident presenting complex security concepts to both technical and non-technical audiences, including boards, ministers and cross-government stakeholders. You will draw on significant experience delivering robust security strategies in complex organisations and demonstrate deep knowledge of cyber threat landscapes, risk management practices and modern security technologies. International relationships are a critical element of this role, so familiarity working with key allied governments would be valuable. You should bring expertise in securing cloud environments and emerging technologies within digital transformation programmes, alongside a strong understanding of regulatory compliance frameworks such as NIST, ISO27001, GDPR and GovS007. Professional certifications such as CISSP, CISM or CCISO are highly desirable. A proven track record in embedding a positive security culture, mentoring high-performing teams and managing supplier security will be critical to your success. This is a unique opportunity to take on one of the most influential cyber security leadership roles in the UK. Protecting the nation's intelligence capabilities requires vision, strategic acumen and operational excellence. If you are ready to take on this challenge, and have the skills, integrity and commitment to safeguard national security, we invite you to join us in delivering a secure future for UK intelligence. The role can be based in Cheltenham, Manchester or London, with a regular presence required in those locations. The ability to undertake occasional international travel is desirable. Key Responsibilities Develop, maintain and articulate a clear understanding of the cyber and information security risks inherent across the whole organisation in order to provide assurance to the UKIC Group Senior information risk owner (SIRO). Create and implement information security strategy which supports the organisation in determining the right balance between the organisation's cyber and information security capabilities, acceptable level of risk and speed of technology progress. Ensure an effective cyber and information security governance framework that is integrated with overall organisational governance. Define and track cybersecurity KPIs, producing regular executive and board level reports on security posture. Enable the organisation to innovate safely by advising senior leadership on the potential risks and implications of major decisions that impact information security. Oversee the creation and implementation of relevant policies and standards which ensure effective information risk management. Identify and deliver opportunities for improvement of the security operations function to ensure timely detection and response to security incidents. Lead and mentor high performing information security professionals, fostering a culture of professional development. Play a leading role in multiple Technical and programme boards. Work closely with stakeholders from across the UK Intelligence Community to ensure an end-to-end approach to cyber security and ensure that cyber security is embedded at all levels. Person Specification Exceptional communication skills, with the ability to present complex security concepts to both technical and non-technical stakeholders at all levels. Proven experience developing and implementing information security strategies and policies within a complex organisation. In-depth understanding of cybersecurity threats, technologies and risk management practices. Professional certifications such as CISSP, CISM or CCISO are highly desirable. Deep understanding of cloud security. Experience leading an operational cyber security function, or the delivery of cyber security capabilities. Extensive knowledge of relevant public and private sector cyber security practice. SCS Competency Framework Seeing the Big Picture Making Effective Decisions Driving Innovation and Change Providing Customer Value How to apply Copy and paste a statement of suitability outlining how your personal skills, qualities and experiences demonstrate your suitability for the role. Structure your statement with a sub-heading for each of the essential criteria listed above and, below each, include evidence of how you meet that criterion. Provide a CV setting out your career history, with key responsibilities and achievements. Include reasons for any gaps within the last two years. It is important that through your CV and supporting statement, you give evidence and examples of proven experience of each of the elements of the essential criteria. Please note - the application form consists of two stages; an initial eligibility check, followed by a full application form. It is at the full application form stage that you will have the opportunity to input your suitability statement and CV information. For questions about the role or to discuss the role in more detail, email who will direct your enquiry appropriately. What to expect Your application will be sifted to assess your evidence against the essential criteria above. If shortlisted, you will be invited to participate in a Staff Engagement Session with a small group of GCHQ staff. Full details of the assessment process will be made available to shortlisted candidates. You will be invited to attend a panel interview, where your motivational fit, values, competency evidence and technical experience will be assessed. The application process may take around 6 - 9 months to process including vetting, so we advise you continue any current employment until you have received your final job offer . click apply for full job details
Title: Senior Manager, Governance & TPRM - Enterprise Risk Requisition ID: 251716 Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Purpose Responsible for oversight of Risk Governance and Third-Party Risk Management. Accountabilities Provide 2nd line of defence oversight and challenge on the bank's Third Party Risk Management process Maintain and update the relevant local TPRM governance documents Participating in TPRM subcommittee and working group Perform TPRM Quality Control and Quality Assurance reviews Participate and engage in industry forums to remain current on new developments on TPRM areas Support Global TPRM to share best practice in relation to the Third Party Risk arrangement from a regional perspective Work closely with 1B teams as the main contact in GRM and provide second line input as necessary Perform gap analysis following publication of regulatory guidelines and policies Review contract exception requests for local stakeholders by liaising with Global TPRM Assist in the formulation of the third party associated metrics by working with IC and seeking guidance and insights from Global TPRM Review NIRAs from a Third Party (OR3) Risk perspective Monitor, review and challenge where needed third party risk RAF metrics and other indicators Collaborate with Operational Resilience, IT & Cybersecurity, and Business Continuity Planning teams to address aspects related to third-party risk management. Dimensions Need to maintain a current awareness of regulatory requirements and industry best practices in TPRM and Operational Resilience. Receives direction from the VP & CRO Europe/ERM Director while following Bank policies and procedures, addressing routine matters independently, keeping Global Operational Risk (GOR) management informed, and escalating problems appropriately. For complex issues, the incumbent is expected to gather relevant information and confer with CRO/ERM Director for resolution. Knowledge of the operating environment of the Bank, with a particular emphasis on applicable business line is beneficial. Required to manage, prioritise and execute diverse activities and projects concurrently. Schedules are often influenced by changing priorities. The individual may adjust plans and schedules at short notice to meet changing conditions and deliver on priorities on a timely basis. Due to the diverse and multi-disciplined nature of the position, the incumbent is required to maintain a very high degree of flexibility and co-operation as well as accepting responsibilities outside of the defined accountabilities. Education & Experience University degree in a business-related field, with progressive experience in the financial services industry. Relevant Masters is desirable. Should have a breadth of experience in risk management, audit, capital markets or related areas. Possess excellent interpersonal and relationship-building skills to deal with senior levels of management. Possess strong communication (verbal and written), listening, presentation and facilitation skills. Experience with Coupa Risk Assess and Icertis would be an asset. Good knowledge of Microsoft Excel, Word, PowerPoint and Visio, Excellent interpersonal and relationship-building skills to deal with all levels of staff, Strong communication skills both written and verbal, Ability to work independently. Location(s): England : GreaterLondon : London (UK) Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets. At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
Feb 25, 2026
Full time
Title: Senior Manager, Governance & TPRM - Enterprise Risk Requisition ID: 251716 Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. Purpose Responsible for oversight of Risk Governance and Third-Party Risk Management. Accountabilities Provide 2nd line of defence oversight and challenge on the bank's Third Party Risk Management process Maintain and update the relevant local TPRM governance documents Participating in TPRM subcommittee and working group Perform TPRM Quality Control and Quality Assurance reviews Participate and engage in industry forums to remain current on new developments on TPRM areas Support Global TPRM to share best practice in relation to the Third Party Risk arrangement from a regional perspective Work closely with 1B teams as the main contact in GRM and provide second line input as necessary Perform gap analysis following publication of regulatory guidelines and policies Review contract exception requests for local stakeholders by liaising with Global TPRM Assist in the formulation of the third party associated metrics by working with IC and seeking guidance and insights from Global TPRM Review NIRAs from a Third Party (OR3) Risk perspective Monitor, review and challenge where needed third party risk RAF metrics and other indicators Collaborate with Operational Resilience, IT & Cybersecurity, and Business Continuity Planning teams to address aspects related to third-party risk management. Dimensions Need to maintain a current awareness of regulatory requirements and industry best practices in TPRM and Operational Resilience. Receives direction from the VP & CRO Europe/ERM Director while following Bank policies and procedures, addressing routine matters independently, keeping Global Operational Risk (GOR) management informed, and escalating problems appropriately. For complex issues, the incumbent is expected to gather relevant information and confer with CRO/ERM Director for resolution. Knowledge of the operating environment of the Bank, with a particular emphasis on applicable business line is beneficial. Required to manage, prioritise and execute diverse activities and projects concurrently. Schedules are often influenced by changing priorities. The individual may adjust plans and schedules at short notice to meet changing conditions and deliver on priorities on a timely basis. Due to the diverse and multi-disciplined nature of the position, the incumbent is required to maintain a very high degree of flexibility and co-operation as well as accepting responsibilities outside of the defined accountabilities. Education & Experience University degree in a business-related field, with progressive experience in the financial services industry. Relevant Masters is desirable. Should have a breadth of experience in risk management, audit, capital markets or related areas. Possess excellent interpersonal and relationship-building skills to deal with senior levels of management. Possess strong communication (verbal and written), listening, presentation and facilitation skills. Experience with Coupa Risk Assess and Icertis would be an asset. Good knowledge of Microsoft Excel, Word, PowerPoint and Visio, Excellent interpersonal and relationship-building skills to deal with all levels of staff, Strong communication skills both written and verbal, Ability to work independently. Location(s): England : GreaterLondon : London (UK) Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets. At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here . Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.
Join Us as Chief Information Officer and help shape the Future of Cancer Care at The Christie The Christie NHS Foundation Trust is seeking an exceptional Chief Information Officer (CIO) to lead our digital transformation and information strategy. This is a unique opportunity to lead Digital Services and drive innovation at one of Europe's leading cancer centres, as we deliver our ambitious Future Christie programme - a 10-year vision to create a patient and staff focussed, intelligent, data-driven hospital. As CIO, you will provide strategic and operational leadership for digital services, ensuring technology and data are harnessed to deliver safe, efficient, and personalised care. You will champion cutting-edge initiatives such as Joint Analytics for Cancer (JAC) - our flagship platform unlocking real-time insights for clinical decision-making, research, and operational excellence. Working at the heart of our digital strategy, you will shape systems that integrate care, research, and innovation, enabling The Christie to remain at the forefront of cancer treatment. If you are passionate about transforming healthcare through digital innovation and want to make a lasting impact on patient outcomes, join us and help build the hospital of the future. Main duties of the job What You'll Do Lead the development and delivery of a Trust-wide digital strategy aligned with national priorities. Develop and implement the Trust's digital strategy, ensuring systems support integrated care, research, and performance improvement. Champion innovation, including AI and machine learning, to enable evidence-based decision-making and personalised care and deliver the ambition of the Future Christie programme. Lead digital service delivery across software development, clinical applications, infrastructure, user support, and cybersecurity Ensure robust digital governance and compliance with NHS and legal standards. Provide assurance to the Senior Management Committee and act as delegated Senior Information Risk Owner (SIRO) when required Manage and support the Digital Services team, including deputy CIO, Chief Clinical Information Officers, and departmental leads. Foster a culture of collaboration and digital literacy across clinical and operational teams What We're Looking For We're seeking a visionary leader with proven digital experience in senior data leadership, ideally in healthcare or public sector. You will have strategic insight and technical expertise in data platforms, governance, and analytics and a passion for innovation, curiosity, and solving complex system-wide challenges. You will have the ability to influence at executive level and inspire multidisciplinary teams and a commitment to equity and sustainability. About us The Christie is one of Europe's leading cancer centres, treating over 60,000 patients a year. We are based in Manchester and serve a population of 3.2 million across Greater Manchester & Cheshire, but as a national specialist around 15% patients are referred to us from other parts of the country. We provide radiotherapy through one of the largest radiotherapy departments in the world; chemotherapy on site and through 14 other hospitals; highly specialist surgery for complex and rare cancer; and a wide range of support and diagnostic services. We are also an international leader in research, with world first breakthroughs for over 100 years. We run one of the largest early clinical trial units in Europe with over 300 trials every year. Cancer research in Manchester, most of which is undertaken on the Christie site, has been officially ranked the best in the UK. Job responsibilities CORPORATE Contribute effectively as a member of the Senior Management Committee ensuring all relevant matters are brought to the attention of the meetings. Provide updates to the board of directors as required on the digital strategy, programmes and risks. Undertake the role (delegated by the Director of Future Christie) of SIRO and support the work of the Information Governance and Caldicott panels providing expert knowledge and assurance ensuring that highly sensitive and confidential data is managed appropriately. Ensure that the Senior Management Committee and Future Christie Director/Medical Director are briefed on the benefits and risks of new digital related projects. Ensure effective working relationships and engagement within the organisation particularly with all divisional, corporate, clinical, and operational teams. Provide digital leadership to the Greater Manchester (GM) Cancer Alliance, support the development of GM system digital cancer strategy Ensure effective working relationships and engagement outside the organisation particularly with third party suppliers, NHS bodies, academic institutions, and other external bodies. Participate effectively in local and national CIO networks. Produce action plans and implement policies to meet all requirements for risk management, audit, controls assurance, health & safety and information governance relating to the work of the digital service. Ensure there is continual improvement and learning within the digital service and that all decisions are based on an assessment of risk. STRATEGY Develop and lead implementation of a digital strategy which supports the overall trust strategy and the associated strategies for clinical services, research and innovation and education. Remain up to date on digital trends and emerging technologies. Identify opportunities for increasing the effectiveness and efficiency of services through changes to digital services and technology. Contribute actively to the development of strategies and plans for other departments ensuring that the contribution of digital technology is incorporated DIGITAL SERVICES PROVISION Ensure provision of modern digital infrastructure, software, and services that fully support the operational, clinical, and business needs of the trust. Oversee the delivery of an effective digital service desk and set of comprehensive and proactive digital support services. Ensure the effective management of digital assets, including all hardware and software, ensuring that these are actively monitored. Ensure the provision of effective digital security measures to adequately protect and maintain systems and data. Ensure the support, maintenance, and development of the core clinical systems, including the procurement and implementation of clinical systems ensuring that benefits are maximised, and functionality fully supports the delivery of excellent patient care. INFORMATION MANAGEMENT Work collaboratively with the Chief Data Officer to develop an information management service and oversee the infrastructure required for data storage. Manage and develop approaches to data integration, including for clinical systems. Oversee relationships with external vendors, suppliers and developers. Manage the project management services that support the delivery of the digital strategy and trust service transformation activities GOVERNANCE Ensure implementation of appropriate digital governance systems which conform to legal and NHS requirements and fit within the wider governance systems of the trust. Ensure maintenance of an effective digital risk register, manage identified risks and escalate risks as required. Ensure the reduction, identification, management, and reporting of untoward digital incidents. Ensure compliance with the requirements of information governance, data protection and freedom of information guidance and legislation. Ensure that the Trust complies with the requirements of the Data Security and Protection Toolkit (DSPT). Ensure that Disaster Recovery and Business Continuity plans are in place for all digital services and that these are routinely tested, weakness identified, and appropriate improvement plans developed and implemented. Ensure compliance of the clinical systems with Safety of Health Systems standards, appropriate NHS Information Standards Notices (ISNs) and National Patient Safety Agency (NPSA) notices. As SIRO, oversee Information Asset Owners (IAOs) providing assurance on risks and compliance ensuring adherence to legal and regulatory requirements (including GDPR and NHS standards) and promote good information governance practices across the organisation. Working with the CDO, maintain an Information Asset Register, and oversee data security, integrity, and availability. MANAGEMENT OF THE DIGITAL SERVICE Manage and lead the digital services team in line with the trusts workforce and related policies, standing financial instructions and scheme of delegation, and other relevant policies and procedures. Develop and achieve annual objectives for digital services within the framework of the Trusts objectives and agreed digital strategy. Manage the digital budget within the requirements of the Trusts Scheme of Delegation and Standing Financial Instructions. Produce an annual rolling investment plan for digital infrastructure including capital, revenue and staffing resource. Plan, deploy, and maintain the Trusts digital systems and operations. Manage the Trusts software development needs. Develop and implement digital policies and procedures in line with requirements and best practice. PERSONAL DEVELOPMENT AND CONDUCT Adhere to impeccable standards of personal conduct and demonstrate commitment to the Trusts Values and Behaviours. Ensure personal professional knowledge is regularly updated and keep abreast of relevant developments. Adhere to the Code of Conduct for NHS Managers. Implement systems and processes, so that in the event of absence . click apply for full job details
Feb 06, 2026
Full time
Join Us as Chief Information Officer and help shape the Future of Cancer Care at The Christie The Christie NHS Foundation Trust is seeking an exceptional Chief Information Officer (CIO) to lead our digital transformation and information strategy. This is a unique opportunity to lead Digital Services and drive innovation at one of Europe's leading cancer centres, as we deliver our ambitious Future Christie programme - a 10-year vision to create a patient and staff focussed, intelligent, data-driven hospital. As CIO, you will provide strategic and operational leadership for digital services, ensuring technology and data are harnessed to deliver safe, efficient, and personalised care. You will champion cutting-edge initiatives such as Joint Analytics for Cancer (JAC) - our flagship platform unlocking real-time insights for clinical decision-making, research, and operational excellence. Working at the heart of our digital strategy, you will shape systems that integrate care, research, and innovation, enabling The Christie to remain at the forefront of cancer treatment. If you are passionate about transforming healthcare through digital innovation and want to make a lasting impact on patient outcomes, join us and help build the hospital of the future. Main duties of the job What You'll Do Lead the development and delivery of a Trust-wide digital strategy aligned with national priorities. Develop and implement the Trust's digital strategy, ensuring systems support integrated care, research, and performance improvement. Champion innovation, including AI and machine learning, to enable evidence-based decision-making and personalised care and deliver the ambition of the Future Christie programme. Lead digital service delivery across software development, clinical applications, infrastructure, user support, and cybersecurity Ensure robust digital governance and compliance with NHS and legal standards. Provide assurance to the Senior Management Committee and act as delegated Senior Information Risk Owner (SIRO) when required Manage and support the Digital Services team, including deputy CIO, Chief Clinical Information Officers, and departmental leads. Foster a culture of collaboration and digital literacy across clinical and operational teams What We're Looking For We're seeking a visionary leader with proven digital experience in senior data leadership, ideally in healthcare or public sector. You will have strategic insight and technical expertise in data platforms, governance, and analytics and a passion for innovation, curiosity, and solving complex system-wide challenges. You will have the ability to influence at executive level and inspire multidisciplinary teams and a commitment to equity and sustainability. About us The Christie is one of Europe's leading cancer centres, treating over 60,000 patients a year. We are based in Manchester and serve a population of 3.2 million across Greater Manchester & Cheshire, but as a national specialist around 15% patients are referred to us from other parts of the country. We provide radiotherapy through one of the largest radiotherapy departments in the world; chemotherapy on site and through 14 other hospitals; highly specialist surgery for complex and rare cancer; and a wide range of support and diagnostic services. We are also an international leader in research, with world first breakthroughs for over 100 years. We run one of the largest early clinical trial units in Europe with over 300 trials every year. Cancer research in Manchester, most of which is undertaken on the Christie site, has been officially ranked the best in the UK. Job responsibilities CORPORATE Contribute effectively as a member of the Senior Management Committee ensuring all relevant matters are brought to the attention of the meetings. Provide updates to the board of directors as required on the digital strategy, programmes and risks. Undertake the role (delegated by the Director of Future Christie) of SIRO and support the work of the Information Governance and Caldicott panels providing expert knowledge and assurance ensuring that highly sensitive and confidential data is managed appropriately. Ensure that the Senior Management Committee and Future Christie Director/Medical Director are briefed on the benefits and risks of new digital related projects. Ensure effective working relationships and engagement within the organisation particularly with all divisional, corporate, clinical, and operational teams. Provide digital leadership to the Greater Manchester (GM) Cancer Alliance, support the development of GM system digital cancer strategy Ensure effective working relationships and engagement outside the organisation particularly with third party suppliers, NHS bodies, academic institutions, and other external bodies. Participate effectively in local and national CIO networks. Produce action plans and implement policies to meet all requirements for risk management, audit, controls assurance, health & safety and information governance relating to the work of the digital service. Ensure there is continual improvement and learning within the digital service and that all decisions are based on an assessment of risk. STRATEGY Develop and lead implementation of a digital strategy which supports the overall trust strategy and the associated strategies for clinical services, research and innovation and education. Remain up to date on digital trends and emerging technologies. Identify opportunities for increasing the effectiveness and efficiency of services through changes to digital services and technology. Contribute actively to the development of strategies and plans for other departments ensuring that the contribution of digital technology is incorporated DIGITAL SERVICES PROVISION Ensure provision of modern digital infrastructure, software, and services that fully support the operational, clinical, and business needs of the trust. Oversee the delivery of an effective digital service desk and set of comprehensive and proactive digital support services. Ensure the effective management of digital assets, including all hardware and software, ensuring that these are actively monitored. Ensure the provision of effective digital security measures to adequately protect and maintain systems and data. Ensure the support, maintenance, and development of the core clinical systems, including the procurement and implementation of clinical systems ensuring that benefits are maximised, and functionality fully supports the delivery of excellent patient care. INFORMATION MANAGEMENT Work collaboratively with the Chief Data Officer to develop an information management service and oversee the infrastructure required for data storage. Manage and develop approaches to data integration, including for clinical systems. Oversee relationships with external vendors, suppliers and developers. Manage the project management services that support the delivery of the digital strategy and trust service transformation activities GOVERNANCE Ensure implementation of appropriate digital governance systems which conform to legal and NHS requirements and fit within the wider governance systems of the trust. Ensure maintenance of an effective digital risk register, manage identified risks and escalate risks as required. Ensure the reduction, identification, management, and reporting of untoward digital incidents. Ensure compliance with the requirements of information governance, data protection and freedom of information guidance and legislation. Ensure that the Trust complies with the requirements of the Data Security and Protection Toolkit (DSPT). Ensure that Disaster Recovery and Business Continuity plans are in place for all digital services and that these are routinely tested, weakness identified, and appropriate improvement plans developed and implemented. Ensure compliance of the clinical systems with Safety of Health Systems standards, appropriate NHS Information Standards Notices (ISNs) and National Patient Safety Agency (NPSA) notices. As SIRO, oversee Information Asset Owners (IAOs) providing assurance on risks and compliance ensuring adherence to legal and regulatory requirements (including GDPR and NHS standards) and promote good information governance practices across the organisation. Working with the CDO, maintain an Information Asset Register, and oversee data security, integrity, and availability. MANAGEMENT OF THE DIGITAL SERVICE Manage and lead the digital services team in line with the trusts workforce and related policies, standing financial instructions and scheme of delegation, and other relevant policies and procedures. Develop and achieve annual objectives for digital services within the framework of the Trusts objectives and agreed digital strategy. Manage the digital budget within the requirements of the Trusts Scheme of Delegation and Standing Financial Instructions. Produce an annual rolling investment plan for digital infrastructure including capital, revenue and staffing resource. Plan, deploy, and maintain the Trusts digital systems and operations. Manage the Trusts software development needs. Develop and implement digital policies and procedures in line with requirements and best practice. PERSONAL DEVELOPMENT AND CONDUCT Adhere to impeccable standards of personal conduct and demonstrate commitment to the Trusts Values and Behaviours. Ensure personal professional knowledge is regularly updated and keep abreast of relevant developments. Adhere to the Code of Conduct for NHS Managers. Implement systems and processes, so that in the event of absence . click apply for full job details
