Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to enhance information security and combat fraud in the NHS.
- Company: NHS Counter Fraud Authority leads the fight against economic crime in healthcare.
- Benefits: Enjoy flexible hybrid working and a competitive salary with potential London area supplements.
- Why this job: Make a real impact in preventing fraud while collaborating with experts in a diverse environment.
- Qualifications: Must be eligible for UK National Security vetting and have relevant experience in information security.
- Other info: Fixed-term contract until March 2026; interviews scheduled for late March 2025.
The predicted salary is between 36000 - 60000 £ per year.
Join to apply for the Information Security Specialist role at NHS Counter Fraud Authority .
The NHS Counter Fraud Authority is the national body responsible for all matters relating to the prevention, detection and investigation of economic crime across the NHS. Further information about our work and annual plan for delivering this is available on our website.
Our team is embarking on a piece of work to monitor data to identify and respond to patterns indicative of potential fraud. This will support our current work that reduces the likelihood of fraud occurring. We will bring in data science capabilities to be deployed in counter fraud activity and work closely with partners across health and government to further maximize the preventative impact of proactive counter fraud analysis. We will combine this with our range of counter fraud and domain expertise to maximize our impact using your knowledge, experience, and passion for your chosen field.
We are excited to offer an opportunity for an enthusiastic, skilled, experienced Information Security Specialist to join our team. In this pivotal role, you will collaborate with existing security specialists to provide an assured and compliant secure technology environment. The role requires that the post holder be eligible for or already hold UK National Security vetting to SC level. Fixed Term contract until 31st March 2026.
Potential applicants can contact Simon Clark for an informal chat if you have any questions regarding the role. Interviews will be held w/c 24.3.25.
Responsibilities
- Manage, maintain and improve Information Security governance, risk and compliance within the NHSCFA.
- Manage the NHSCFA ISO27001 programme, maintaining continuous certification to the Standard.
- Manage the NHS DSPT compliance programme.
- Contribute to accreditation to UK Government Public Services Network (PSN) requirements.
- Maintain constant awareness of changes in compliance requirements including updates to ISO standards, PSN and the NHS DSPT.
- Manage Information Security audit programs for ISO27001 and other compliance regimes including remediation of audit findings.
- Manage the NHSCFA Cyber Risk Management process, producing comprehensive Risk Documentation in accordance with the National Cyber Security Centre best practice.
- Assess the effectiveness of Security Controls by conducting reviews, internal audits and spot-checks of ICT Security Infrastructure elements including, but not limited to: firewall, IDS/IPS, anti-malware, web and email filtering, MDM, SIEM, patch and vulnerability management.
- Support the ICT Security Incident Management Process, reviewing security incidents, weaknesses and malfunctions relating to the NHSCFA\’s systems, taking appropriate remedial action.
- Produce reports for Information security risk and compliance including KPIs and standards where applicable.
Seniority Level
Mid-Senior level
Employment Type
Contract
Job Function
Information Technology
Industries
Computer and Network Security
The NHSCFA values and respects the diversity of its employees and aims to recruit a workforce which reflects our diverse communities. We welcome applications irrespective of people\’s age, disability, gender, race or ethnicity, religion or belief, sexual orientation, or other personal circumstances. We have policies and procedures in place to ensure that all applicants are treated fairly and consistently at every stage of the recruitment process, including an invitation to the first stage of the selection process and consideration of reasonable adjustments for people who have a disability.
If you are applying to undertake this role on a secondment basis, you should have agreement to being released from your current role in principle, prior to submitting an application form. When you apply for this role, you will be redirected to our recruitment system TRAC. The NHSCFA does not hold a sponsor licence in respect of skilled worker visas and so is unable to employ candidates requiring sponsorship.
We reserve the right to close this vacancy before the advertised closing date should we receive a significant number of applications.
#J-18808-Ljbffr
Information Security Specialist employer: CFA
Contact Detail:
CFA Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Specialist
✨Tip Number 1
Familiarize yourself with the ISO27001 standard and the NHS DSPT compliance requirements. Understanding these frameworks will not only help you in the interview but also demonstrate your commitment to maintaining high standards in information security.
✨Tip Number 2
Network with professionals in the field of information security, especially those who have experience with government or healthcare sectors. Engaging with them can provide insights into the specific challenges and expectations of the role at NHSCFA.
✨Tip Number 3
Prepare to discuss your experience with managing audit programs and remediating findings. Be ready to share specific examples that highlight your problem-solving skills and your ability to improve compliance processes.
✨Tip Number 4
Since the role involves collaboration with various partners, think about how you can showcase your teamwork and communication skills. Prepare examples of past collaborations that led to successful outcomes in information security initiatives.
We think you need these skills to ace Information Security Specialist
Some tips for your application 🫡
Understand the Role: Take the time to thoroughly read the job description for the Information Security Specialist position. Understand the key responsibilities, required skills, and the importance of compliance within the NHS Counter Fraud Authority.
Tailor Your CV: Customize your CV to highlight relevant experience in information security governance, risk management, and compliance. Emphasize any previous work with ISO27001 or similar standards, as well as your ability to manage audit programs.
Craft a Strong Cover Letter: Write a compelling cover letter that showcases your passion for information security and your understanding of the NHS's mission. Mention specific experiences that align with the role's requirements and express your enthusiasm for contributing to the team's efforts against fraud.
Prepare for the Interview: If selected for an interview, prepare by reviewing common questions related to information security and compliance. Be ready to discuss your previous experiences and how they relate to the responsibilities outlined in the job description.
How to prepare for a job interview at CFA
✨Understand the Role and Responsibilities
Make sure you thoroughly understand the key responsibilities of the Information Security Specialist role. Familiarize yourself with ISO27001, NHS DSPT compliance, and the importance of maintaining security governance and risk management.
✨Showcase Your Technical Expertise
Be prepared to discuss your experience with information security frameworks and audit programs. Highlight any relevant certifications or projects that demonstrate your ability to manage compliance and security standards effectively.
✨Demonstrate Collaboration Skills
Since this role involves working closely with other security specialists and partners, be ready to share examples of how you've successfully collaborated in previous roles. Emphasize your communication skills and ability to work in a team environment.
✨Stay Updated on Compliance Changes
Show your awareness of the latest changes in compliance requirements, including updates to ISO standards and NHS regulations. Discuss how you keep yourself informed about industry trends and best practices in information security.
