Head of Cyber Security

North West Ambulance Service NHS Trust is an Equal Opportunities Employer. We are committed to providing services which embrace diversity and promote equality of opportunity. We offer a guaranteed interview scheme for disabled applicants who meet our minimum selection criteria at each stage of the selection process. We will not tolerate discrimination on any grounds.

The Trust is currently under-represented in terms of staff from black and minority ethnic backgrounds. We encourage applications from all backgrounds to improve the diversity of our workforce and to better reflect the communities we serve.

The Trust reserves the right to close this vacancy early if a large number of applications are received. Due to the volume of applications, we will only contact those candidates shortlisted for interview via email; we aim to do this within 4 weeks of the closing date.

When applying for this position, it is essential that you read the job description and person specification fully. Please use the supporting information space to demonstrate your ability to undertake this role, drawing on your skills, knowledge and experience.

We also offer a range of excellent benefits including a pension scheme, up to 33 days of annual leave (exclusive of bank holidays), training and development opportunities, access to NHS discounts, a car lease scheme, cycle-to-work scheme, NHS mortgages and childcare vouchers.

We're seeking an experienced Head of Cyber Security to lead and shape our cyber security strategy. You'll provide senior technical leadership, protecting critical systems and information assets. Working closely with executive leaders, you'll manage risk, compliance, and incident response. You'll lead and develop a specialist cyber security team and oversee SOC operations. This role is key to enabling secure digital transformation across the organisation.

About you

• Proven senior cyber security leadership experience
• Strong knowledge of NHS / regulated environments
• Expertise in ISO27001, GDPR, and cyber incident management
• Confident communicator with inclusive, values-based leadership

Detailed job description and main responsibilities

Please check the attached Job Description and Person Specification for further details about this role and its responsibilities.

Person specification

• Proven ability to define and deliver enterprise-wide cyber security strategies
• Deep knowledge of security architectures, network security, cloud security, and identity management
• Proven experience implementing ISO27001, GDPR, NHS digital standards, and national cyber frameworks
• Expertise in managing major incidents, forensic investigations, and threat intelligence
• Strong understanding of ITIL v4 principles and ability to integrate security into service delivery
• Skilled in presenting complex security strategies to senior leadership and external stakeholders
• Experience with security automation, SIEM platforms, and SOC operations
• Knowledge of enterprise architecture frameworks (TOGAF)
• Familiarity with NHS Data Security and Protection Toolkit and Cyber Essentials Plus
• Demonstrable compassionate and inclusive leadership
• Experience in the application of HR processes
• Demonstrable experience of line-management responsibilities

Qualification and Knowledge

• Degree in Cyber Security, Information Security, or related discipline
• CISSP or CISM certification
• Evidence of continued professional and personal development

Experience

• Extensive experience in senior cyber security roles within complex, regulated environments (NHS or similar)
• Track record of delivering strategic security initiatives and operational excellence
• Proven ability to manage multidisciplinary teams and external partnerships
• Experience in developing and influencing complex stakeholder relationships to shape digital strategy, support informed decision making, and manage expectations effectively
• Experience in working across organisational boundaries, sharing best practice and contributing to system-wide planning and improvement
• Demonstrated success in delivering strategic technology initiatives and operational excellence at organisational scale
• Experience in leading and developing high-performing teams and setting standards for delivery
• Experience in setting and delivering strategic objectives
• Experience managing budgets and supplier contracts for large-scale technology services

Values and Behaviours

Working together – demonstrate collaborative and inclusive working; challenge behaviour that is not inclusive or acceptable.

Legal and Compliance

Any offer of employment may be withdrawn if you knowingly withhold information, provide false or misleading information. Should you be successful at interview stage, successful candidates will receive a conditional offer of employment, subject to the NHS Employment Checks Standards.

A valid right to work and identity check Reference checks – This will cover a minimum of a three-year period and will include a request for the number of days and occasions of sickness absence covering a minimum two-year period.

In line with equality legislation, the earliest point at which we will ask health-related questions is when an offer of employment has been made. Absences related to pregnancy, maternity and/or gender reassignment will be excluded from these considerations.

Detailed information on the NHS Employment Checks Standards is available on the NHS Employers website; search ‘employment checks’.

DBS Checks – If the post is subject to DBS disclosure, a charge will be made for this disclosure. Occupational Health – You will require satisfactory medical clearance. All staff are encouraged to be vaccinated against COVID-19.