At a Glance
- Tasks: Lead cyber security initiatives to protect NHS services and enhance public trust.
- Company: Join NHS England, a leader in healthcare innovation and cyber resilience.
- Benefits: Competitive salary, additional monthly payment, and opportunities for professional growth.
- Other info: Dynamic role with potential for career advancement in a supportive environment.
- Why this job: Make a real difference in healthcare by improving cyber security for patient services.
- Qualifications: Experience in cyber security and knowledge of information security frameworks required.
The predicted salary is between 43200 - 72000 € per year.
Job summary
Join NHS England Cyber Operations as a Security Lead to support safe care and build public trust by strengthening NHS England\'s cyber resilience and enabling the wider health system to be cyber resilient.
This post is within Service Integration and Ownership (SIO), part of Cyber Operational services. SIO is primarily external facing, managing a portfolio of Cyber Services to the NHS to manage cyber risk and provide cyber resilience while underpinning patient services and outcomes. You would provide Security leadership to a subset of the services in our portfolio throughout their lifecycle, ensuring they improve cyber resilience. This includes developing, assessing and reviewing security requirements, providing security consultancy, and advising health and care organisations on how to maximise the value of the services.
Services we provide include Secure Boundary, Vulnerability management, Cyber security ratings service and the Data Security and Protection Toolkit.
Consistent, efficient, proportionate security risk management is best achieved by a blend of centralised advice, control and security services with individual security responsibility and actions. You would be supporting the NHS by keeping services secure and delivering managed security services to the system, filling gaps where secure design and operation or other constraints fail to deliver proportionate security across the system.
Main duties of the job
The role requires excellent knowledge and experience of working in a cyber environment, providing expertise to support strategic decisions and security requirements for the portfolio of cyber services managed centrally. This may include full management and delivery of a subset of the portfolio and subsequent replacement/renewal of services across the lifecycle from requirements gathering to transitioning and ownership.
As a Security Lead you will:
- Have a good understanding of information security/governance frameworks/security operations.
- Have a good understanding of end-to-end management and enhancement of services, including management of third party providers.
- Have a detailed understanding of what constitutes good and poor cyber hygiene.
- Have a good understanding of the health and care system in England.
- Be able to communicate complex concepts to audiences with limited knowledge of cyber security.
- Be able to influence organisations in improving their cyber posture whilst maximising the value from central services.
- Support the portfolio of cyber services delivered by the SIO team to the wider NHS.
The role will also involve managing team members, ensuring they deliver on team objectives and promote their personal development ambitions.
About us
The NHS England board has set out the top-level purpose for the new organisation to lead the NHS in England to deliver high-quality services for all. This will inform the detailed design work and we will achieve this purpose by:
- Enabling local systems and providers to improve the health of their people and patients and reduce health inequalities.
- Making the NHS a great place to work, where our people can make a difference and achieve their potential.
- Collaborating to ensure the healthcare workforce has the right knowledge, skills, values and behaviours to deliver accessible, compassionate care.
- Optimising the use of digital technology, research and innovation.
- Delivering value for money.
If you would like to know more, please visit https://www.england.nhs.uk/.
Colleagues with a contractual office base are expected to spend, on average, at least 40% of their time working in-person. Staff recruited from outside the NHS will usually be appointed at the bottom of the pay band.
If you are successful at interview, we will run an Inter Authority Transfer (IAT) in the Electronic Staff Record system (ESR). This transfer gathers information from a previous or current NHS employer to support onboarding, including statutory and mandatory competency status, Continuous Service Dates (CSD), and annual leave entitlement. You will have the opportunity to inform us if you do not consent during the recruitment process.
Job description
Job responsibilities
Please see the attached Job Description and Person Specification for more information about the role and responsibilities. Please ensure your supporting statement includes demonstrable evidence and specific examples on how you meet the criteria for each of the key skills specified. This will be used in both the shortlisting and interview processes.
Important: Residency requirements
All NHS England Cyber Security personnel must hold Security Clearance level as a minimum. To meet National Security Vetting requirements, SC clearances require 5 years continuous UK residency. In certain cases this can be reduced to three years continuous UK residency, with additional overseas checks for the previous two years. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role will still be considered. Please ensure you meet these requirements before applying. You do not need to have SC beforehand, but failure to achieve SC requirements after offer will result in the job offer being withdrawn. For further guidance, see: https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levels/national-security-vetting-clearance-levels#security-check-sc
Please note you will be hired under the title of Security Lead and this job title is advertised to attract the right skills for the role.
The post of Security Lead has been awarded a Recruitment and Retention Premia (RRP) in response to current labour market conditions, providing an additional monthly payment equal to 30% per annum. RRP is non-contractual and subject to review.
Secondments: Applicants from within the NHS will be offered on a secondment basis only, with agreement from their employer prior to applying. The contract is a fixed-term role for a short-term vacancy. If you like what you have read and think you have the skills and experience, please apply. Roles may close early due to high volumes of applications.
Person Specification
Knowledge
Essential
- Extensive knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, internal and external; ability to apply this knowledge to diverse situations.
- Proven knowledge of processes, tools and techniques for assessing and controlling an organisation\'s exposure to risks of various kinds.
Desirable
- Detailed knowledge of cybersecurity risk management tools, techniques, approaches and processes; ability to ensure network operation and minimise negative effects from cybersecurity risks.
Skills and Experience
Essential
- Detailed knowledge of information security management processes, tools and techniques; ability to deploy and monitor information security systems and resolve IT security violations.
Desirable
- In-depth knowledge of domestic and international information security laws and their impact on the business.
Qualifications
Essential
- CISSP/CISM
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and requires a Disclosure to be made to the DBS to check for any previous criminal convictions.
Certificate of Sponsorship
Applications from job seekers who require Skilled Worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the government website.
From 6 April 2017, skilled worker applicants for entry clearance into the UK must present a criminal record certificate from each country where they have resided for 12 months or more in the past 10 years; adult dependants (over 18) are also subject to this requirement.
Additional information
Other
This post is subject to the Rehabilitation of Offenders Act and DBS check; Skilled Worker sponsorship is considered. For more information, see the government guidance above.
Employer details
Employer name: NHS England
Address: Wellington Place, Leeds / Hexagon House, Exeter, Leeds / Exeter, LS1 4AP
Employer\'s website: https://www.england.nhs.uk/
Cyber Security Lead - Service Integration and Ownership in Exeter employer: NHS England
NHS England is an exceptional employer, offering a unique opportunity to lead in cyber security within the healthcare sector. With a strong commitment to employee development and a collaborative work culture, staff are empowered to make a meaningful impact on public health while enjoying competitive benefits, including a Recruitment and Retention Premia. Working in vibrant locations like Leeds and Exeter, employees benefit from a supportive environment that prioritises both professional growth and work-life balance.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Lead - Service Integration and Ownership in Exeter
✨Tip Number 1
Network like a pro! Reach out to folks in the cyber security field, especially those connected to NHS England. Attend industry events or webinars, and don’t be shy about sliding into DMs on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Prepare for the interview like it’s the Super Bowl! Research NHS England’s cyber services and think about how your skills can enhance their portfolio. Be ready to discuss specific examples of how you’ve tackled cyber challenges in the past.
✨Tip Number 3
Show off your passion for cyber resilience! During interviews, share your thoughts on current trends in cyber security and how they relate to the NHS. This will demonstrate your commitment to the role and the sector.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining the NHS England team. Let’s get you that Security Lead role!
We think you need these skills to ace Cyber Security Lead - Service Integration and Ownership in Exeter
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your application to highlight how your skills and experiences align with the specific requirements of the Cyber Security Lead role. We want to see how you can contribute to strengthening NHS England's cyber resilience!
Showcase Your Experience:When writing your supporting statement, include specific examples that demonstrate your knowledge of information security frameworks and your experience in managing cyber services. This is your chance to shine, so don’t hold back!
Be Clear and Concise:Use straightforward language to communicate your ideas. Remember, we’re looking for someone who can explain complex concepts simply, so keep it clear and to the point. Avoid jargon unless it's necessary!
Apply Through Our Website:Don’t forget to submit your application through our official website! It’s the best way to ensure your application gets the attention it deserves. Plus, it’s super easy to do!
How to prepare for a job interview at NHS England
✨Know Your Cyber Stuff
Make sure you brush up on your knowledge of information security frameworks and cyber hygiene. Be ready to discuss specific examples from your experience that demonstrate your understanding of these concepts, especially in relation to the NHS.
✨Showcase Your Leadership Skills
As a Security Lead, you'll be managing team members. Prepare to share examples of how you've successfully led teams in the past, focusing on how you supported their development and achieved team objectives.
✨Communicate Clearly
You'll need to explain complex cyber security concepts to those who may not have a technical background. Practice simplifying your explanations and think of analogies that can help convey your points effectively.
✨Demonstrate Your Strategic Thinking
Be prepared to discuss how you've contributed to strategic decisions in previous roles. Highlight your experience in assessing risks and managing third-party providers, as this will be crucial for the role.
