Head of Cyber Security in Manchester

Do you want to do meaningful work that makes a genuine difference to society? Our main purpose here at The National Institute for Health and Care Excellence (NICE) is to improve health and wellbeing by putting science and evidence at the heart of health and care decision‑making. As an organisation we all collaborate to achieve this goal by empowering our workforce to do great things.

Main duties of the job

As Head of Cyber Security, you will lead NICE's cyber security function, providing strategic direction and expert leadership to protect digital services, infrastructure and information assets. You will act as NICE's senior cyber security specialist and oversee security operations, manage risk and embed secure‑by‑design principles across digital and technology services. Working closely with senior leaders, technical teams and external partners, you will play a key role in strengthening NICE's security posture and resilience across services.

Responsibilities

• Lead the development, implementation and enforcement of cyber security strategies, policies and standards across the organisation.
• Act as NICE's cyber security subject matter expert, advising senior leaders and technical teams on complex risks, threats and mitigations.
• Oversee security operations, incident response and threat intelligence, ensuring strong protection and rapid response to cyber incidents.
• Manage organisational risk and vulnerability management, including compliance with Cyber Essentials Plus and the Data Security and Protection Toolkit.
• Embed secure‑by‑design principles into digital services, systems and technology programmes from early design through delivery.
• Build strong relationships with internal stakeholders, NHS partners and suppliers to align security approaches and share intelligence.

About us

The Infrastructure, Cyber & IT Operations team plays a critical role in ensuring NICE's digital services are secure, resilient, and reliable. The team is responsible for safeguarding systems and information, supporting users across the organisation, and maintaining operational stability with minimal risk or disruption. As part of this team, you will help protect nationally important digital services while enabling NICE to deliver trusted guidance and information to health and care users across England.

Benefits

• Generous NHS Pension
• Flexible working – options such as remote working, compressed hours and flexible start/finish times
• Exclusive discounts with a Blue Light Card
• 27 days annual leave plus bank holidays, time to recharge
• Inclusive staff networks – Women in NICE, Race Equality Network, Disability Advocacy and NICE and Proud
• Tailored development – personalised learning and development opportunities

Person specification

Education / Qualifications – Essential

• Holds highly developed specialist knowledge and expertise acquired through master's degree level or equivalent qualification/experience, and holds specialist knowledge of the relevant area(s) of expertise as outlined in the person specification.
• Holds either Certified Information Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Cyber Professional (CCP) qualification.

Experience – Essential

• Proven experience in a senior cyber security role with direct line management, performance management and coaching responsibilities.
• Significant practical experience in security operations, vulnerability assessment and threat intelligence.

Experience – Desirable

• Experience working in the Health Sector/NHS.

Skills / Knowledge – Essential

• Expert‑level understanding of core cyber security concepts, infrastructure security and the modern threat landscape.
• Proficiency in developing and implementing security policies and risk management frameworks based on standards such as CAF, Cyber Essentials, ISO27001 etc.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and requires a Disclosure and Barring Service check for any previous criminal convictions.