Kirklands - NHSL Headquarters
The Role
To provide leadership, technical direction and guidance on matters of Cyber / Information Security Governance, Risks/Issues, Technical Controls, Procedures, best practice and Standards. To ensure that NHS Lanarkshire achieves and maintains the assurance standards provided by Network and Information Security Regulation and Data Protection legislation. To be lead assessor for all Cyber Security Digital IT controls for NHS Lanarkshire and to collaborate with partner organisations/agencies on a range of complex and sensitive security issues providing expert specialist advice on Information and Cyber Security to other IT Professionals, Clinicians and all staff in NHS Lanarkshire. To assist and advise the Head of Information Governance and Director of Digital on ensuring that NHS Lanarkshire Information Security Policies, Procedures, Active Cyber Defence Tools and Configurations are mitigating the Cyber Security Operational Risks, are following National Guidance, reflect the latest Good Practice for the Digital Estate, and aligns with the IT / Cyber Security industry.
Additionally to work with our Enterprise Architect to ensure that NHS Lanarkshires security architecture and framework is appropriate and relevant to NHS Lanarkshires stated cyber security needs and objectives.
NHS Lanarkshire
Have you always wanted to work with NHS Lanarkshire? Then this might be the opportunity for you to join Team Lanarkshire!
Here at NHS Lanarkshire, we put the patient at the heart of everything we do. Each colleague within the organisation plays a key role in how we deliver our healthcare services.
We proudly serve a population of 655,000 across rural and urban communities in both North and South Lanarkshire. NHS Lanarkshire is comprised of Acute Services (which currently provide hospital based services over 3 main sites), Corporate & Property & Support Services, North and South Lanarkshire Health and Social Care Partnerships which provide integrated primary healthcare and social care services to local communities and surrounding areas.
What we'll need you to bring
1. Relevant and extensive IT experience gained through working within an IM&T setting at a senior level, in the areas of IT Infrastructure and or Applications management.
2. Graduate or equivalent level qualification in Cyber Security or extensive experience within an Information Security role and an industry standard qualification preferred e.g. CISM, CISSP.
3. Excellent analytical and technical skills.
4. Hands-on experience in IT project management with formal processes.
5. Must have sound experience in the architecture design and the operations of the high availability environment.
6. Broad knowledge of the trends in technologies and the applicability of these 8 technologies
7. Ability to quickly digest new technologies.
8. Ability to communicate well with both technical and non-technical staff.
9. Ability to determine and advise on the alignment of emerging technologies with the business objectives.
10. Experience of creating or maintaining an Information Security Management System (ISMS).
11. Strong change management skills, including team leading experience.
12. Knowledge of incident response and analysis, along with experience and awareness of the business issues in the NHS.
13. Demonstrable experience of managing Information/cyber security applications and risks in a related area either in NHS, service industries or commerce.
14. Experience of staff management/leadership.
15. Evidence of Continuing Personal Development.
16. Experience of procurement of information systems and associated tender processes.
17. Ability to influence others and develop and maintain effective working relationships with senior managers, clinicians, administration staff, Informatics staff and third party service providers.
18. Excellent interpersonal, negotiation, facilitation and communication skills.
19. Ability to understand, analyse and re-engineer complex processes.
20. Excellent organisational & time management skills.
21. Ability to negotiate & influence change at all levels.
22. Ability to understand, analyse & disseminate complex concepts to a wide range of staff with varying levels of technical understanding.
A driving licence is required, this must be a full UK/EU/EEA licence.
It would be great if you also have
23. Hold an industry standard Cyber/Information Security qualification e.g. CISM/CISSP
24. Evidence of continual professional development in an IT or Health Service related area
25. Experience in a senior cyber or information security role.
26. Experience of managing Information/cyber security applications and risks in a related area either in NHS, service industries or commerce.
27. Experience of reviewing working practices. Technology and information systems to ensure they are secure and meeting policy and legal requirements.
28. Evidence of experience in a similar role
29. Experience of working with third party incident response specialists e.g. NCSC.
30. Knowledge of Data Protection / privacy legislation
31. Prior knowledge of the main IT Systems used in NHS Scotland (i.e. Trakcare, Clinical Portal etc)
32. Knowledge of process and data flow techniques in planning and implementation activities in a complex environment.
33. Knowledge of standard Microsoft desktop products, i.e. Microsoft Office.. MS project.
34. Good knowledge of data Protection issues and IT security
35. Critical appraisal and report writing skills.
36. Understand and interpret legislation associated with information governance.
37. Ability to analyse highly complex incidents which may be open to external scrutiny e.g. court.
38. Manage a broad range of complex activities which complement the cyber security strategy
39. Authoring and maintaining clear, easy to understand organisation wide policies to ensure compliance with legislation
40. Proven ability to manage own workload and often conflicting priorities.
41. Ability to deal with sensitive information with discretion.
42. Ability to deal diplomatically with staff and the public
43. Experience of developing and/or delivering training for cyber and information security.
44. Ability to understand, analyse and re-engineer complex processes.
45. Expertise in the subject areas and able to influence strategy, policy and operational decision-making.
Contract type
Permanent
Full time
37 Hours
Location
This role will be based in Digital Strategy and Governance within Kirklands - NHSL Headquarters.
Whilst this advertisement may be for a specific post(s) in a particular location, applicants who are shortlisted for interview may be considered for similar vacancies in alternative locations.
Looking to find out more?
If youre looking to find out more, then we would love to hear from you!