About the Organisation:
National Services Scotland (NSS) is a national NHS Board operating right at the heart of NHSScotland providing invaluable support and advice at a strategic and operational level. NSS supports customers to deliver their services more efficiently and effectively and we offer shared services on a national scale using best-in-class systems and standards. Our priority is always the same – to improve the health and well-being of the people of Scotland. We do this by working in partnership with colleagues across Health and Social Care to deliver fit for purpose solutions and systems, delivering high quality services that help our stakeholders to free up resources so they can be re-invested into essential services.
The Post:
NSS DaS’s Information Security & Governance pillar (IS&G) operates the Cyber Centre of Excellence (CCoE), providing modern, proactive, and efficient national cybersecurity services for NHSScotland. This is an exciting opportunity to join the IS&G leadership team as its Security Consultancy Lead. The security services and technology provided by NSS Digital and Security (DaS) are critical operational components, used 24/7 365 days a year.
The post holder will lead a team of Information Security and Governance Managers and Advisors in the provision of a holistic information security service portfolio. The consultancy acts as the first point of contact into NSS IS&G, and helps project and programme stakeholders to proactively identify information security needs in the delivery and renewal of major board-specific and national digital solutions. It advises programmes on the production of assurance documentation that evidences an appropriate security posture and satisfies applicable auditing requirements. As such, the Security Consultancy Lead confidently interacts with stakeholders at all levels and across NSS, NHSScotland, Scottish Government, the wider Scottish public sector, as well as commercial delivery partners.
Within IS&G, the Security Consultancy Lead maintains a close working relationship with the pillar’s other functions: Governance, Risk & Compliance, Security Engineering & Architecture, and the CCoE’s Cyber Security Operations Centre. Together, the functions provide the advice, information governance oversight, technical know-how, and operational cyber capacity to enable positive outcomes in the safe and secure delivery of digital solutions at the heart of NHSScotland. The post holder will work with IS&G’s leadership team to improve integrated delivery of these services. They additionally will engage with DaS stakeholders to elevate the profile of the Security Consultancy within the directorate.
The post holder will be a subject matter authority and expert in the field, confidently leading the Security Consultancy team and acting as an escalation point for its engagements. They will provide level-headed leadership and encourage the development of their team members into subject matter experts across IS and IG.
The Candidate:
Please note that the Job Description is generic in nature. The candidate should consider the attached Person Specification and content of this advert when submitting their application.
The successful candidate should have experience:
1. Leading, developing, and line managing staff, ideally in an information assurance, security, or governance context
2. Delivering consultancy services and advice in information assurance/security/governance, risk and compliance, or digital services
3. Developing, reviewing, establishing and optimising departmental processes, including demand management, process flows, and operational reporting