Job summary
The role will be based in Digital Services at the Liverpool Innovation Park.
Liverpool University Hospitals NHS Foundation Trust has embarked on a journey to provide great care for our patients.
We are a front line digitisation trail blazer on the national EPR programme. Together we will underpin the care that our hospitals provide with a robust digital infrastructure, comprehensive suite of digital solutions and a wealth of digital intelligence.
My team is on a mission that positions our organisation as the leader for digital health excellence in Liverpool, the North West and nationally. Using our strong academic ties, we will help create a digital blueprint for others to follow.
Our digital strategy clearly sets out our great ambition, which delivers a progressive and cohesive portfolio of digital solutions to front-line staff over the next five years. We have recently commenced our Care Record Liverpool programme, CaRL. We will modernise how we support our patients and staff inside and outside of our hospitals.
Jason Bincalar
CIO
Main duties of the job
The post holder is responsible for leading:-the management, development and leadership of the Cyber Security and Information Governance teams of the Trust
Responsible for the development, implementation and monitoring of information governance and cyber security policy in the TrustTo oversee, and ensure assurance can be provided regarding, the robust protection of Trust and patient data, as well as the protection of infrastructure and assets from malicious activity and actors.To work collaboratively with NHS England and 3rd party suppliers, including senior managers within Digital Services, in the planning and delivery of the CS and IG agenda across the Trust and act on behalf of the CIO, as required.
Ensuring compliance with the Data Protection and Security Toolkit and other regulatory guidelines.
Providing leadership and a clear vision for implementation of CS and IG as part of the cyber and wider Digital strategy ensuring that effective systems and processes are in place to support the deployment of systems and the modernisation of health services.
To ensure the implementation of the Cyber strategy underpins and aligns with the Aug 2023 Trust's digital strategy and wider Trust strategy and vision and to be an expert and specialist source of advice and guidance.
About us
Liverpool University Hospitals NHS Foundation Trust was created on 1 October 2019 following the merger of two adult acute Trusts, Aintree University Hospital NHS Foundation Trust and the Royal Liverpool and Broadgreen University Hospitals NHS Trust.
The merger provides an opportunity to reconfigure services in a way that provides the best healthcare services to the city and improves the quality of care and health outcomes that patients experience.
The Trust runs Aintree University Hospital, Broadgreen Hospital, Liverpool University Dental Hospital and the Royal Liverpool University Hospital.
It serves a core population of around 630,000 people across Merseyside as well as providing a range of highly specialist services to a catchment area of more than two million people in the North West region and beyond.
To hear more about our achievements click herehttps://www.liverpoolft.nhs.uk/media/13089/1606-annual-report-booklet_final.pdf
Follow us on Social Media:
Facebook - Liverpool University Hospitals Careers
Instagram - @LUHFTcareers
Twitter - @LUHFTcareers
Job description
Job responsibilities
The main duties and responsibilities are detailed in the job description attached in the advert.
The post holder will lead the Information Governance Team and the Cyber Security team to deliver the Cyber and IG elements of the Digital Strategy.
To ensure robust policies and processes are in place and monitored.
Lead and support the wider governance agenda in digital including achieving the Data Security Protection Toolkit, managing Digital Change Control, Incident Management, Risk Management, Audit and action planning.
Job description
Job responsibilities
The main duties and responsibilities are detailed in the job description attached in the advert.
The post holder will lead the Information Governance Team and the Cyber Security team to deliver the Cyber and IG elements of the Digital Strategy.
To ensure robust policies and processes are in place and monitored.
Lead and support the wider governance agenda in digital including achieving the Data Security Protection Toolkit, managing Digital Change Control, Incident Management, Risk Management, Audit and action planning.
Person Specification
Qualifications
Essential
- Master's degree level in relevant subject or suitable and equivalent professional accreditations and training CS specific qualifications which may include CISM, CISP, CISA, or other equivalents.
- Data protection specific qualifications which may include BCS.
- Evidence of continuous and comprehensive professional development in CS and IG.
Desirable
- PRINCE 2 Foundation Certificate or equivalent
Experience
Essential
- Demonstrable extensive experience working in information governance / cyber security
- Demonstrable experience in engaging successfully with senior and external senior management in a CS and IG context.
- Experience of managing and progressing major change with significant Cyber and Information Security implications or risks.
- Experience in Leading and managing staff - including performance management, managing sickness absence and disciplinary issues, and managing resources.
- Excellent IT skills, including keyboard skills and experience of Microsoft Office packages and bespoke databases, preferably including computerised hospital administration systems
- Expert experience of writing or implementing NHS security policies and procedures
- Significant experience of implementing and monitoring the DSP Toolkit.
- Experience of serious and sensitive security incident investigation.
- Experience of developing plans and delivery of strategies and tactical components of cyber security.
- Experience of working with, supporting, or implementing security systems within an NHS IM&T environment.
Desirable
- Proven experience of designing and specifying standards for CS and IG based on ISO2700/ISF Standard of Good Practice, etc.
Knowledge
Essential
- Excellent understanding of communication strategies and approaches in relation to sensitive and contentious issues and incidents.
- An expert understanding of: The Data Protection Act 2018/GDPR Network and information systems (NIS) regulations 2018 DSP Toolkit Cyber Essentials The Access to Health Records Act 1990 The Freedom of Information Act 2000 Confidentiality: The NHS Code of Practice ISO 27001/27002 ISF Standard of Good Practice
- High level of knowledge of IG and related statutory changes and initiatives.
- Excellent understanding of CS and IG issues and challenges.
Skills
Essential
- Ability to interpret and apply a range of specialist knowledge and expertise in CS and IG management.
- The ability to identify, interpret and prioritise key IG/CS issues for senior management and Board review and consideration
- The ability to analyse and review a range of diverse complex information and produce periodic reports for a wide range of audiences
- Excellent facilitation, influencing and conflict resolution skills
- Excellent at verbal and written presentation and communication skills with the confidence to address a variety of internal and external audiences, including senior management internally and externally, and clinicians.
- Ability to produce effective documentation for audiences ranging from highly technical to nontechnical
- Excellent negotiation & persuasion skills at senior level and with external bodies/suppliers.
Person Specification
Qualifications
Essential
- Master's degree level in relevant subject or suitable and equivalent professional accreditations and training CS specific qualifications which may include CISM, CISP, CISA, or other equivalents.
- Data protection specific qualifications which may include BCS.
- Evidence of continuous and comprehensive professional development in CS and IG.
Desirable
- PRINCE 2 Foundation Certificate or equivalent
Experience
Essential
- Demonstrable extensive experience working in information governance / cyber security
- Demonstrable experience in engaging successfully with senior and external senior management in a CS and IG context.
- Experience of managing and progressing major change with significant Cyber and Information Security implications or risks.
- Experience in Leading and managing staff - including performance management, managing sickness absence and disciplinary issues, and managing resources.
- Excellent IT skills, including keyboard skills and experience of Microsoft Office packages and bespoke databases, preferably including computerised hospital administration systems
- Expert experience of writing or implementing NHS security policies and procedures
- Significant experience of implementing and monitoring the DSP Toolkit.
- Experience of serious and sensitive security incident investigation.
- Experience of developing plans and delivery of strategies and tactical components of cyber security.
- Experience of working with, supporting, or implementing security systems within an NHS IM&T environment.
Desirable
- Proven experience of designing and specifying standards for CS and IG based on ISO2700/ISF Standard of Good Practice, etc.
Knowledge
Essential
- Excellent understanding of communication strategies and approaches in relation to sensitive and contentious issues and incidents.
- An expert understanding of: The Data Protection Act 2018/GDPR Network and information systems (NIS) regulations 2018 DSP Toolkit Cyber Essentials The Access to Health Records Act 1990 The Freedom of Information Act 2000 Confidentiality: The NHS Code of Practice ISO 27001/27002 ISF Standard of Good Practice
- High level of knowledge of IG and related statutory changes and initiatives.
- Excellent understanding of CS and IG issues and challenges.
Skills
Essential
- Ability to interpret and apply a range of specialist knowledge and expertise in CS and IG management.
- The ability to identify, interpret and prioritise key IG/CS issues for senior management and Board review and consideration
- The ability to analyse and review a range of diverse complex information and produce periodic reports for a wide range of audiences
- Excellent facilitation, influencing and conflict resolution skills
- Excellent at verbal and written presentation and communication skills with the confidence to address a variety of internal and external audiences, including senior management internally and externally, and clinicians.
- Ability to produce effective documentation for audiences ranging from highly technical to nontechnical
- Excellent negotiation & persuasion skills at senior level and with external bodies/suppliers.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
