Job summary
The Head of Cyber Security will lead the Trust's cyber security strategy, governance, and operations. This senior leadership role ensures the confidentiality, integrity, and availability of OUH's digital assets and information systems. The post holder will act as the authoritative voice on cyber security, representing OUH in regional and national forums, and will be responsible for aligning the Trust's cyber posture with NHS frameworks such as DSPT, CAF, and ISO 27001.
Main duties of the job
The Head of Cyber Security is responsible for shaping and executing the Trust's cyber security strategy, ensuring that digital assets and information systems remain secure, resilient, and compliant with NHS frameworks such as DSPT, CAF, and ISO27001. This role provides strategic leadership by developing and implementing cyber security plans, leading maturity assessments, and offering board-level assurance on risk and compliance. The post holder represents the Trust in key regional and national cyber forums, helping to align local priorities with broader NHS initiatives.
In addition to strategic oversight, the role encompasses governance and risk management, including ownership of the Information Security Management System (ISMS), leading audits, chairing assurance groups, and supporting data protection compliance as Deputy SIRO.
About us
Oxford University Hospitals NHS Foundation Trust is one of the largest NHS teaching trusts in the country. It provides a wide range of general and specialist clinical services and is a base for medical education, training and research. The Trust comprises four hospitals - the John Radcliffe Hospital, Churchill Hospital and Nuffield Orthopaedic Centre in Headington and the Horton General Hospital in Banbury. For more information on OUH please view OUH At a Glance by OUHospitals - Issuu
Our values, standards and behaviours define the quality of clinical care we offer and the professional relationships we make with our patients, colleagues and the wider community.
We call this Delivering Compassionate Excellence and its focus is on our values of compassion, respect, learning, delivery, improvement and excellence.
Job description
Job responsibilities
For further information, please refer to the attached job description and person spec. For an informal discussion about the role, please contact Ian Fabbro.
Job description
Job responsibilities
For further information, please refer to the attached job description and person spec. For an informal discussion about the role, please contact Ian Fabbro.
Person Specification
Qualifications
Essential
- Educated to Masters level in a relevant subject or have equivalent experience
- Specialist qualifications in ICT and/or Cyber Security, for example: CISSP/CISM/CRISC or equivalent
Desirable
- Committed to ongoing specialist training to support job role and self-development
Experience
Essential
- Senior leadership in cyber security within an NHS or complex public sector environment, with a strong track record of achievement
- Extensive experience of managing cyber security and risk
- Extensive experience of interpreting and applying the law governing the management of information
Desirable
- Broad IM&T knowledge and an understanding of computer and confidentiality related legislation and professional standards
- Good understanding of principles of managing enterprise-scale IT networks
Person Specification
Qualifications
Essential
- Educated to Masters level in a relevant subject or have equivalent experience
- Specialist qualifications in ICT and/or Cyber Security, for example: CISSP/CISM/CRISC or equivalent
Desirable
- Committed to ongoing specialist training to support job role and self-development
Experience
Essential
- Senior leadership in cyber security within an NHS or complex public sector environment, with a strong track record of achievement
- Extensive experience of managing cyber security and risk
- Extensive experience of interpreting and applying the law governing the management of information
Desirable
- Broad IM&T knowledge and an understanding of computer and confidentiality related legislation and professional standards
- Good understanding of principles of managing enterprise-scale IT networks
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
