Data Security and Protection Technical Compliance Officer

Job responsibilities

The role will work across all clinical and corporate services with the ability to meet tight deadlines managing multiple projects delivering the Trusts Data Security and Protection agenda and overall Health Informatics digital strategy. This post is the DSP point of contact for all Trust staff for information, support and guidance.

The role must be proficient in the areas of technical data security, data protection, risk analysis, incident management with cyber security compliance skills ensuring information rights legislation compliance is met.

Analysis through audit of risks, issues, incidents and reporting with options and recommendations is key to providing regular compliance updates to the Trust Board.

Cyber risk compliance reports are required by the Trust Board and committees, working with the IT Security Manager to ensure accurate and relevant risks and controls are escalated and implemented.

Developing and delivering training and awareness packages for staff of all levels to support completion and compliance in DSP areas.

Research and reporting of future DSP, cyber technical and legal requirements required to support the DSP management team in developing strategy, workplans and frameworks to meet the relevant requirements.

The role will work with the Trust Data Protection Officer, responding to complaints, offering advice and guidance and completing investigations, reporting the outcome to the requestors and Regulator.

Qualifications

Essential

• GCSE English and Maths (or equivalent)
• Educated to Degree Level or equivalent experience (Substantial practical Data Protection and/or technical Cyber Security Support).
• Advanced Computer and IT skills to include: word, PowerPoint, excel.
• Project management tools / methodology.
• Evidence of continuing professional development

Desirable

• Evidence of other specialist qualifications and training in data protection, data security and technical cyber security related roles. (CIPP/E, CIPM, CISSP, CISM, BSI / ISEB Data Protection / Risk Management)
• Prince II Qualified
• Major integrated NHS IT systems, ideally Cerner.

Experience

Essential

• Knowledge and understanding of best practice in the field of data protection and relevant legislation.
• Knowledge and understanding of best practice in the field of cyber security.
• Experience of working in a health care setting dealing with complex and sensitive situations
• Working knowledge of the business and role of the Organisation in which employed associated with DSP technical compliance.
• Ability to work across departmental and professional boundaries.
• Excellent interpersonal, verbal and written communication skills.
• Team leader & player.
• Analytical skills.
• Able to establish credibility with a wide range of clinical staff, managers and Health Informatics specialists.
• Knowledge of Risk Management Methodology.

Desirable

• Detailed technical knowledge of best practice in the field of cyber security, software vulnerability support and relevant standards.
• Expert knowledge of national standards and codes of practice in the field data protection and security.
• Experience and knowledge of managing and assessing medical device software.
• Appreciation of the role played by IT in health and its potential.
• An understanding of NHS systems, applications and processes.

Special Requirements

Essential

• Ability to work and travel between sites to meet the requirements of the post.
• Ability to work outside core times, at short notice.

Special Skills and Knowledge

Essential

• Data Security and Protection / IM&T Security experience within a large multidisciplinary organisation.
• Experience of associated legislation and guidance relating to organisational best practice within DSP and cyber security.
• Experience in the support of computer hardware, software and peripherals.
• Experience of risk management methodology undertake analysis and audits required and develop associated action plans and reports.
• Experience of developing and implementing work plans and delivering against associated projects.
• Experience of delivering results in demanding and time restricted projects and work streams through team working and influencing people.
• Experience in the use of Microsoft operating systems and the ability to support bespoke systems which control and manage this highly complex environment.
• Ability to work on own initiative and within teams to achieve targets and timescales to deliver work streams and with minimal supervision.
• Experience of working effectively in collaboration with other agencies
• Evidence of successfully handling sensitive situations effectively and confidentially.
• Experience in the development and delivery of training material to large groups of staff

Desirable

• Various operating system experience from multiple vendors, including, but not limited to Microsoft
• Windows and Unix platforms.
• Experience of NHS IT integrated systems, ideally Cerner.
• Experience of DSP within the Public Sector/NHS.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).