Job summary
The role sits within the Joint Cyber Unit (JCU) a collaboration between the Department of Health and Social Care (DHSC) and NHS England (NHSE). The JCU is embedded within the Digital Policy Unit (DPU), a unit comprising both DHSC staff and NHSE staff intended to design, plan and build adigitally enabled, data driven and safe health and social care system with ministers and the NHS.
The purpose of the JCU is to provide strategic leadership in cyber security across the health and care sector, assure the cyber security of the sector, act as system stewards to improve cyber resilience across the health and care system and to provide advice which empowers health and care staff to share information appropriately and securely to deliver care.
As part of a joint unit with DHSC and working closely in tandem with both NHS Digital and the National Cyber Security Centre the wider team has accountability to Ministers and Parliament as well as responsibility for delivery of managed cyber security services to the system.
Main duties of the job
The Risk and Assurance function is responsible for managing cyber risk across the health and care system, ensuring that we operate within the appetite set out by both the NHSE and DHSC boards. The function informs work across the JCU - most notably, the standards and policies that we create, and the engagement and regulatory activity that we carry out.
The post holder should have expertise in managing cyber security risks in large and complex environments and should be able to evidence their commitment to continuing professional development. This is a lead role within the risk and assurance function, as such the post holder will need to have line management experience and the ability to deal with competing priorities and tight deadlines. They should also have the ability to build and maintain strong working relationships with other teams and be able to communicate cyber security risk topics to a range of stakeholders (both technical and non-technical).
About us
The NHS England board have set out the top-level purpose for the new organisation to lead the NHS in England to deliver high-quality services for all, which will inform the detailed design work and we will achieve this purpose by:
- Enabling local systems and providers to improve the health of their people and patients and reduce health inequalities.
- Making the NHS a great place to work, where our people can make a difference and achieve their potential.
- Working collaboratively to ensure our healthcare workforce has the right knowledge, skills, values and behaviours to deliver accessible, compassionate care
- Optimising the use of digital technology, research, and innovation
- Delivering value for money.
If you would like to know more or require further information, please visithttps://www.england.nhs.uk/.
Colleagues with a contractual office base are expected to spend, on average, at least 40% of their time working in-person.
Staff recruited from outside the NHS will usually be appointed at the bottom of the pay band.
NHS England hold a Sponsor Licence; this means that we may be able to sponsor you providing the Home Office requirements are met. To be eligible for sponsorship through the Skilled Worker route you'll usually need to be paid the 'standard' salary rate of at least £38,700 per year, or the 'going rate' for your job, whichever is higher. You can find more information on the Government website.
Job description
Job responsibilities
6 shortlisting criteria:
- Subject matter expertise across a number of key areas relating to cyber security.
- Strong risk management and risk analysis skills and an expert grasp of the cyber components.
- Evidence of post qualifying and continuing professional development.
- Should have an appreciation of the relationship between the Department of Health, NHS England and individual provider and commissioning organisations.
- Experience of delivering against competing priorities and deadlines while also directing the work of teams/individuals.
- A willingness to train to gain appropriate cyber qualifications. (ISACA: Certified Information Security Manager (CISM)
Important: Please be aware there are residency requirements you need to meet:
All NHS England Cyber Security personnel must hold security clearance SC level as a minimum. To meet National Security Vetting requirements, you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role will still be considered.
Job description
Job responsibilities
6 shortlisting criteria:
- Subject matter expertise across a number of key areas relating to cyber security.
- Strong risk management and risk analysis skills and an expert grasp of the cyber components.
- Evidence of post qualifying and continuing professional development.
- Should have an appreciation of the relationship between the Department of Health, NHS England and individual provider and commissioning organisations.
- Experience of delivering against competing priorities and deadlines while also directing the work of teams/individuals.
- A willingness to train to gain appropriate cyber qualifications. (ISACA: Certified Information Security Manager (CISM)
Important: Please be aware there are residency requirements you need to meet:
All NHS England Cyber Security personnel must hold security clearance SC level as a minimum. To meet National Security Vetting requirements, you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role will still be considered.
Person Specification
Qualifications
Essential
- Holds or has equivalent level of experience to appropriate cyber qualifications. ISACA: Certified Information Security Manager (CISM)
- Willingness to gain security clearance SC level as a minimum to meet National Security Vetting
Desirable
- Already holds SC Clearance level
Knowledge and experience
Essential
- Subject matter expertise across a number of key areas relating to cyber security.
- Strong risk management and risk analysis skills and an expert grasp of the cyber components.
- Evidence of post qualifying and continuing professional development.
Skills Capabilities & Attributes
Essential
- Should have an appreciation of the relationship between the Department of Health, NHS
- Experience of delivering against competing priorities and deadlines while also directing the work of teams/individuals.
Person Specification
Qualifications
Essential
- Holds or has equivalent level of experience to appropriate cyber qualifications. ISACA: Certified Information Security Manager (CISM)
- Willingness to gain security clearance SC level as a minimum to meet National Security Vetting
Desirable
- Already holds SC Clearance level
Knowledge and experience
Essential
- Subject matter expertise across a number of key areas relating to cyber security.
- Strong risk management and risk analysis skills and an expert grasp of the cyber components.
- Evidence of post qualifying and continuing professional development.
Skills Capabilities & Attributes
Essential
- Should have an appreciation of the relationship between the Department of Health, NHS
- Experience of delivering against competing priorities and deadlines while also directing the work of teams/individuals.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
