Job summary
This is an excellent opportunity to help create a leading digital security function in the NHS. Reporting to the Chief Technology Officer, the Chief Information Security Officer (CISO) will lead and manage the overall information security function. The CISO leads IT security activities within the Trust, managing the information and technology risk to the Trust's IT facilities and information from internal and external threats. This role advises the Trust at a strategic level on existing and emerging threats, owns and develops the Trust's information security posture using a risk-based approach and takes a comprehensive approach to information security.
Main duties of the job
We are looking for an experienced information and security professional with strong leadership skills, excellent digital and cyber security knowledge and a successful track record of delivery in senior information security roles. You will need to possess highly developed digital and cyber security skills and be accustomed to working at a senior level leading and delivering IT security in a sensitive and complex environment. You will be accustomed to working with executive teams and be able to clearly engage with internal and external stakeholders. The successful candidate will provide clear leadership and direction to motivate staff and teams to ensure delivery of the Trust's strategic aims and objectives.
In return, you could be part of an upward journey, within which there is both permission and support to be innovative, to ensure the Trust develops a leading digital function.
About us
Originally formed in 2000, ELFT has long been recognised as a centre of excellence for mental health care, innovation and improvement. We care for a population of more than 750,000 and we are proud to serve one of the most culturally diverse parts of the UK. In Bedfordshire and Luton, we are now responsible for a further 630,000 people's mental health and community health care needs. Wherever patients receive our services and from whichever team, our values of care, respect and inclusivity underpin all that we do. Valuing the diversity of our local population is fundamental to realising our vision to provide outstanding healthcare to our diverse community. In September 2016, the Trust was proud to be rated as 'Outstanding' by the Care Quality Commission, and the Trust was once again rated at 'Outstanding' by the CQC in June 2018 and 2021.
Job description
Job responsibilities
Our Board have clear ambition to be a Digital First organisation. Our digital strategy is a collaboration between the Trust senior management team, the Digital Team, and a wide range of stakeholders who firmly believe in building upon our digital capabilities to ensure ELFT are regarded as pioneers in Digital. The scale of response to the COVID-19 pressures, particularly enabling remote and mobile working, and setting up the Stratford vaccination centre, has been remarkable. However, there are also significant challenges to address. Digital tools and services are now fundamental to the management and delivery of our services. This is an extremely exciting time to be joining our Trust on this journey.
Job description
Job responsibilities
Our Board have clear ambition to be a Digital First organisation. Our digital strategy is a collaboration between the Trust senior management team, the Digital Team, and a wide range of stakeholders who firmly believe in building upon our digital capabilities to ensure ELFT are regarded as pioneers in Digital. The scale of response to the COVID-19 pressures, particularly enabling remote and mobile working, and setting up the Stratford vaccination centre, has been remarkable. However, there are also significant challenges to address. Digital tools and services are now fundamental to the management and delivery of our services. This is an extremely exciting time to be joining our Trust on this journey.
Person Specification
Education & Qualification
Essential
- o Educated to Masters level or equivalent experience
- o Management Qualification.
- o Significant evidence of continued professional development
- o Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (e.g.: ISO 27001/2, COBIT)
Desirable
- o ITIL Qualification
- o COBIT
EXPERIENCE & KNOWLEDGE
Essential
- o Proven and significant leadership experience and/or formal management qualification.
- o Demonstrated expertise in an IT Security environment
- o Significant management experience at senior level not necessarily in the NHS
- o Proven experience of working at a senior level leading and delivering IT Security in a sensitive and complex environment which is undergoing significant change
- o Experience of delivering presentations to large groups of stakeholders
- o Demonstrable commitment to partnership working with a range of external organisations
- o Experience in engaging and influencing stakeholders from diverse backgrounds
- o Experience of managing and prioritising a budget
- o Proven track record in IT Security
Desirable
- o Understanding of the role of Data in all aspects of NHS operational activity and 'business' processes.
- o Demonstrated expertise in a Healthcare environment
- o Significant management experience at senior level in the NHS
SKILLS AND ABILITIES
Essential
- o Dynamic personality and the ability to build trusted stakeholder relationships.
- o Strong external communications skills in a sensitive environment
- o Ability to prepare and produce concise yet insightful communications for dissemination to senior stakeholders and a broad range of stakeholders as required
- o Ability to analyse highly complex issues where material is conflicting and drawn from multiple sources (verbal, written and numerical).
- o Demonstrated capability to act upon incomplete information, using experience to make inferences and decision making
- o Ability to analyse numerical and written data, assess options and draw appropriate initiatives
- o Ability to delegate effectively
- o Demonstrated capabilities to manage own workload and make informed decisions in the absence of required information, working to tight and often changing timescales
- o Ability to make decisions autonomously, when required, on difficult issues
- o Working knowledge of Microsoft Office with intermediate keyboard skills.
- o Ability to provide informative reporting on finances and impact to Board management.
- o Able to make a connection between their work and the benefit to patients
- o Consistently reflects on how their work can help and support clinicians and frontline staff deliver better outcomes for patients
- o Consistently looks to improve what they do, looks for successful tried and tested ways of working, and also seeks out innovation
Desirable
- o Ability to architect innovative solutions to complex technical problems.
PERSONAL QUALITIES
Essential
- o Works well with others, is positive and helpful, listens, involves, respects and learns from the contribution of others
- o Values diversity and difference, operates with integrity and openness
- o Contactable / on-call Cover / call-out in Major Incident in the Trust or Major Digital Project go-lives.
- o Flexible working at peak periods (particularly project 'go-live' or switchover)
- o Demonstrates professional and personal credibility and integrity and is a respected leader.
OTHER REQUIREMENTS
Essential
- o Understanding of Equal Opportunities in the NHS & Equality & Diversity agenda.
Person Specification
Education & Qualification
Essential
- o Educated to Masters level or equivalent experience
- o Management Qualification.
- o Significant evidence of continued professional development
- o Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (e.g.: ISO 27001/2, COBIT)
Desirable
- o ITIL Qualification
- o COBIT
EXPERIENCE & KNOWLEDGE
Essential
- o Proven and significant leadership experience and/or formal management qualification.
- o Demonstrated expertise in an IT Security environment
- o Significant management experience at senior level not necessarily in the NHS
- o Proven experience of working at a senior level leading and delivering IT Security in a sensitive and complex environment which is undergoing significant change
- o Experience of delivering presentations to large groups of stakeholders
- o Demonstrable commitment to partnership working with a range of external organisations
- o Experience in engaging and influencing stakeholders from diverse backgrounds
- o Experience of managing and prioritising a budget
- o Proven track record in IT Security
Desirable
- o Understanding of the role of Data in all aspects of NHS operational activity and 'business' processes.
- o Demonstrated expertise in a Healthcare environment
- o Significant management experience at senior level in the NHS
SKILLS AND ABILITIES
Essential
- o Dynamic personality and the ability to build trusted stakeholder relationships.
- o Strong external communications skills in a sensitive environment
- o Ability to prepare and produce concise yet insightful communications for dissemination to senior stakeholders and a broad range of stakeholders as required
- o Ability to analyse highly complex issues where material is conflicting and drawn from multiple sources (verbal, written and numerical).
- o Demonstrated capability to act upon incomplete information, using experience to make inferences and decision making
- o Ability to analyse numerical and written data, assess options and draw appropriate initiatives
- o Ability to delegate effectively
- o Demonstrated capabilities to manage own workload and make informed decisions in the absence of required information, working to tight and often changing timescales
- o Ability to make decisions autonomously, when required, on difficult issues
- o Working knowledge of Microsoft Office with intermediate keyboard skills.
- o Ability to provide informative reporting on finances and impact to Board management.
- o Able to make a connection between their work and the benefit to patients
- o Consistently reflects on how their work can help and support clinicians and frontline staff deliver better outcomes for patients
- o Consistently looks to improve what they do, looks for successful tried and tested ways of working, and also seeks out innovation
Desirable
- o Ability to architect innovative solutions to complex technical problems.
PERSONAL QUALITIES
Essential
- o Works well with others, is positive and helpful, listens, involves, respects and learns from the contribution of others
- o Values diversity and difference, operates with integrity and openness
- o Contactable / on-call Cover / call-out in Major Incident in the Trust or Major Digital Project go-lives.
- o Flexible working at peak periods (particularly project 'go-live' or switchover)
- o Demonstrates professional and personal credibility and integrity and is a respected leader.
OTHER REQUIREMENTS
Essential
- o Understanding of Equal Opportunities in the NHS & Equality & Diversity agenda.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
UK Registration
Applicants must have current UK professional registration. For further information please see
NHS Careers website (opens in a new window).
Additional information
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab).
From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab).
UK Registration
Applicants must have current UK professional registration. For further information please see
NHS Careers website (opens in a new window).
