Isle of Wight NHS Trust

Technical Security Supervisor

The closing date is 22 March 2026

Apply for this job

Job summary

This vacancy is open to employees of Isle of Wight NHS Trust and Portsmouth Hospitals University NHS Trust only.

NHS Band 7: £49,387 - £56,515 per annum (effective from 01/04/2026)

Hours Per Week: 37.5 full time

Contract Type: Fixed term for 2 years

Job purpose

As team leader for the Technical Services Security Team, the post holder will be the lead IT Security technical role in the provision of effective, efficient and fully integrated IT operational services that maximise their availability and integrity for end-users and optimise the value gained by the Trust from its investment in IT. They will work across the Digital and the wider organisation to ensure that the Trust maintains the highest standards of compliance and defence against cyber security threats, ensuring that cyber security is a golden thread running through all our processes and planning.

Main duties of the job

Key Responsibilities:

  • Responsible for engagement of clinical and non-clinical stakeholders across the organisation and wider health system, managing their potentially conflicting views and priorities.
  • Development of communications plans, reflecting the information needs of all stakeholders.
  • Responsible for producing clear, concise highlight reports on plans, progress, risks and issues for the project board and exception reports where project tolerances are breached.
  • Required to monitoring the delivery of all elements of schemes, analysing large amounts of complex information, from multiple sources and often under pressure of time, to identify risks and issues that might derail the project.
  • Identify and manage interdependencies and prioritise actions to mitigate these, escalating to the project board for support when required.
  • Drawing on expert support where needed, analyse, map and review current state processes and pathways across multidisciplinary teams.
  • To contribute to the ongoing development of processes and methodologies that support the successful delivery of projects and programmes of work.
  • Encourage innovation and identify opportunities for continual improvement.
  • Contribute to target setting, policy development and monitoring and evaluation for improvement of performance in project area.

About us

Working as a partnership, both Isle of Wight NHS Trust and Portsmouth Hospitals University NHS Trust have a shared vision for excellence in care for our patients and communities; with a set of strategic aims underpinning how we will achieve this. The creation of a single corporate service (SCS) is essential for us to support our clinical and operational services, and our wider transformation programme

This vacancy is part of the Single Corporate Services Division and our vision is :

  • Be an employer of choice for corporate talent, attracting and retaining people who share our values for excellence in care and welcome the opportunity to benefit from the broad range of flexible career and development opportunities we can offer.
  • Improve efficiency through simplified and standardised policies, processes, and systems, drawing on the best from both Trusts.
  • Co-invest in the latest digital solutions and standardise our approach, meaning we do things once for both organisations.
  • Improve learning and development opportunities and sharing best practice, upskilling both Trusts.
  • Co-locate teams in purpose-built facilities on the Island and in Portsmouth to enable closer working and sharing.
  • Build resilience for individuals and our teams.

The SCS is delivered across IWT or PHU, you may be based at either location and be required to undertake business travel between sites.

Details

Date posted

05 March 2026

Pay scheme

Agenda for change

Band

Band 7

Salary

£49,387 to £56,515 a year

Contract

Fixed term

Duration

2 years

Working pattern

Full-time

Reference number

REF2099A

Job locations

Queen Alexandra Hospital

Southwick Hill Road

Cosham

Portsmouth

PO6 3LY


Job description

Job responsibilities

Job summary

Team Management:

  • In the absence of the Technical Services Manager, ensure tasks are appropriately prioritised and scheduled, skills appropriately utilised, procedures documented and followed, adequate coverage for absence and Out-of-Hours support is in place, and consistent, up-to-date documentation is established and maintained.
  • Provide the immediate line management for the Security Specialists within the Technical Security Team.
  • Monitor security standards for the Technical Services team, monitoring achievement against these, and devising improved ways of working, working with the Technical Services Manager.
  • As a team leader, take a lead role in the daily scrum held within the team to ensure the team collaboration and focus is aligned to the business outcomes.
  • Play a leading role in contributing to the Technical Services team working processes and operating procedures.
  • Facilitate Triage of incoming workloads and allocation of work throughout the team as required.
  • Ensure that Technical Services team and external contractors work in a responsible and safe manner and have due regard for health and safety regulations.

System Design & Hosting:

  • Secure System Architecture: Design and implement robust security architectures for IT solutions, ensuring the integration of security principles such as least privilege, defense in depth, and secure by design throughout the IT solutions lifecycle.
  • Access Control Management: Develop and enforce access control policies, ensuring that only authorized personnel have access to sensitive systems and data, using multi-factor authentication, role-based access, and other security mechanisms.
  • Data Encryption and Protection: Implement strong encryption protocols and secure data handling practices to protect sensitive information both in transit and at rest, ensuring compliance with relevant regulations and standards.
  • Vulnerability Management: Conduct regular vulnerability assessments and security testing (e.g., penetration testing) to identify and mitigate potential security weaknesses in system design and hosting environments.
  • Incident Detection and Response: Design and implement systems for real-time monitoring and logging, enabling the timely detection, investigation, and response to security incidents and breaches.
  • Compliance and Audit Support: Ensure that systems are designed and hosted in accordance with relevant regulatory requirements and industry standards, providing necessary documentation and support during security audits and compliance assessments.

Software and Hardware Installation:

  • Secure Configuration and Hardening: Ensure that all software and hardware installations follow secure configuration guidelines and hardening practices to minimize vulnerabilities and reduce the attack surface.
  • Patch Management: Oversee the timely installation of security patches and updates for both software and hardware across the entire IT landscape & two hospitals, ensuring that systems are protected against known threats and vulnerabilities.
  • Malware Protection: Implement and configure antivirus, anti-malware, and intrusion detection/prevention systems during installation to safeguard against malicious software and unauthorized access.
  • Access Control Implementation: Configure and enforce strict access controls during software and hardware installation, ensuring that only authorized users can access and modify system components.
  • Data Backup and Recovery Setup: Establish and verify secure data backup and recovery procedures during installation, ensuring that critical data is protected and can be restored in the event of a failure or breach.
  • Documentation and Compliance: Maintain detailed records of software and hardware installations, including configurations, security settings, and compliance with industry standards, to support ongoing security management and audits.

Infrastructure Developments/Innovation:

  • Secure Infrastructure Design: support the development of secure infrastructure solutions, incorporating advanced security measures and best practices into the planning, design, and implementation of new technologies.
  • Emerging Threat Mitigation: Proactively identify and address emerging security threats and vulnerabilities, adapting infrastructure developments to stay ahead of potential risks and ensure ongoing protection.
  • Integration of Security Technologies: Evaluate, select, and integrate cutting-edge security technologies and tools within the infrastructure to enhance overall security posture and support innovative solutions.
  • Scalability and Flexibility: Ensure that infrastructure developments are designed with scalability and flexibility in mind, allowing for secure expansion and adaptation to future technological advancements.
  • Automation and Orchestration: Implement automation and orchestration tools to streamline security processes within infrastructure developments, improving efficiency, consistency, and responsiveness to security incidents.
  • Collaboration with Stakeholders: Work closely with cross-functional teams, including IT, operations, and management, to align infrastructure innovations with security requirements and Hospital Group aims, ensuring that security is integrated into all phases of development.

For additional information please read attached full job description.

Job description

Job responsibilities

Job summary

Team Management:

  • In the absence of the Technical Services Manager, ensure tasks are appropriately prioritised and scheduled, skills appropriately utilised, procedures documented and followed, adequate coverage for absence and Out-of-Hours support is in place, and consistent, up-to-date documentation is established and maintained.
  • Provide the immediate line management for the Security Specialists within the Technical Security Team.
  • Monitor security standards for the Technical Services team, monitoring achievement against these, and devising improved ways of working, working with the Technical Services Manager.
  • As a team leader, take a lead role in the daily scrum held within the team to ensure the team collaboration and focus is aligned to the business outcomes.
  • Play a leading role in contributing to the Technical Services team working processes and operating procedures.
  • Facilitate Triage of incoming workloads and allocation of work throughout the team as required.
  • Ensure that Technical Services team and external contractors work in a responsible and safe manner and have due regard for health and safety regulations.

System Design & Hosting:

  • Secure System Architecture: Design and implement robust security architectures for IT solutions, ensuring the integration of security principles such as least privilege, defense in depth, and secure by design throughout the IT solutions lifecycle.
  • Access Control Management: Develop and enforce access control policies, ensuring that only authorized personnel have access to sensitive systems and data, using multi-factor authentication, role-based access, and other security mechanisms.
  • Data Encryption and Protection: Implement strong encryption protocols and secure data handling practices to protect sensitive information both in transit and at rest, ensuring compliance with relevant regulations and standards.
  • Vulnerability Management: Conduct regular vulnerability assessments and security testing (e.g., penetration testing) to identify and mitigate potential security weaknesses in system design and hosting environments.
  • Incident Detection and Response: Design and implement systems for real-time monitoring and logging, enabling the timely detection, investigation, and response to security incidents and breaches.
  • Compliance and Audit Support: Ensure that systems are designed and hosted in accordance with relevant regulatory requirements and industry standards, providing necessary documentation and support during security audits and compliance assessments.

Software and Hardware Installation:

  • Secure Configuration and Hardening: Ensure that all software and hardware installations follow secure configuration guidelines and hardening practices to minimize vulnerabilities and reduce the attack surface.
  • Patch Management: Oversee the timely installation of security patches and updates for both software and hardware across the entire IT landscape & two hospitals, ensuring that systems are protected against known threats and vulnerabilities.
  • Malware Protection: Implement and configure antivirus, anti-malware, and intrusion detection/prevention systems during installation to safeguard against malicious software and unauthorized access.
  • Access Control Implementation: Configure and enforce strict access controls during software and hardware installation, ensuring that only authorized users can access and modify system components.
  • Data Backup and Recovery Setup: Establish and verify secure data backup and recovery procedures during installation, ensuring that critical data is protected and can be restored in the event of a failure or breach.
  • Documentation and Compliance: Maintain detailed records of software and hardware installations, including configurations, security settings, and compliance with industry standards, to support ongoing security management and audits.

Infrastructure Developments/Innovation:

  • Secure Infrastructure Design: support the development of secure infrastructure solutions, incorporating advanced security measures and best practices into the planning, design, and implementation of new technologies.
  • Emerging Threat Mitigation: Proactively identify and address emerging security threats and vulnerabilities, adapting infrastructure developments to stay ahead of potential risks and ensure ongoing protection.
  • Integration of Security Technologies: Evaluate, select, and integrate cutting-edge security technologies and tools within the infrastructure to enhance overall security posture and support innovative solutions.
  • Scalability and Flexibility: Ensure that infrastructure developments are designed with scalability and flexibility in mind, allowing for secure expansion and adaptation to future technological advancements.
  • Automation and Orchestration: Implement automation and orchestration tools to streamline security processes within infrastructure developments, improving efficiency, consistency, and responsiveness to security incidents.
  • Collaboration with Stakeholders: Work closely with cross-functional teams, including IT, operations, and management, to align infrastructure innovations with security requirements and Hospital Group aims, ensuring that security is integrated into all phases of development.

For additional information please read attached full job description.

Person Specification

Experience

Essential

  • Broad practical experience and Hands-on technical experience in the majority of the following:
  • Microsoft Windows and BackOffice Servers (SQL Server, Exchange).
  • App-V or alternate Application Virtualisation solution o Citrix XenApp Application and Interview.
  • Cisco Switches and ASA and general networking.
  • SAN technologies (Block and File).
  • AppSense.
  • VMware/Server Virtualisation o Security Event Monitoring/Aggregation.
  • Event Monitoring solutions (e.g. SolarWinds/Zabbix or similar).

Skills and Knowledge

Essential

  • Demonstrable in depth understanding of current NHS standards and policies relating to security.
  • Ability to manage multiple complex projects to a successful conclusion, using structured methodologies
  • Substantial knowledge of Change Management processes and techniques.
  • Working to IT service management best practice i.e. ITIL.
  • Ability to forge long-term working partnerships with individuals and groups from internal and external departments and organisations.

Qualifications

Essential

  • ITIL v3 Foundation
  • Degree-level Qualification or equivalent in a Computing or analytical field
  • Technical Accreditation in one or more of the following:
  • Microsoft MCP/MCSA/MCSE
  • Cisco CCNA
  • CompTIA Security+ .
  • Certified Ethical Hacker (CEH)

Desirable

  • ISO27001 CISSP.
Person Specification

Experience

Essential

  • Broad practical experience and Hands-on technical experience in the majority of the following:
  • Microsoft Windows and BackOffice Servers (SQL Server, Exchange).
  • App-V or alternate Application Virtualisation solution o Citrix XenApp Application and Interview.
  • Cisco Switches and ASA and general networking.
  • SAN technologies (Block and File).
  • AppSense.
  • VMware/Server Virtualisation o Security Event Monitoring/Aggregation.
  • Event Monitoring solutions (e.g. SolarWinds/Zabbix or similar).

Skills and Knowledge

Essential

  • Demonstrable in depth understanding of current NHS standards and policies relating to security.
  • Ability to manage multiple complex projects to a successful conclusion, using structured methodologies
  • Substantial knowledge of Change Management processes and techniques.
  • Working to IT service management best practice i.e. ITIL.
  • Ability to forge long-term working partnerships with individuals and groups from internal and external departments and organisations.

Qualifications

Essential

  • ITIL v3 Foundation
  • Degree-level Qualification or equivalent in a Computing or analytical field
  • Technical Accreditation in one or more of the following:
  • Microsoft MCP/MCSA/MCSE
  • Cisco CCNA
  • CompTIA Security+ .
  • Certified Ethical Hacker (CEH)

Desirable

  • ISO27001 CISSP.

Employer details

Employer name

Isle of Wight NHS Trust

Address

Queen Alexandra Hospital

Southwick Hill Road

Cosham

Portsmouth

PO6 3LY


Employer's website

https://www.iow.nhs.uk/ (Opens in a new tab)

Employer details

Employer name

Isle of Wight NHS Trust

Address

Queen Alexandra Hospital

Southwick Hill Road

Cosham

Portsmouth

PO6 3LY


Employer's website

https://www.iow.nhs.uk/ (Opens in a new tab)

Employer contact details

For questions about the job, contact:

Hiring Manager

Simon Scott

s.scott47@nhs.net

Details

Date posted

05 March 2026

Pay scheme

Agenda for change

Band

Band 7

Salary

£49,387 to £56,515 a year

Contract

Fixed term

Duration

2 years

Working pattern

Full-time

Reference number

REF2099A

Job locations

Queen Alexandra Hospital

Southwick Hill Road

Cosham

Portsmouth

PO6 3LY


Supporting documents

Privacy notice

Isle of Wight NHS Trust's privacy notice (opens in a new tab)