Job summary
NHS Surrey Heartlands works in partnership with local health and care organisations - along with staff, patients, their carers, families, and the public - to support people to live healthier lives. We have an ambitious vision for transformation and continuous improvement of health and care across our footprint, supporting the overall objectives of our wider integrated care system; to improve outcomes in population health and healthcare; tackle inequalities in outcomes, experience and access; enhance productivity and value for money and support broader social and economic development in their area.
To deliver our objectives we need a team of talented, collaborative professionals who share the same vision and are passionate about what they do.
Main duties of the job
The role is accountable to the Chief Digital Information Officer providing assurance that the organization is operating to industry standards, meeting cyber ethics and codes of conducts and NHS national frameworks.The Cyber Lead is operationally responsible for ensuring that effective cyber security measures are in place to enable the operation of safe, effective and efficient digital systems, platforms and services. The role will liaise closely with the Information Governance team ensuring that opportunities to maximise efficiencies in security are pursued.The post holder will lead efficient, effective, and high quality professional and well-co-ordinated system wide discussions regarding cyber related priorities, strategy and activity to address the ability of the ICB and ICS to meet all statutory, regulatory and NHS requirements ensuring alignment of activity across partner organisations.
The job description is an outline of the tasks, responsibilities and outcomes required of the role, and the job specification is an outline of the skills, experience and qualities needed. The job holder will carry out any other duties as may reasonably be required by their line manager.
The job description and person specification may be reviewed on an ongoing basis in accordance with the changing needs of the Department and the Organisation.
About us
Surrey Heartlands is a partnership of organisations working together - with staff, patients, their carers, families, and the public - to support people to live healthier lives. Surrey Heartlands developed into an Integrated Care Board (ICB) since July 2022, working through 4 Integrated, dynamic, and sustainable place-based partnerships (our Places), each working together to deliver a shared vision across Surrey.
The 4 Place partnerships are known as:
North West Surrey Alliance
Guildford and Waverley Alliance
Surrey Downs Health and Care
East Surrey Place
We have an ambitious vision for transformation and continuous improvement of health and care across our footprint and to deliver our objectives we need a team of capable, collaborative professionals who share the same vision. We are passionate about creating an inclusive workplace that promotes and values diversity. We know through experience that different ideas, perspectives, and backgrounds create a stronger and more creative work environment that delivers better patient outcomes.
We welcome all applications, especially those from underrepresented communities, including people with a disability, and those from Black, Asian and Minority Ethnic (BAME) backgrounds.
Job description
Job responsibilities
Please see the job description and the person specification documents attached within this job advert.
Job description
Job responsibilities
Please see the job description and the person specification documents attached within this job advert.
Person Specification
Knowledge, Training and Experience
Essential
- Educated to degree level or with equivalent cyber related experience
- CISSP and/or CISM certified
- Extensive knowledge of NHSE cyber policies, guidelines and standards
- Extensive experience and understanding across a broad spectrum of IT services including network, cloud, EUC and the associated cyber safeguards
- A creative thinkeProven track record of delivering cyber security support across a complex multi-dimensional systemr able to find solutions to technically and politically sensitive problems
- Extensive experience of logging, audit and threat assessment tools and techniques
- Demonstrates ability to take a collaborative approach to work - placing the organisation and System's goals and needs at the forefront of decision- making
- Able to lead complex discussions interpreting technical considerations to diverse audiences
- Evidence of continual professional development
Communication & Relationship Skills
Essential
- Communicates with internal staff and external agencies to ensure compliance with performance targets, strategic objectives
- Involves negotiation and diplomacy; undertakes presentations to staff groups and the public/conveys highly contentious information in atmosphere of proposed major change
- The post holder will be required to have regular contact internal and external stakeholders and will often need to engage with them over sensitive, complex, contentious, and confidential issues
- Provide and receive highly complex, sensitive, or contentious information; barriers to understanding; present complex, sensitive, or contentious information to large groups/ communicate in hostile, antagonistic atmosphere
- Participate in relevant internal and external working groups/projects, services, and initiatives to provide project, information and analytical advice and expertise
- Overseeing system colleagues to develop and implement project data collection systems that will provide accurate and timely cyber related data
- Present project information and issues, explaining complexities, to a wide range of internal and external stakeholders
- To liaise with other Managers to share best practice
Analytical & Judgement Skills
Essential
- Analyses highlight complex data or or areas of activity in relation to performance targets, strategic objectives; develop strategies, business plans, and advise in areas where expert opinion differs
Service & Policy
Essential
- Analyses highlight complex data or areas of activity in relation to cyber performance targets, strategic objectives; develop ICB and ICS strategies and policies, business plans, and advise in areas where expert opinion differs
Financial Resources
Essential
- Hold budgets for a major area of activity, monitors budgets responsible for overall budget setting for major area of activity
- The post holder will have budgetary responsibility for a function and the services provided within that function. This will include evaluating the value for money of new contracts, monitoring the performance of existing providers and ensuring that provider performance aligns, and complies, with contractual terms and conditions
- The postholder will be directly responsible for all budgets associated with the management of the function
- Act in a way that is compliant withstanding Orders and Standing Financial Instructions in the discharge of this responsibility
- Constantly strive for value for money and greater efficiency in the use of these budgets and to ensure that they operate in recurrent financial balance year on year
Human Resources
Essential
- Liaise and lead provider and system colleagues to deliver cyber improvement projects
- Deputisewhere appropriate
- To forge positive working relationships across senior ICB stakeholders and ICS partners, to support an effective matrix approach to achieve and deliver complex technical NHS objectives
- To work in a matrix management style and to foster close working relations with other senior managers and leaders/executives within the NHS including regional and national teams
Physical Skills
Essential
- Expert knowledge of cyber security disciplines - network, endpoint, application, data security etc
- Excellent technical skills and ability to grasp modern technologies Extensive knowledge of Microsoft, and use of other cyber related products eg other security related technologies
Equality and Diversity
Essential
- Committed to the equalities agenda and upholding Integrated Care Board values
Autonomy
Essential
- Organised, able to plan a range of activities, respond to changing circumstances, prioritise workload and manage time accordingly
Other
Essential
- Ability to demonstrate the NHS and ICS values and behaviours in all aspects of work and interactions with colleagues, stakeholders, patients and service users
Person Specification
Knowledge, Training and Experience
Essential
- Educated to degree level or with equivalent cyber related experience
- CISSP and/or CISM certified
- Extensive knowledge of NHSE cyber policies, guidelines and standards
- Extensive experience and understanding across a broad spectrum of IT services including network, cloud, EUC and the associated cyber safeguards
- A creative thinkeProven track record of delivering cyber security support across a complex multi-dimensional systemr able to find solutions to technically and politically sensitive problems
- Extensive experience of logging, audit and threat assessment tools and techniques
- Demonstrates ability to take a collaborative approach to work - placing the organisation and System's goals and needs at the forefront of decision- making
- Able to lead complex discussions interpreting technical considerations to diverse audiences
- Evidence of continual professional development
Communication & Relationship Skills
Essential
- Communicates with internal staff and external agencies to ensure compliance with performance targets, strategic objectives
- Involves negotiation and diplomacy; undertakes presentations to staff groups and the public/conveys highly contentious information in atmosphere of proposed major change
- The post holder will be required to have regular contact internal and external stakeholders and will often need to engage with them over sensitive, complex, contentious, and confidential issues
- Provide and receive highly complex, sensitive, or contentious information; barriers to understanding; present complex, sensitive, or contentious information to large groups/ communicate in hostile, antagonistic atmosphere
- Participate in relevant internal and external working groups/projects, services, and initiatives to provide project, information and analytical advice and expertise
- Overseeing system colleagues to develop and implement project data collection systems that will provide accurate and timely cyber related data
- Present project information and issues, explaining complexities, to a wide range of internal and external stakeholders
- To liaise with other Managers to share best practice
Analytical & Judgement Skills
Essential
- Analyses highlight complex data or or areas of activity in relation to performance targets, strategic objectives; develop strategies, business plans, and advise in areas where expert opinion differs
Service & Policy
Essential
- Analyses highlight complex data or areas of activity in relation to cyber performance targets, strategic objectives; develop ICB and ICS strategies and policies, business plans, and advise in areas where expert opinion differs
Financial Resources
Essential
- Hold budgets for a major area of activity, monitors budgets responsible for overall budget setting for major area of activity
- The post holder will have budgetary responsibility for a function and the services provided within that function. This will include evaluating the value for money of new contracts, monitoring the performance of existing providers and ensuring that provider performance aligns, and complies, with contractual terms and conditions
- The postholder will be directly responsible for all budgets associated with the management of the function
- Act in a way that is compliant withstanding Orders and Standing Financial Instructions in the discharge of this responsibility
- Constantly strive for value for money and greater efficiency in the use of these budgets and to ensure that they operate in recurrent financial balance year on year
Human Resources
Essential
- Liaise and lead provider and system colleagues to deliver cyber improvement projects
- Deputisewhere appropriate
- To forge positive working relationships across senior ICB stakeholders and ICS partners, to support an effective matrix approach to achieve and deliver complex technical NHS objectives
- To work in a matrix management style and to foster close working relations with other senior managers and leaders/executives within the NHS including regional and national teams
Physical Skills
Essential
- Expert knowledge of cyber security disciplines - network, endpoint, application, data security etc
- Excellent technical skills and ability to grasp modern technologies Extensive knowledge of Microsoft, and use of other cyber related products eg other security related technologies
Equality and Diversity
Essential
- Committed to the equalities agenda and upholding Integrated Care Board values
Autonomy
Essential
- Organised, able to plan a range of activities, respond to changing circumstances, prioritise workload and manage time accordingly
Other
Essential
- Ability to demonstrate the NHS and ICS values and behaviours in all aspects of work and interactions with colleagues, stakeholders, patients and service users
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Employer details
Employer name
Surrey Heartlands ICB
Address
Dukes Court
Dukes Street
Woking
GU21 5BH