Cyber Security Manager
| Posting date: | 08 October 2025 |
|---|---|
| Salary: | Not specified |
| Additional salary information: | Negotiable |
| Hours: | Full time |
| Closing date: | 15 October 2025 |
| Location: | Elland, HX5 9JP |
| Company: | NHS Jobs |
| Job type: | Permanent |
| Job reference: | C9372-25-0641 |
Summary
Please note: This role requires Security Check (SC) clearance. Candidates must already hold this clearance or be eligible to obtain it. Applicants must either currently hold SC clearance or be eligible and willing to undergo the Security Check vetting process. Due to the security-sensitive nature of this role, SC clearance is required. Strategic Formulate and implement the long term Cyber & IT Security Strategy and dependant Policies and Procedures, in line with THIS, CHFT, customer and national requirements Formulate the Health Informatics Cyber & IT Security business plan Scope, design and implement GRC Methodologies in conjunction with the DPO across all Trust departments Design CITS policies in line with existing and upcoming nationally and locally mandated compliancy requirements Support the senior leadership team to plan the long term development of The Health Informatics Service Maintain all business level certifications/accreditations e.g. Cyber Essentials, IASME, IASME Gold, Relevant accreditations in line with DSP Toolkit. Advisory Provide advice, guidance and auditing regarding: Audit and guide Business Asset Risk Assessments across the Trusts technical estate ISO27001:2013 GDPR/NIS Regulation Technical requirements Cyber Essentials Plus Data Security and Protection Toolkit Cyber Incident Response, including ability to host regional calls during outages/attacks/significant vulnerabilities Designing and directing the internal CareCert implementation and response process across all technical teams CareCert/NHS England alerts and evidential reports Product and Service analysis pre-procurement Lead on security analysis of products and services pre-implementation across a wide range of service users, including Financial, Clinical, and Operational systems Compliance and Compensating control scoping and design Advise the ISMS Group on technical aspects of Trust Risk Tracking and reporting security performance in terms of finance, quality and key milestones to the Trust Board, ISMS Group, and GRC Governance Groups. Internal Management process and change management security requirement Advise all technical teams around mandatory actions (patching etc) as well as best practice Provide technical and security guidance to Project Management Boards Provide Technical Guidance to the Information Governance Team and DPO Advise on Disciplinary cases of computer misuse Investigate and report serious or highly sensitive security breaches. Facilitate and deliver appropriate security reporting across all levels of the organisation and customer base. Educational Responsible for the design delivery and evaluation of: Technical Awareness Training Board Awareness Training Customer Organisation Awareness Training Skills Development Network Workshops and Seminars Areas covered within this training included Password Design and use, Account Safety, SPAM and Phishing awareness, Open WiFi safety, Dark Web overview. Internal Staff Awareness of GRC principles and the interoperability of Governance Risk and Compliance. Technical Across THIS, CHFT and the wider customer base, responsibility for the design, maintenance, and monitoring of: Corestream (GRC Business Assurance tool) End-point protection Email Protection Encryption Technologies Web Filtering Application control Data Leakage Mobile Device Management Vulnerability Testing Penetration Testing Phishing simulation campaigns SIEM and logging systems Cyber Incident Response OWASP top 10 compliance analysis Forensic Investigation/Breaches Managerial Duties Line manage a number of direct reports. To ensure all direct reports have up to date PDRs and half yearly reviews carried out in line with relevant policy of the host. To ensure that all direct reports have up to date Job Descriptions and Personal Specifications outlining the expectations of their role. Apply and participate in effective performance review and personal development planning. Apply all key employment policies and guidelines. Minimise risk and maintain a healthy and safe working environment. Contribute to and ensure the smooth running of the Health Informatics Service. Support colleagues within the Health Informatics Service in achievement of their own and team objectives. Keep up to date by developing a network of personal contacts. Financial Duties Ensure adherence to financial policy and practice. Ensure adherence to quality control mechanisms. Contribute to The Health Informatics Services service development and continuous improvement strategies as/where appropriate. Ensure all mandatory requirements are delivered and ensure Health Informatics Service delivers best value. Maintain budgetary controls. Managing Self Participate in regular supervision. Attend all mandatory training. Participate annually identifying, developing and agreeing your own development plan with your Line Manager using the Trust Appraisal. Comply with all Trust policies, procedures and protocols. Carry out duties with due regard to the Trusts Equal Opportunity Policy. Seek advice and support from Line Manager whenever necessary. Maintain professional conduct including appearance at all times. Ensure maintenance of Professional Registration. Willingness to work across a national footprint and throughout a multitype organisational customer base, including Primary and Secondary Care settings, Prisons, 3rd sector etc.