Cyber Security Manager
| Posting date: | 09 October 2025 |
|---|---|
| Salary: | £64,455.00 to £74,896.00 per year |
| Additional salary information: | £64455.00 - £74896.00 a year |
| Hours: | Full time |
| Closing date: | 15 October 2025 |
| Location: | Elland, HX5 9JP |
| Company: | NHS Jobs |
| Job type: | Permanent |
| Job reference: | C9372-25-0645 |
Summary
Please note: This role requires Security Check (SC) clearance. Candidates must already hold this clearance or be eligible to obtain it. Applicants must either currently hold SC clearance or be eligible and willing to undergo the Security Check vetting process. Due to the security-sensitive nature of this role, SC clearance is required. Strategic Formulate and implement the long term Cyber & IT Security Strategy and dependant Policies and Procedures, in line with THIS, CHFT, customer and national requirements Formulate the Health Informatics Cyber & IT Security business plan Scope, design and implement GRC Methodologies in conjunction with the DPO across all Trust departments Design CITS policies in line with existing and upcoming nationally and locally mandated compliancy requirements Support the senior leadership team to plan the long term development of The Health Informatics Service Maintain all business level certifications/accreditations e.g. Cyber Essentials, IASME, IASME Gold, Relevant accreditations in line with DSP Toolkit. Advisory Provide advice, guidance and auditing regarding: Audit and guide Business Asset Risk Assessments across the Trusts technical estate ISO27001:2013 GDPR/NIS Regulation Technical requirements Cyber Essentials Plus Data Security and Protection Toolkit Cyber Incident Response, including ability to host regional calls during outages/attacks/significant vulnerabilities Designing and directing the internal CareCert implementation and response process across all technical teams CareCert/NHS England alerts and evidential reports Product and Service analysis pre-procurement Lead on security analysis of products and services pre-implementation across a wide range of service users, including Financial, Clinical, and Operational systems Compliance and Compensating control scoping and design Advise the ISMS Group on technical aspects of Trust Risk Advise all technical teams around mandatory actions (patching etc) as well as best practice Provide Technical Guidance to the Information Governance Team and DPO Advise on Disciplinary cases of computer misuse Investigate and report serious or highly sensitive security breaches. Facilitate and deliver appropriate security reporting across all levels of the organisation and customer base. Educational Responsible for the design delivery and evaluation of: Technical Awareness Training Board Awareness Training Customer Organisation Awareness Training Skills Development Network Workshops and Seminars Areas covered within this training included Password Design and use, Account Safety, SPAM and Phishing awareness, Open WiFi safety, Dark Web overview. Internal Staff Awareness of GRC principles and the interoperability of Governance Risk and Compliance. Technical Across THIS, CHFT and the wider customer base, responsibility for the design, maintenance, and monitoring of: Corestream (GRC Business Assurance tool) End-point protection Email Protection Encryption Technologies Web Filtering Application control Data Leakage Mobile Device Management Vulnerability Testing Penetration Testing Phishing simulation campaigns SIEM and logging systems Cyber Incident Response OWASP top 10 compliance analysis Forensic Investigation/Breaches Managerial Duties Please see job description for full details of responsibilities