Head of Information & Cyber Security
| Dyddiad hysbysebu: | 03 Mawrth 2026 |
|---|---|
| Cyflog: | Heb ei nodi |
| Gwybodaeth ychwanegol am y cyflog: | £76,965 - £88,682 per annum |
| Oriau: | Llawn Amser |
| Dyddiad cau: | 02 Ebrill 2026 |
| Lleoliad: | Seaton Delaval, NE25 0QJ |
| Cwmni: | Northumbria Healthcare NHS Foundation Trust |
| Math o swydd: | Parhaol |
| Cyfeirnod swydd: | 7826618/319-7826618JN |
Crynodeb
A Vacancy at Northumbria Healthcare - NHCT Northumbria Healthcare NHS Foundation Trust.
We are seeking an exceptional and forward thinking Head of Information & Cyber Security to lead our Trust's security strategy, ensuring our information, systems, and digital services remain resilient, compliant, and protected against evolving cyber threats.
This is a senior leadership position, accountable to the Board for establishing and maintaining a Trust-wide information security management program, responsible for shaping our information security governance framework, providing expert advice to executive leadership, developing an organisational security culture, and ensuring we meet all relevant regulatory and legislative requirements.
The Head of Information & Cyber Security is responsible for shaping and executing the Trust's information & cyber security strategy, ensuring alignment with Trust priorities and digital transformation goals.
This role will oversee the design, implementation, and continuous improvement of security policies, frameworks, standards and controls and manage the Trust's approach to risk assessment, threat intelligence, incident response and business continuity.
As Head of Information & Cyber Security you will be responsible for ensuring compliance with key regulations and standards including NIS2, DSPT, CAF, ISO27001, Cyber Essentials Plus, Data Protection Act 2018 and UK GDPR.
You will oversee the effective security operations, monitoring, vulnerability management and penetration testing programmes and act as the key point of contact with external partners such as the NHS Cyber Security Centre, suppliers and third-party security providers.
We manage three major locality hospitals at North Tyneside, Wansbeck and Hexham, plus a number of smaller community hospitals and clinics from Tynemouth to Berwick on Tweed, covering one of the largest geographical areas of any NHS trust in the country. Leading in innovation and quality – opening a state of the art Northumbria Specialist Emergency Care Hospital, the first of its kind in England. Do you want to work in one of the best performing NHS organisations in England? Work in an organisation that supports its staff and focuses on staff experience as much as it does the experience of its patients? You can live and breathe in an area that has the cleanest air, cost effective living, great nightlife, some of the best schools with a wealth of history available on your doorstep. Sound too good to be true? Well it isn’t, this is what you get when you work for Northumbria Healthcare, this is the Northumbria Way! Please read ‘applicant guidance notes’ before submitting your application.
· Responsible for developing and strengthening information and cyber security provision and implementing strong risk management strategies to protect the organisation
· To develop, maintain and effectively manage the implementation of policies, standards and controls in line with best practice, providing guidance and support to colleagues to ensure security and safety
· Develop the strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program
· Maintain and enhance the Information Security Management system (ISMS)
· To ensure that all changes to the IT environment comply with information security requirements
· Oversee security performance assessment of suppliers and internal resources
· Provide specialist advice on information and cyber security and increase awareness amongst staff
· To work with colleagues to ensure pro-active monitoring of IT infrastructure
· Ensure adherence to standards such as ISO27001, Cyber Essentials Plus and GDPR
· Identify threats, assess their impact, and take appropriate action to resolve and prevent them
· Ability to influence and present at Committee/Board level
· Respond to or manage security incidents/breaches, oversee patching/vulnerabilities or hardening systems including detection, response, recovery, and post-incident analysis
· To develop business cases for Trust capital investments around technical security
This advert closes on Tuesday 17 Mar 2026
We are seeking an exceptional and forward thinking Head of Information & Cyber Security to lead our Trust's security strategy, ensuring our information, systems, and digital services remain resilient, compliant, and protected against evolving cyber threats.
This is a senior leadership position, accountable to the Board for establishing and maintaining a Trust-wide information security management program, responsible for shaping our information security governance framework, providing expert advice to executive leadership, developing an organisational security culture, and ensuring we meet all relevant regulatory and legislative requirements.
The Head of Information & Cyber Security is responsible for shaping and executing the Trust's information & cyber security strategy, ensuring alignment with Trust priorities and digital transformation goals.
This role will oversee the design, implementation, and continuous improvement of security policies, frameworks, standards and controls and manage the Trust's approach to risk assessment, threat intelligence, incident response and business continuity.
As Head of Information & Cyber Security you will be responsible for ensuring compliance with key regulations and standards including NIS2, DSPT, CAF, ISO27001, Cyber Essentials Plus, Data Protection Act 2018 and UK GDPR.
You will oversee the effective security operations, monitoring, vulnerability management and penetration testing programmes and act as the key point of contact with external partners such as the NHS Cyber Security Centre, suppliers and third-party security providers.
We manage three major locality hospitals at North Tyneside, Wansbeck and Hexham, plus a number of smaller community hospitals and clinics from Tynemouth to Berwick on Tweed, covering one of the largest geographical areas of any NHS trust in the country. Leading in innovation and quality – opening a state of the art Northumbria Specialist Emergency Care Hospital, the first of its kind in England. Do you want to work in one of the best performing NHS organisations in England? Work in an organisation that supports its staff and focuses on staff experience as much as it does the experience of its patients? You can live and breathe in an area that has the cleanest air, cost effective living, great nightlife, some of the best schools with a wealth of history available on your doorstep. Sound too good to be true? Well it isn’t, this is what you get when you work for Northumbria Healthcare, this is the Northumbria Way! Please read ‘applicant guidance notes’ before submitting your application.
· Responsible for developing and strengthening information and cyber security provision and implementing strong risk management strategies to protect the organisation
· To develop, maintain and effectively manage the implementation of policies, standards and controls in line with best practice, providing guidance and support to colleagues to ensure security and safety
· Develop the strategic road map for an effective vulnerability detection, assessment, remediation, and threat intelligence program
· Maintain and enhance the Information Security Management system (ISMS)
· To ensure that all changes to the IT environment comply with information security requirements
· Oversee security performance assessment of suppliers and internal resources
· Provide specialist advice on information and cyber security and increase awareness amongst staff
· To work with colleagues to ensure pro-active monitoring of IT infrastructure
· Ensure adherence to standards such as ISO27001, Cyber Essentials Plus and GDPR
· Identify threats, assess their impact, and take appropriate action to resolve and prevent them
· Ability to influence and present at Committee/Board level
· Respond to or manage security incidents/breaches, oversee patching/vulnerabilities or hardening systems including detection, response, recovery, and post-incident analysis
· To develop business cases for Trust capital investments around technical security
This advert closes on Tuesday 17 Mar 2026