Job summary Patient Care Locally (PCL) is a forward-thinking and progressive healthcare organisation dedicated to providing high-quality, patient-focused care. As we continue to embrace our digital capabilities on our digital transformation journey, we are looking to recruit an Information Security Manager to support our cybersecurity strategy, enhance our digital footprint, lead digital security initiatives, and help to safely integrate AI into our operations. This is an exciting and challenging opportunity to help build the organisations digital footprint and drive the way the organisation improves operational performance, patient care, and operational enhancements. You will be part of a fast-growing Digital Team who focus on providing specialist levels of Information Management and Technology (IM&T), Project Management, Information Governance, Cybersecurity and Digital expertise to a range of stakeholders. This is a key role in ensuring the organisations digital safety and resilience. You will support the implementation and maintenance of cybersecurity frameworks, ensure compliance with relevant regulations, and lead efforts to embed security awareness across the business. You will play a vital role in introducing AI-driven efficiencies while ensuring patient and organisational data remains secure. Additionally, you will be responsible for keeping up to date with emerging cybersecurity trends, attending industry events, and sharing insights with teams across the organisation. Main duties of the job The below describes the important aspects of the role but is not an exhaustive list. The role will continue to grow and adapt with the Digital Team and wider organisation: Strategy Technical Requirements Organisation Initiatives and Advancements Team Support Development About us Patient Care Locally (PCL) is a not-for-profit Community Interest Company (CIC) dedicated to enhancing healthcare delivery within Leicester, Leicestershire, and Rutland. Operating in close collaboration with the NHS, PCL focuses on identifying and addressing patient care needs that can be managed within primary care and community settings, thereby alleviating pressure on hospital services and ensuring patients receive timely, appropriate care closer to home. By delivering care in local settings, PCL ensures that patients receive the right care at the right time and in the right place. PCL is rapidly expanding beyond Leicester, Leicestershire and Rutland and are committed to maintaining the highest standards of quality in its service provision. By focusing on patient-centred care and continuous improvement, PCL strives to meet the evolving healthcare needs of local populations effectively. PCL has been recognised for our innovative working across various awards sectors including being a finalist at the HSJ Awards in 2024 and a finalist at the Strategic PA Awards in 2024. More information can be found at the LLR PCL website: Home Patient - LLR PCL - Leicester, Leicestershire and Rutland Patient Care Locally Date posted 25 February 2025 Pay scheme Other Salary £46,148 to £48,526 a year Contract Permanent Working pattern Full-time Reference number E0349-25-0004 Job locations Office 2 and 3, Coalville Business Centre Goliath Way Coalville Leicestershire LE67 3FT Job description Job responsibilities Key Areas of Responsibility The below describes the current role functions but is not an exhaustive list. The role will continue to grow and adapt with the Digital team and wider organisation: Strategy: Support the implementation of the Digital strategy including aligning the business to our forward-thinking objectives to make advancements within the digital field. Lead the implementation of the AI strategy across the organisation. Be a Digital champion for Information Governance and Cybersecurity across the organisation. This includes advocating for best practices in data protection, confidentiality, and cyber resilience. You will be vital in encouraging compliance with legislation, raising awareness, supporting incident responses, and bridging the gap between technical security measures and everyday practice ensuring that staff understand their role in protecting data. Support the safe introduction of AI technologies to improve efficiencies and patient care while ensuring compliance with ethical and legal standards. Leading on scheduled security and governance reviews of the use of AI and scoping for new technologies. Technical Requirements Support the development and implementation of cybersecurity policies and procedures in line with NHS Digital security standards and Cyber Essentials. Support incident response efforts, ensuring breaches are managed effectively and lessons are learned. Assist in risk assessment and audits to ensure compliance with UK General Data Protection Regulation (GDPR), the UK Data Protection Act, and NHS Digital security requirements. Lead the completion of regulatory certification renewals such as the Data Security Protection Toolkit (DSPT) and Cyber Essentials across all PCL entities. To assist colleagues across other departments within the organisation with queries and finding solutions, this may include completing due diligence checks and Data Protection Impact Assessments (DPIAs) on new systems, partnerships, and providers. Build and maintain relationships with external cybersecurity experts, NHS England, and regulatory bodies. Stay updated on emerging cybersecurity threats, AI developments and NHS England policies. Ability to follow policies and procedures for own area and proposal of changes impacting cross-professional working groups. Monitor cybersecurity threats, investigate incidents, and recommend risk-mitigation strategies. Organisation Initiatives & Advancements Create Standard Operating Procedures (SOPs) to regulate cybersecurity and governance standards within the business. Work with the Digital and all other business teams to embed security best practices into new systems and processes. Lead on developing secure digital outreach initiatives to enhance staff engagement. Work to foster a culture of cybersecurity awareness across the organisation. Produce and distribute regular cybersecurity newsletters to keep employees informed about industry updates and best practices. Contribute to digital transformation initiatives, helping the organisation control technology securely and effectively. Deliver cybersecurity training sessions for staff at all levels. This includes part of the induction process, proactively reviewing training needs analysis across PCL as well as creating educational content and supporting teams to follow best practices. Team Support Collaboration across all PCL partner organisations, strategic relationships, and new company entities. Organising and prioritising workload. Communication of the highest standard with internal and external stakeholders of PCL. Attending both virtual Teams and in person meetings as required. Forming and maintaining good working relationships with all. To work closely with other teams across the organisation including the Enabling team (Contracts, Finance, Business Intelligence, Business Support, People Practice and Digital) to assist with governance procedures and expertise. Development: Deputising for the Head of Governance for Information and Technology as required. Deputising for the Digital and Projects Manager as required. Attending PCL Stakeholder events to broaden your network and build relationships. Attending our bi-annual PCL staff development and engagement sessions. A commitment to personal development and continued professional development in relevant areas to the role. Keep up to date with all new and mandatory training associated with the role. Attend relevant conferences, webinars and training to horizon scan and better understand the digital health care industry, ensuring that key learnings are shared with the wider team. Job description Job responsibilities Key Areas of Responsibility The below describes the current role functions but is not an exhaustive list. The role will continue to grow and adapt with the Digital team and wider organisation: Strategy: Support the implementation of the Digital strategy including aligning the business to our forward-thinking objectives to make advancements within the digital field. Lead the implementation of the AI strategy across the organisation. Be a Digital champion for Information Governance and Cybersecurity across the organisation. This includes advocating for best practices in data protection, confidentiality, and cyber resilience. You will be vital in encouraging compliance with legislation, raising awareness, supporting incident responses, and bridging the gap between technical security measures and everyday practice ensuring that staff understand their role in protecting data. Support the safe introduction of AI technologies to improve efficiencies and patient care while ensuring compliance with ethical and legal standards. Leading on scheduled security and governance reviews of the use of AI and scoping for new technologies. Technical Requirements Support the development and implementation of cybersecurity policies and procedures in line with NHS Digital security standards and Cyber Essentials. Support incident response efforts, ensuring breaches are managed effectively and lessons are learned. Assist in risk assessment and audits to ensure compliance with UK General Data Protection Regulation (GDPR), the UK Data Protection Act, and NHS Digital security requirements. Lead the completion of regulatory certification renewals such as the Data Security Protection Toolkit (DSPT) and Cyber Essentials across all PCL entities. To assist colleagues across other departments within the organisation with queries and finding solutions, this may include completing due diligence checks and Data Protection Impact Assessments (DPIAs) on new systems, partnerships, and providers. Build and maintain relationships with external cybersecurity experts, NHS England, and regulatory bodies. Stay updated on emerging cybersecurity threats, AI developments and NHS England policies. Ability to follow policies and procedures for own area and proposal of changes impacting cross-professional working groups. Monitor cybersecurity threats, investigate incidents, and recommend risk-mitigation strategies. Organisation Initiatives & Advancements Create Standard Operating Procedures (SOPs) to regulate cybersecurity and governance standards within the business. Work with the Digital and all other business teams to embed security best practices into new systems and processes. Lead on developing secure digital outreach initiatives to enhance staff engagement. Work to foster a culture of cybersecurity awareness across the organisation. Produce and distribute regular cybersecurity newsletters to keep employees informed about industry updates and best practices. Contribute to digital transformation initiatives, helping the organisation control technology securely and effectively. Deliver cybersecurity training sessions for staff at all levels. This includes part of the induction process, proactively reviewing training needs analysis across PCL as well as creating educational content and supporting teams to follow best practices. Team Support Collaboration across all PCL partner organisations, strategic relationships, and new company entities. Organising and prioritising workload. Communication of the highest standard with internal and external stakeholders of PCL. Attending both virtual Teams and in person meetings as required. Forming and maintaining good working relationships with all. To work closely with other teams across the organisation including the Enabling team (Contracts, Finance, Business Intelligence, Business Support, People Practice and Digital) to assist with governance procedures and expertise. Development: Deputising for the Head of Governance for Information and Technology as required. Deputising for the Digital and Projects Manager as required. Attending PCL Stakeholder events to broaden your network and build relationships. Attending our bi-annual PCL staff development and engagement sessions. A commitment to personal development and continued professional development in relevant areas to the role. Keep up to date with all new and mandatory training associated with the role. Attend relevant conferences, webinars and training to horizon scan and better understand the digital health care industry, ensuring that key learnings are shared with the wider team. Person Specification Commitment to Values & Behaviours Essential Must be able to demonstrate behaviours consistent with the PCLs Values and Behaviours. Personal Skills Essential Strong analytical skills ability to risk assess and recommend effective solutions. Clear communicator able to translate complex cybersecurity concepts and language into business-friendly terminology. Proactive and forward thinking keeping up with digital trends and emerging threats. Organised and detail-orientated able to manage multiple projects effectively. Team player works collaboratively within the teams across the organisation. Ability to drive change and influence others with passion and integrity in your work. Have great interpersonal and organisational skills. Willingness to learn new skills and follow process. Ability to work independently, prioritising own workload and escalating when needed. Being perceptive and able to work on intuition. A commitment to continued professional development and being driven. Knowledge Essential Working knowledge of cybersecurity frameworks such as ISO 27001, NIST, Cyber Essentials and NHS Digital Security Standards. Understanding of data protection laws (GDPR, UK Data Protection Act) and their application within healthcare. Proficient user of MS Office suite such as Word, PowerPoint, and Excel. Understanding of emerging technologies such as AI, automation, and telehealth. Desirable Knowledge of clinical healthcare systems including SystmOne and EMIS Web. Experience Essential Experience with cloud security and AI-driven technologies in a healthcare environment. Experience in information security or cybersecurity roles, ideally within healthcare or a regulated sector. Strong technical skills in IT security, risk management and incident response. Experience of completing Cyber Essentials accreditation. Desirable Experience delivering cybersecurity training and raising awareness across an organisation. Experience working with and/or managing contractors. Experience of completing DSPT. Qualifications Essential Completed or working towards relevant IT security or digital qualifications such as those listed or equivalent: Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or Digital Transformation Certification Equality & Diversity Essential Able to demonstrate a commitment and understanding of the importance of treating all individuals with dignity and respect appropriate to their individual needs. Person Specification Commitment to Values & Behaviours Essential Must be able to demonstrate behaviours consistent with the PCLs Values and Behaviours. Personal Skills Essential Strong analytical skills ability to risk assess and recommend effective solutions. Clear communicator able to translate complex cybersecurity concepts and language into business-friendly terminology. Proactive and forward thinking keeping up with digital trends and emerging threats. Organised and detail-orientated able to manage multiple projects effectively. Team player works collaboratively within the teams across the organisation. Ability to drive change and influence others with passion and integrity in your work. Have great interpersonal and organisational skills. Willingness to learn new skills and follow process. Ability to work independently, prioritising own workload and escalating when needed. Being perceptive and able to work on intuition. A commitment to continued professional development and being driven. Knowledge Essential Working knowledge of cybersecurity frameworks such as ISO 27001, NIST, Cyber Essentials and NHS Digital Security Standards. Understanding of data protection laws (GDPR, UK Data Protection Act) and their application within healthcare. Proficient user of MS Office suite such as Word, PowerPoint, and Excel. Understanding of emerging technologies such as AI, automation, and telehealth. Desirable Knowledge of clinical healthcare systems including SystmOne and EMIS Web. Experience Essential Experience with cloud security and AI-driven technologies in a healthcare environment. Experience in information security or cybersecurity roles, ideally within healthcare or a regulated sector. Strong technical skills in IT security, risk management and incident response. Experience of completing Cyber Essentials accreditation. Desirable Experience delivering cybersecurity training and raising awareness across an organisation. Experience working with and/or managing contractors. Experience of completing DSPT. Qualifications Essential Completed or working towards relevant IT security or digital qualifications such as those listed or equivalent: Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or Digital Transformation Certification Equality & Diversity Essential Able to demonstrate a commitment and understanding of the importance of treating all individuals with dignity and respect appropriate to their individual needs. Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name LLR Patient Care Locally Community Interest Company Address Office 2 and 3, Coalville Business Centre Goliath Way Coalville Leicestershire LE67 3FT Employer's website https://llrpcl.co.uk (Opens in a new tab)