Job summary An exciting opportunity has arisen within the Digital Senior Leadership team at South Central Ambulance Service for a Head of Cyber Security (HCOS). We are looking for an enthusiastic, highly motivated, and flexible individual with excellent leadership, technical, interpersonal, communication and organisational skills to lead the Cyber Security Team responsible for safeguarding the Trust's information, physical assets and cyber infrastructure. Strong stakeholder relationships are vital to this role, both within the trust and with external partners. With a proven track record in management and leadership, you will provide guidance, direction and mentorship to the team and help to develop junior members of staff in their careers. Alongside these responsibilities, it will be important to have a focus on continuous service improvement. Main duties of the job The Head of Cyber Security (HCOS) will develop, implement and oversee the Trusts cyber security policies, procedures, and strategies. The post holder has operational responsibility for the management of the Cyber Security team ensuring that effective cyber security measures are in place to enable the operation of safe, effective and efficient digital systems and services. The primary purpose of the role is maintaining measures to prevent unauthorised data theft, loss & disclosure; minimising risk of interruption to business-as-usual services that might arise from malicious activity and; identifying and delivering new and more efficient models of cyber security. The post holder will act as the Trusts expert on cyber security protection, detection, response, and recovery. The role will be responsible for the Trust's pro-active strategic approach to cyber threat management and will lead the strategic planning of current and future digital security solutions, researching and reviewing industry best practice and upcoming changes to technology. The post holder will be an experienced leader, who will lead a dynamic team in delivering an effective Cyber Security service The post holder will own and be responsible for the completion of all digital and cyber elements of the Data Security Protection Toolkit in addition to working towards and maintaining Cyber Essentials (Plus) certification on behalf of the Trust and providing update reports for senior leaders. About us Benefits we offer: Full training and a range of courses which you can book locally. Holiday entitlement of 27 days, rising to 29 days after 5 years' service and 33 days after 10 years' service, plus an additional 8 days bank holiday (pro rata for part time). Automatic enrolment into the NHS Pension Scheme. Access to continual professional development within SCAS and the wider NHS. Occupational Health support and direct access to our Employee Assistance Programme as well as our own Health and Wellbeing Team. NHS Discounts in over 200 stores saving money on holidays, days out, car insurance, restaurants, clothing and much more. Ability to join our staff networking groups (as a member, ally or just for interest). Corporate Induction It's really important for us to ensure you have the best onboarding experience which allows you to feel a sense of belonging from the start. To help with this, we will book your Corporate Induction as soon as we possibly can (depending on availability). All new starters need to attend our Corporate Induction in person, this is held over one and half days from our educational centres based in: Newbury (Berkshire), Bicester (Oxfordshire) or Whiteley (Hampshire). More specific details will be sent to you once your start date has been confirmed. Please note - depending on your role additional training may be required following on from your corporate induction. Date posted 17 January 2025 Pay scheme Agenda for change Band Band 8b Salary £62,215 to £72,293 a year Pa Pro Rota Per annum Contract Permanent Working pattern Full-time Reference number 195-25-187-TAM Job locations Bicester or Otterbourne Bicester OX26 6HR Job description Job responsibilities Please see the attached Job Description and Person Specification for a full list of responsibilities. As a senior manager within SCAS you will be required to provide leadership to your team to ensure the effective provision of the service they provide and to champion change in the organisation. You will ensure that your staff are motivated and express a positive attitude towards the organisation. You will address any issues and concerns that may inhibit your staff from achieving both their personal and organisational goals. The HOCS leads and owns the Trusts information security strategy; drives and owns the Trusts information security posture, using a risk based approach; and takes a comprehensive approach to information security. The HOCS leads IT security activities within the Trust, managing the information and technology risk to the Trusts IT facilities and information from internal and external threats; advises the Trust at a strategic level on existing and emerging threats; and owns and develops the necessary IT security policies, standards, and procedures. Job description Job responsibilities Please see the attached Job Description and Person Specification for a full list of responsibilities. As a senior manager within SCAS you will be required to provide leadership to your team to ensure the effective provision of the service they provide and to champion change in the organisation. You will ensure that your staff are motivated and express a positive attitude towards the organisation. You will address any issues and concerns that may inhibit your staff from achieving both their personal and organisational goals. The HOCS leads and owns the Trusts information security strategy; drives and owns the Trusts information security posture, using a risk based approach; and takes a comprehensive approach to information security. The HOCS leads IT security activities within the Trust, managing the information and technology risk to the Trusts IT facilities and information from internal and external threats; advises the Trust at a strategic level on existing and emerging threats; and owns and develops the necessary IT security policies, standards, and procedures. Person Specification Qualifications Essential Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (eg ISO 27001/2) Educated to Masters level or equivalent industry experience Desirable Management Qualification Technical accreditations (eg MS Certified Systems Engineer (MCSE)) Knowledge Essential Ability to think strategically and develop long-term plans and strategies. Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.) Significant experience working on both strategic & operational matters and managing digital services, at a senior level Significant experience in delivering and managing information security within large organisations Experience of developing and implementing digital & cyber security strategies, development programmes and business cases Skills Essential Strong and effective leadership and people management skills Strong influencing, persuasion and negotiating skills to gain agreement from multiple stakeholders Highly developed verbal and written communication and presentation skills suitable for a range of audiences, including chairing of meetings Ability to work with and through others Person Specification Qualifications Essential Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (eg ISO 27001/2) Educated to Masters level or equivalent industry experience Desirable Management Qualification Technical accreditations (eg MS Certified Systems Engineer (MCSE)) Knowledge Essential Ability to think strategically and develop long-term plans and strategies. Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.) Significant experience working on both strategic & operational matters and managing digital services, at a senior level Significant experience in delivering and managing information security within large organisations Experience of developing and implementing digital & cyber security strategies, development programmes and business cases Skills Essential Strong and effective leadership and people management skills Strong influencing, persuasion and negotiating skills to gain agreement from multiple stakeholders Highly developed verbal and written communication and presentation skills suitable for a range of audiences, including chairing of meetings Ability to work with and through others Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Certificate of Sponsorship Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab). From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab). Additional information Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Certificate of Sponsorship Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website (Opens in a new tab). From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants (Opens in a new tab). Employer details Employer name South Central Ambulance Service NHS Foundation Trust Address Bicester or Otterbourne Bicester OX26 6HR Employer's website https://scasjobs.co.uk/ (Opens in a new tab)