Main area: Cyber Security
Grade: NHS AfC: Band 8a
Contract: 2 years (Fixed Term)
Hours: Full time - 37.5 hours per week (Be on-call as part of the ICS cyber technical advice cell CTAC to provide system-wide cyber security advice in the event of a major incident.)
Job ref: 983-ICB-7162TG
Employer: NHS Bath and North East Somerset, Swindon and Wiltshire ICB
Employer type: NHS
Site: Jenner House
Town: Chippenham
Salary: £53,755 - £60,504 per annum
Salary period: Yearly
Closing: 15/01/2025 23:59
Interview date: 31/01/2025
ICS Cyber Security Manager
Job overview
Please note this organisation does not hold a sponsorship licence; we regret to inform you that we are unable to consider applications from individuals who require sponsorship.
The post holder will provide cyber oversight, working closely with all NHS organisations across the BaNES (Bath and North East Somerset), Wiltshire and Swindon (BSW) ICS footprint, dedicating their time 40% towards assurance and coordination activities, 40% technical input, and 20% system-wide leadership.
Main duties of the job
This role will be key in further developing our cyber strategy across our integrated care system.
1. Embed joined up cyber security principles and a strong cyber culture across the ICS.
2. Deliver assurance through maintenance of systems-wide mechanisms including the ICS cyber risk register, DTAC process, and the ICS cyber strategy with support from ICS member organisations.
3. Determine levels of cyber funding across the ICS through the creation of detailed ICS system-wide cyber bids and business cases with input from NHS England’s regional cyber leads.
4. Reduce duplication by solving/mitigating cyber issues once across the ICS.
5. Lead the review, creation, management, and simplification of ICS system-wide policies and cyber initiatives.
6. Maximise use and benefit from centrally funded cyber solutions across the ICS.
7. Improve Emergency Preparedness, Resiliency & Response (EPRR) Cyber links across the ICS.
8. Coordinate joint incident response exercises, including overseeing actions from any lessons identified.
9. Be on-call as part of the ICS cyber technical advice cell CTAC to provide system-wide cyber security advice in the event of a major incident.
Working for our organisation
If you are offered employment with us, you will have the opportunity to join a friendly, quality-focused, and dynamic team that is supportive and cares about your working experience and wellbeing.
BSW ICB have adopted agile working, meaning the successful applicant will predominantly be working from home but may be requested to work in any of the ICB’s office bases across BaNES, Swindon, and Wiltshire.
Benefits BSW ICB offer include:
* Generous NHS annual leave entitlements commencing at 27 days per year rising to 33 days per year, pro rata, plus bank holidays.
* Flexible working.
* Modern IT equipment and an in-house IT help facility.
* Colleague wellbeing support through a Staff Support Service and a wealth of wellbeing guidance and offers.
* Colleague engagement forums and events.
* Financial wellbeing guidance and benefits (including NHS staff offers, health service discounts, cycle scheme, car lease scheme, money helper service).
* Opportunities for learning through training and continuous development.
* Opportunity to buy additional annual leave.
Detailed job description and main responsibilities
The post holder will be required to maintain and build constructive relationships with a broad range of internal and external stakeholders including Regional Working Groups and NHS England.
Participate in relevant internal and external working groups/projects, services, and initiatives to provide information and analytical advice and expertise.
Participate and represent the ICS within relevant BSW Digital working groups including running of the ICS wide cyber security group.
Interpret and explain information and highly complex issues to a wide range of internal and external stakeholders.
Project Management
1. Lead on coordinating ICS wide cyber projects and procurements via the Technical Design Authority (TDA).
2. Provide coordination of and participate in relevant internal and external working groups and provide cyber security advice, expertise, and support where requested.
3. Liaison with external providers of ICS IT solutions to ensure appropriate standards of cyber security are adhered to.
4. Deliver complex material to a non-technical audience.
5. Ensuring that ICS wide cyber projects fall within agreed financial envelopes.
Cyber Security
1. Advise on cyber security for BSW ICS organisations, recommending actions and improvements.
2. Ensure system-wide tracking of information assets and assessment of their protection status.
3. Track coverage of cyber tooling and ensure this meets or exceeds the prevailing threat levels.
4. Assist individual organisations to pilot potential ICS wide cyber solutions.
5. Utilise the ICS system-wide risk register and additional dashboards as needed.
6. Ensure all ICS organisations respond to High Severity Alerts within the mandated timeframes.
7. Work with Information Governance (IG) leads to help ICS organisations complete the cyber related assertions of the DSPT.
8. Help develop an ICS wide incident response plan, including business continuity requirements.
9. Develop a cyber security training and awareness plan for the ICS.
10. Assist ICS members in the implementation of the BSW Cyber Strategy.
11. Assist organisations with their disaster recovery and business continuity plans.
12. Assist ICS organisations in achieving alignment with NCSCs guidance on backups.
Maintain and update the ICS Cyber Strategy ensuring it stays relevant and aligned to central cyber strategies.
Provide regular forward-looking assessments of potential cyber threats and issues.
Encourage the ICS to maximise the centrally funded cyber offering provided by NHS England.
Coordinate any system-wide cyber returns required at an ICS level.
Act as the ICS cyber link with Avon & Somerset LRF and Wiltshire & Swindon LRF.
Research and Development
1. Contribute to the development and reporting of key performance cyber indicators.
2. Maintain a thorough awareness of current and emerging technologies.
3. Influence and participate in defining cyber infused IT standards.
4. Actively pursue professional development.
Management, Planning, Organising and Ongoing Advice
1. Work closely with the Head of IT and relevant teams to plan and manage the delivery of cyber schemes.
2. Adhere to good practice change control procedures and relevant BSW and NHS policies.
3. Be flexible and adjust work schedules to meet BSW ICS requirements.
4. Participate in internal forums and meetings as required.
5. Contribute to the creation of technical documentation.
6. Acquire and maintain detailed knowledge of deployed technologies.
7. Maintain an awareness of changes to software, hardware, and technologies.
8. Exercise judgement in applying guidelines for setting priorities for resolution.
9. Ensure organisational policies are applied in own work environment.
10. Negotiate with and influence users and suppliers.
Person specification
Qualification, Training Experience
* Masters degree level qualification relevant for the role or demonstrable equivalent level of experience.
* Evidence of continued professional development.
* Specialist cyber related qualification.
* Experience in delivering large scale technical cyber projects.
* Demonstrates skills enabling the ability to identify opportunities for efficiencies.
* Delivered and sustained successful vendor relationships.
* Demonstrable experience working in a highly sensitive large and complex multi-tiered environment.
* A demonstrable understanding of how cyber risk can impact business operations.
* A practical understanding of how cyber risk can impact clinical operations.
* Previous experience of inputting into strategic plans and policies.
* Previous experience of working in digital in the NHS or a healthcare setting.
* Significant experience of successfully operating in a politically sensitive environment.
Knowledge
* Awareness of Information Governance, Data Security Protection Toolkit or CAF & GDPR.
* A good understanding of the technical cyber issues that impact IT and networking systems.
* Working knowledge of Risk Management.
* Knowledge of different security assurance frameworks.
* Understanding of data backup and recovery processes and standards.
* Familiarity with Data Protection and Caldicott Principles.
* Experience of working in the NHS and/or local authorities.
* Understanding of the Primary, Community and Secondary Care environments.
* Working knowledge of TCPIP networking including Wi-Fi, Firewalls, Routing with security implications.
Communication Skills
* Ability to prepare and produce concise yet insightful communications.
* Able to communicate and present to a wide audience.
Analytical
* Ability to analyse very complex issues.
* Demonstrated capability to act upon incomplete information.
* Numerate with the ability to analyse a range of complex technical issues.
* Able to make pragmatic strategic and operational decisions.
Planning Skills
* Demonstrated capability to plan over short, medium and long-term timeframes.
* Experience of setting up and implementing complex processes.
* Ability to create bids and business cases.
* Able to coordinate and work collaboratively across multiple organizations.
* Leadership and people management skills.
* Robust management/ownership of risks and issues.
Employer certification / accreditation badges
This post will require a submission for Disclosure to be made to check for any unspent criminal convictions.
#J-18808-Ljbffr