Job summary Chief Information Security Officer Band 8C, Full Time, Flexible working, Home or Remote Working The Chief Information Security Officer is the lead role within the Trust's Digital Services function for cyber security and information governance. The CISO wis responsible for developing the Trust's cyber security strategy, ensuring alignment with national and regional cyber strategies. The postholder will line manage the cyber security and IG teams, and will work with other senior leaders within digital services to ensure that the department specifically and also the Trust as a whole, understand the cyber agenda, and how to protect the systems and data the Trust holds. Proposed Interview Date - 16th April 2025 Main duties of the job The CISO is responsible for: - developing, implementing and reviewing the Trust's cyber security strategy - ensuring that there is training for staff on all things cyber security and information governance - oversight, delivery and reporting on the Data Security and Protection Toolkit - providing assurance to the Trust's SIRO and Chief Digital Officer on all things cyber - line managing a cyber team and the IG function, including the Trust's FOI responsibilities About us The Trust is a combined acute and community Trust in south west London. Croydon is the largest Borough in the sector, and the hospital provides services from its two main hospital sites and a range of community venues. The cyber and IG teams sit within the Digital Services Directorate, which is based at the main Croydon University Hospital site. The working pattern for all staff within the department is a mix of on site and remote working. Date posted 26 March 2025 Pay scheme Agenda for change Band Band 8c Salary £80,025 to £91,336 a year Per annum pro rata incl HCAS (outer) Contract Permanent Working pattern Full-time, Flexible working, Home or remote working Reference number C9199-25-0152 Job locations Croydon University Hospital NHS Trust 530 London Road Croydon CR7 7YE Job description Job responsibilities The CISO is responsible for: - developing and maintaining highly effective relationships with a range of internal and external stakeholders, including NHS England's regional cyber lead, and the CISO at SW London ICS - developing and delivering the Trust's cyber security strategy - managing the Trust's cyber security and IG frameworks, including associated policies and procedures - developing, managing and reporting on a suite of cyber security KPIs - reviewing the Trust's cyber and IG capacity and capability, ensuring that it remains sufficient in terms of capacity and capability, to meet changing standards and requirements s they change from time to time. Job description Job responsibilities The CISO is responsible for: - developing and maintaining highly effective relationships with a range of internal and external stakeholders, including NHS England's regional cyber lead, and the CISO at SW London ICS - developing and delivering the Trust's cyber security strategy - managing the Trust's cyber security and IG frameworks, including associated policies and procedures - developing, managing and reporting on a suite of cyber security KPIs - reviewing the Trust's cyber and IG capacity and capability, ensuring that it remains sufficient in terms of capacity and capability, to meet changing standards and requirements s they change from time to time. Person Specification Qualifications Essential oEducated to masters level or equivalent level of experience of working at a senior level in specialist area. Qualifications Essential One or more security qualifications, including CISSP, CISM Knowledge Essential Extensive knowledge of relevant public and private sector cyber security practice Knowledge Essential Extensive Knowledge of key legislation and mandated standards including GDPR, NISR, DS&P Toolkit, Cyber Essentials accreditation Knowledge Essential Experience of IT incident response, including Disaster Recovery and Business Continuity Experience Essential Experience of managing complex, strategic technology and cyber security projects or areas with complex working practices Experience Essential Experience of successfully operating in and delivering priorities in a partnership environment Skills Essential Demonstrated capability to plan over short, medium and long-term timeframes and adjust plans and resource requirements accordingly Skills Essential Excellent written and verbal communication skills with the ability to communicate, negotiate and influence staff at all levels in the organisation Skills Essential Ability to make decisions autonomously, when required, on difficult issues Person Specification Qualifications Essential oEducated to masters level or equivalent level of experience of working at a senior level in specialist area. Qualifications Essential One or more security qualifications, including CISSP, CISM Knowledge Essential Extensive knowledge of relevant public and private sector cyber security practice Knowledge Essential Extensive Knowledge of key legislation and mandated standards including GDPR, NISR, DS&P Toolkit, Cyber Essentials accreditation Knowledge Essential Experience of IT incident response, including Disaster Recovery and Business Continuity Experience Essential Experience of managing complex, strategic technology and cyber security projects or areas with complex working practices Experience Essential Experience of successfully operating in and delivering priorities in a partnership environment Skills Essential Demonstrated capability to plan over short, medium and long-term timeframes and adjust plans and resource requirements accordingly Skills Essential Excellent written and verbal communication skills with the ability to communicate, negotiate and influence staff at all levels in the organisation Skills Essential Ability to make decisions autonomously, when required, on difficult issues Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Employer details Employer name Croydon Health Services NHS Trust Address Croydon University Hospital NHS Trust 530 London Road Croydon CR7 7YE Employer's website https://www.croydonhealthservices.nhs.uk/recruitment/ (Opens in a new tab)