Job summary
Please note this organisation does not hold a sponsorship licence, we regret to inform you that we are unable to consider applications from individuals who require sponsorship.
The post holder will provide cyber oversight, working closely with all NHS organisations across the BaNES (Bath and North East Somerset), Wiltshire and Swindon (BSW) ICS footprint, and will likely dedicate their time 40% towards assurance and coordination activities, 40% technical input and 20% system wide leadership.
Main duties of the job
This role will be key in further developing our cyber strategy across our integrated care system.
1. Embed joined up cyber security principles and a strong cyber culture across the ICS.
2. Deliver assurance through maintenance of systems wide mechanisms including the ICS cyber risk register, DTAC process and the ICS cyber strategy with support from ICS member organisations.
3. Determine levels of cyber funding across the ICS through creation of detailed ICS system-wide cyber bids and business cases with input from NHS England's regional cyber leads.
4. Reduce duplication by solving/mitigating cyber issues once across the ICS.
5. Lead the review, creation, management and simplification of ICS system-wide policies and cyber initiatives.
6. Maximise use and benefit from centrally funded cyber solutions across the ICS.
7. Improved Emergency Preparedness, Resiliency & Response (EPRR) Cyber links across the ICS.
8. Coordinate joint incident response exercises, including overseeing actions from any lessons identified.
9. Be on-call as part of the ICS cyber technical advice cell CTAC to provide system wide cyber security advice in the event of a major incident.
About us
If you are offered employment with us, you will have the opportunity to join a friendly, quality focused and dynamic team that is supportive and cares about your working experience and your wellbeing.
BSW ICB have adopted agile working so this means the successful applicant will predominately be working from home but may be requested to work in any one of the ICB's office bases across BaNES, Swindon and Wiltshire. You will also have a contractual base within the BSW ICB office where your team is based.
Benefits BSW ICB offer include:
1. NHS Pension Scheme
2. Generous NHS annual leave entitlements commencing at 27 days per year rising to 33 days per year, pro rata, plus bank holidays.
3. Flexible working.
4. Modern IT equipment and an in-house IT help facility.
5. Colleague wellbeing support through a Staff Support Service and a wealth of wellbeing guidance and offers.
6. Colleague engagement forums and events.
7. Financial wellbeing guidance and benefits.
8. Opportunities for learning through training and continuous development.
9. Opportunity to buy additional annual leave.
Job responsibilities
1. Maintain and build constructive relationships with a broad range of internal and external stakeholders including Regional Working Groups and NHS England.
2. Participate in relevant internal and external working groups/projects, services, and initiatives to provide information and analytical advice and expertise.
3. Participate and represent the ICS within relevant BSW Digital working groups including running of the ICS wide cyber security group.
4. Interpret and explain information and highly complex issues to a wide range of internal and external stakeholders.
Project Management
1. Lead on coordinating ICS wide cyber projects and procurements via the Technical Design Authority (TDA).
2. Provide coordination of and participate in relevant internal and external working groups and provide cyber security advice, expertise, and support.
3. Liaison with external providers of ICS IT solutions to ensure appropriate standards of cyber security are adhered to.
4. Deliver complex material to a non-technical audience.
5. Ensuring that ICS wide cyber projects fall within agreed financial envelopes.
Cyber Security
1. Advise on cyber security for BSW ICS organisations, recommending actions and improvements utilizing existing dashboards.
2. Ensure system wide tracking of information assets and assessment of their protection status.
3. Track coverage of cyber tooling and ensure this meets or exceeds the prevailing threat levels.
4. Assist individual organisations to pilot potential ICS wide cyber solutions.
5. Utilise the ICS system wide risk register and additional dashboards as needed.
6. Ensure all ICS organisations respond to High Severity Alerts within the mandated timeframes.
7. Work with Information Governance (IG) leads to help ICS organisations complete the cyber related assertions of the DSPT.
8. Help develop an ICS wide incident response plan.
9. Develop a cyber security training and awareness plan for the ICS.
10. Assist ICS members in the implementation of the BSW Cyber Strategy.
11. Assist organisations with their disaster recovery and business continuity plans.
Strategy Development
1. Maintain and update the ICS Cyber Strategy.
2. Provide regular forward-looking assessments of potential cyber threats and issues.
3. Encourage the ICS to maximise the centrally funded cyber offering provided by NHS England.
4. Act as the ICS cyber link with Avon & Somerset LRF and Wiltshire & Swindon LRF.
Research and Development
1. Contribute to the development and reporting of key performance cyber indicators.
2. Maintain a thorough awareness of current and emerging technologies that may be beneficial to the ICS.
3. Influence and participate in defining cyber infused IT standards for services across the BSW ICS.
4. Actively pursue professional development.
Management, Planning, Organising and Ongoing Advice
1. Work closely with the Head of IT and relevant teams.
2. Adhere to good practice change control procedures.
3. Be flexible and adjust work schedules to meet BSW ICS requirements.
4. Participate in internal forums and meetings.
5. Contribute to the creation of technical documentation.
6. Acquire and maintain detailed knowledge of deployed technologies.
7. Maintain an awareness of changes to software, hardware, and technologies.
8. Exercise judgement in applying guidelines for setting priorities for resolution.
9. Ensure organisational policies are applied in own work environment.
10. Negotiate with and influence users and suppliers.
Person Specification
Qualification, Training Experience
Essential
* Masters degree level qualification relevant for the role or demonstrable equivalent level of experience.
* Evidence of continued professional development.
* Specialist cyber related qualification.
* Experience in delivering large scale technical cyber projects.
* Demonstrates skills enabling ability to clearly identify opportunities for efficiencies.
* Delivered and sustained successful vendor relationships.
* Demonstrable experience working in a highly sensitive large and complex environment.
* A demonstrable understanding of how cyber risk can impact business operations.
* A practical understanding of how cyber risk can impact clinical operations.
* Previous experience of imputing into strategic plans and policies.
Desirable
* Previous experience of working in digital in the NHS or a healthcare setting.
* Significant experience of successfully operating in a politically sensitive environment.
Knowledge
Essential
* Awareness of Information Governance, Data Security Protection Toolkit or CAF & GDPR.
* A good understanding of the technical cyber issues that impact IT and networking systems.
* Working knowledge of Risk Management.
* Knowledge of different security assurance frameworks.
* Understanding of data backup and recovery processes and standards.
Desirable
* Familiarity with Data Protection and Caldicott Principles.
* Experience of working in the NHS and/or local authorities.
* Understanding of the Primary, Community and Secondary Care environments.
* Working knowledge of TCPIP networking including Wi-Fi, Firewalls, Routing.
Communication Skills
Essential
* Ability to prepare and produce concise yet insightful communications.
* Able to communicate and present to a wide audience.
Analytical
Essential
* Ability to analyse very complex issues.
* Demonstrated capability to act upon incomplete information.
* Numerate with the ability to analyse a range of complex technical issues.
* Able to make pragmatic strategic and operational decisions.
Planning Skills
Essential
* Demonstrated capability to plan over short, medium and long-term timeframes.
* Experience of setting up and implementing complex processes.
* Ability to create bids and business cases.
Management skills
Essential
* Able to coordinate and work collaboratively across multiple organizations.
* Leadership and people management skills.
* Robust management/ownership of risks and issues.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.
Employer details
Employer name
NHS Bath and North East Somerset, Swindon and Wiltshire ICB
Address
Jenner House
Unit E3, Langley Park
Chippenham
SN15 1GG
Employer's website #J-18808-Ljbffr