Job vacancy: Band 8d Head of Digital Security, Royal Free London NHS Foundation Trust, London

Job summary

Main area

Cyber Security

Grade

NHS AfC: Band 8d

Contract

Permanent

Hours

Full time
Flexible working

Job ref

391-RFL-7154968

Employer: Royal Free London NHS Foundation Trust
Employer type: NHS
Site: Royal Free London NHS Foundation Trust
Town: London
Salary: £96,340 - £109,849 per annum inclusive of HCAS
Salary period: Yearly
Closing: 22/05/2025 23:59

Band 8d Head of Digital Security

NHS AfC: Band 8d

The North Middlesex University Hospital NHS Trust is a medium-sized acute and community trust with over 525 beds and over 600 community staff, serving more than 600,000 people living across Enfield and Haringey and the surrounding areas, including Barnet and Waltham Forest.

The hospital has been on its present site for over 100 years and was established as an NHS trust by statute in December 1990. The Trust’s services are provided on the North Middlesex University Hospital site as well as a range of community sites across the London Borough of Enfield, including at partner hospitals. They provide services in collaboration with a range of partners, including local GPs, acute, mental health and other community health service providers across North Central London.

In the year ending 31 March 2022, the Trust reported a turnover of £419.7m and employed almost 4,000 staff. Following the transfer of Enfield Community Services on 1st April 2023, this has increased as we have welcomed over 600 new staff including District Nurses, Community Matrons, Community Physiotherapists, Psychologists and many more across a wide range of adult and children’s community services in Enfield. It is an exciting time to join North Mid as we continue our journey to become an integrated care organisation to deliver high quality, seamless care in our local communities, with a focus on tackling health inequalities.

Detailed job description and main responsibilities

Incident Management:

• Lead the Trust’s response to cyber incidents and service outages, ensuring rapid recovery and minimising disruption. Develop and maintain incident response plans, conduct post-incident reviews, and implement improvements based on lessons learned.
• Examples: Orchestrating the response to a ransomware attack by activating the incident response team, isolating affected systems, and working with external experts to recover data. Post-incident, reviewing logs and collaborating with all stakeholders to improve resilience and prevent future occurrences.

Stakeholder Collaboration:

• Work closely with Digital Services teams such as network, server, endpoint management, patient information systems, technical operations, and information governance to ensure that security best practices are embedded throughout the organisation.
• Examples: Collaborating with the network team to ensure network segmentation and firewalls are properly configured to mitigate risks; working with patient system managers to secure medical devices and ensure they comply with cyber security standards, such as applying encryption and access controls for sensitive health records.

Governance, Risk, and Compliance (GRC):

• Lead the implementation of GRC frameworks, ensuring robust administrative and technical controls are in place. Conduct regular internal and external audits to verify that data confidentiality, integrity, and availability (CIA) principles are being upheld. Cyber Assurance Framework (CAF) and other standard industry compliance standards such as ISO27001, NIS2 and NCSC Cyber Essentials.
• Responsible for the production and distribution of Monthly Information Security Reporting
• Examples: Managing the lifecycle of security policies and standards across the Trust, conducting quarterly GRC reviews, and implementing automated tools to monitor compliance. Regularly auditing access control policies and ensuring that only authorised personnel can access sensitive health information.
• Examples: Production of monthly IGG Security KPI Metrics

Industry Standards & Compliance:

• Ensure compliance with key cyber security frameworks, such as the Cyber Assurance Framework (CAF), ISO27001, NIS2, and NCSC Cyber Essentials. Proactively identify and address gaps in compliance through process improvement and remediation plans.
• Examples: Leading initiatives to prepare for and pass ISO27001 certification audits by ensuring that all documented procedures, access controls, and security protocols are in line with certification requirements. Working with the compliance team to regularly update risk assessments and ensure adherence to NCSC’s Cyber Essentials framework, particularly for critical infrastructure and patient data systems.

Risk Management & Mitigation:

• Stay up to date with the latest cyber threats, vulnerabilities, and attack vectors. Develop and implement mitigation strategies such as timely patch management, system updates, and enhanced monitoring to ensure proactive defence mechanisms are in place.
• Examples: Monitoring threat intelligence feeds and deploying real-time threat monitoring tools like SIEM (Security Information and Event Management) solutions. Leading efforts to implement a vulnerability management program, prioritising patching schedules for critical systems, and coordinating with technical teams to ensure prompt remediation of vulnerabilities.

Security Awareness & Culture:

• Foster a culture of cyber security awareness within the Trust. Design and deliver engaging training programs for staff at all levels, tailored to their specific roles and responsibilities. Promote best practices for handling sensitive data and minimising cyber risks.
• Examples: Rolling out mandatory security awareness training for all employees, including phishing simulation campaigns. Organising specialised workshops for clinical staff on safeguarding patient information, and creating resources such as posters, videos, and intranet content to highlight the importance of secure passwords and data handling.

Representation & Advocacy:

• Represent the Trust in regional and national cyber security forums and industry events, working closely with London and national partners to implement the NHS’s cyber security objectives, including the five pillars of NHS cyber security.
• Examples: Participating in NHS Digital’s national cyber security forums, contributing to discussions on healthcare-specific cyber threats and sharing best practices with other Trusts. Leading collaborative initiatives with regional partners to improve the NHS’s overall cyber security posture, such as implementing shared threat intelligence systems or joint training sessions.

Third-Party & Vendor Management:

• Manage relationships with third-party vendors and external organisations, ensuring that they adhere to the Trust’s security policies. Review security controls for external systems and vendors that interact with the Trust’s IT infrastructure to reduce supply chain risks.
• Examples: Conducting third-party risk assessments and ensuring that vendors providing critical systems, such as medical devices or cloud-based patient data systems, meet NHS security standards. Working with procurement to ensure security requirements are integrated into contracts and SLAs, and conducting regular security reviews with third-party vendors.

Incident Management:

Team Leadership & Development:

• Lead, mentor, and develop the Cyber Security team, ensuring continuous professional development in defensive and offensive cyber security skills. Create a clear development pathway for team members, encouraging certification and advanced training in relevant areas.
• Examples: Organising training sessions and certifications for the team, such as CISSP (Certified Information Systems Security Professional) or CEH (Certified Ethical Hacker). Supporting the development of specialist skills within the team, such as advanced threat hunting or penetration testing, and ensuring that team members have opportunities to attend industry conferences and seminars.

Person specification

Education & professional Qualifications

Essential criteria

Minimum of a Masters degree level qualification relevant to the role or demonstrable equivalent level of experience
Relevant IT security certifications (e.g., CISSP, CISM, CISA, CRISC, CSSP)
Extensive experience in IT security management.

Desirable criteria

Vendor qualifications (MS, VMWare, CISCO)
Project management qualification or relevant experience
Certified Ethical Hacker

Experience

Essential criteria

Significant experience in security management within a complex organization, preferably in healthcare
Understanding of the NHS environment and its specific security challenges
Experience producing business cases and executive/board papers.
Extensive experience of all aspects of people management, from recruitment to dealing with disciplinary matters
Highly developed and expert knowledge of digital best practice and procedures
Excellent understanding of information security and information governance
Extensive working knowledge of current practices and issues in the cyber field
Significant knowledge and experience of applying budgeting, benefits tracking and demand management principles to both capital and revenue allocations

We reserve the right to expire vacancies prior to the advertised closing date once a sufficient number of applications have been received.

You will only be contacted by the Recruitment Team via email if you are shortlisted for this post. Please ensure therefore that you check your e-mail account regularly.

Please note in order to progress your application, your data will be processed by our 3^rd party recruitment providers – North London Partners Shared Service, (NLPSS) who conduct recruitment activities on behalf of NMUH.

If you are offered a role with one of the NLPSS partner trusts, as part of pre-employment checks your identity and right to work documentation will be verified remotely (in most circumstances), using a certified identity verification service provider TrustID. You will be asked to capture an image of the relevant documents as well as a “selfie” using your smartphone/tablet (if available) for facial matching. TrustID will also perform a digital address check using Trunarrative and Equifax, which is a soft check and does not leave a footprint on your credit rating. For more information, visit www.trustid.co.uk

NMUH uses identification scanning technology to confirm the authenticity of documents; all prospective employees of NMUH will have their original documents verified using this technology.

By applying for this post you are agreeing to NMUH transferring the information contained in this application to its preferred applicant management system. All subsequent information regarding your application will be generated from apps.trac.jobs. You will not be able to track the progress of your application or receive messages through the NHS Jobs website, and as an employer, we will not be able to respond to any e-mails sent to us via the NHS Jobs website. If you are offered a job, information will also be transferred into the national NHS Electronic Staff Record (ESR) system and other secure, internal NHS workforce systems.

By applying for this role, you accept in the event you are successful that your personal data may be transferred from the Trust to another NHS organisation where your employment transfers within the NHS. This is in accordance with the streamlining programme which is aimed at saving you time and improving efficiencies within the NHS when your employment transfers. Therefore we want you to complete your e-learning modules prior to joining our organisation.

If you are an EU/EEA citizen who does not have EU Settlement or Pre-Settled status, you will require a visa to work in the UK.

If you require sponsorship for a visa to work in the UK, to avoid disappointment, please check to ensure you are eligible under the UKVI points based system