Job vacancy: Senior Digital Risk Consultant (Annex 21 Trainee), Liverpool University Hospitals NHS Foundation Trust, Liverpool

Job summary

Main area

Digital

Grade

Band 8a

Contract

4 years (Once training is completed individuals will move to permanent contract)

Hours

Full time
Flexible working

37.5 hours per week (Monday to Friday)

Job ref

287-MIAA-7-26

Employer: Liverpool University Hospitals NHS Foundation Trust
Employer type: NHS
Site: MIAA Regatta Place
Town: Liverpool
Salary: As this role is Annex 21, salary range will be £38,850 - £48,562
Closing: 11/07/2026 23:59

Senior Digital Risk Consultant (Annex 21 Trainee)

Band 8a

Detailed job description and main responsibilities

Produces, agrees, and oversees delivery of highly complex risk-based digital plans with allocated clients/assignments that are designed to produce sufficient assurances to fulfil the requirements of the Head of Internal Audit Opinion on the effectiveness of internal control.

Actively identifies, defines, and delivers/oversees the highly complex advisory assignments and services specific to the needs of clients with a view to increasing and securing income from such activities.

Manages the planning, conduct, output and opinions for highly complex digital assurance, consultancy, and services for allocated clients/assignments within agreed deadlines, budgets, and quality standards.

Operates as budget holder for allocated advisory assignments and services i.e., a discrete set of services, requiring the planning and organizing of complex activities and programmes, often extending over multiple years,to ensure income is recovered, costs contained and outputs delivered. Often these budgeted plans need to be adjusted on an ongoing basis for reporting to Audit Committees as priorities shift.

Manages and develops the key relationships with allocated clients, particularly the Chief Information/Digital Officer, Chief Clinical Information Officer, Chief Nursing Information Officer, Senior Information Risk Owner, Data Protection Officer, Caldicott Guardian as well as other senior digital staff.

Provides highly complex advice to allocated clients, either directly or through colleagues, on technology/digital risk, either current or emerging, in the context of care, service and business activities.

Responsibility for ensuring allocated plans are incorporated into the overall planning of resources and commitments for the function. Plans and organises the work schedule for allocated staff to ensure weekly, monthly, quarterly, and annual timetables are delivered particularly with regard to Audit Committee deadlines.

Personally, conducts a range of highly complex and highly technical assignments for reporting to senior management and relevant committees. This will often involve significant research and development activity. Conducts research on behalf of the function, MIAA and the wider community to develop and pilot approaches to emerging areas.

Makes recommendations as appropriate often involving significant proposed changes to working practices and procedures, often involving the adoption of new technologies, following policy implementation across multiple areas and NHS organisations. These routinely will involve contributing to service redesign and providing benchmarking information.

Undertakes highly complex systems reviews that conclude upon the effective management of digital risk.

FOR FURTHER KEY RESPONSIBILITES PLEASE READ THE JOB DESCRIPTION IN FULL.

Person specification

Qualifications

Essential criteria

Level 7 qualification in an Informatics or Cyber Security subject/equivalent. Examples include Masters degree or equivalent
Qualification in Computer Audit OR Certified Information System Auditor OR Demonstrable significant experience in the field if IT/IS audit
CREST penetration tester

Desirable criteria

Certified information security manager
Certified data protection officer
PRINCE 2 project management or Managing Successful Programmes
CHECK team member

Experience

Essential criteria

Must have senior experience of working in audit and consultancy or within a senior role in digital delivery
Demonstrable understanding of the role of audit and consultancy and relevant techniques for delivery
Must have significant experience of recruiting, developing, managing, and supervising staff
Must have experience of working in the NHS or other public sector organisation resulting in a developed understanding of the digital systems, risks and processes. Alternative experience in an equivalent organisation may be acceptable

Knowledge

Essential criteria

Must have a full and mature understanding of NHS and public sector structures, policy, functions and digital systems together with the aptitude to build on that knowledge.
Must have a full understanding of the digital agenda, corporate governance, risk management and assurance principles and practice
Must have a full and mature understanding of audit and IM&T principles and practice, together with the aptitude to build on that knowledge
Specific technical knowledge including: processes, tools, and techniques of information security management, protection of information and information systems whilst ensuring their integrity, confidentiality and availability, application security, data loss prevention, access control and intrusion, vulnerability assessment tools, techniques, models and systems, endpoint security configuration and monitoring/testing, in-depth knowledge of IT security and data protection, network monitoring, analysis tooling and techniques

Skills

Essential criteria

Excellent verbal and written communication skills to enable complicated digital issues to be explained to a range of staff
Excellent analytical skills and have the ability to collate complex data from various sources
Strong supervision, team building, staff management, coaching, mentoring and staff development skills
Ability to negotiate, persuade and influence, sometimes in a setting that is unresponsive or hostile to audit findings
High level of numeracy and keyboard skills
Ability to make judgements and recommendations in the context of complex systems and risk and materiality of findings
Good time management skills and the ability to work to tight deadlines
Ability to contribute to corporate strategic direction

Please ensure you check the email account (including junk/spam boxes) from which you apply regularly as we will use this to contact you regarding your application.

Posts advertised to ‘internal staff’ are open to employees of hospitals within University Hospitals of Liverpool Group and you should confirm your employment within your application form.

Note: Under current Home Office Immigration Rules we are currently unable to offer right to work visa sponsorship for Band 2 and 3 roles with a salary of less than £25,000 pa as they do not meet the UK Visas & Immigration criteria.

Only those applicants who demonstrate clearly how they meet our person specification will be shortlisted for interview.

We reserve the right to close any vacancies from further applications when we have received a minimum number of applications from which to make a shortlist. Please ensure you apply without delay if you wish to be considered for this role.

Candidates applying for the role of Healthcare Assistant on the staff bank should note that due to the nature of the role, workers must be aged 18 or above when commencing in post. Applicants are therefore welcome from those aged over 18 or within 3 months’ of their 18^th birthday.

The Trust is committed to promoting a healthy work-life balance and achieve fair, equitable and consistent practice. We welcome flexible working requests and will consider a variety of flexible working arrangements from day one of your employment. Not all roles are suitable for every flexible working opportunity all of the time. Flexible working options may include reduced hours, compressed hours, fixed shifts, time back in lieu and home working.

The Trust is committed to promoting equality and diversity; we value the contribution of individual talent, skills, knowledge and experience and aim for a workforce demography representative of the local community. We encourage applicants from the following groups that are currently under-represented in our workforce black, Asian and minority ethnic, lesbian, gay, bisexual and Transgender (LGBTQ+), disabled, male and age 16-24.

Trust policy requires that the cost of submitting & processing the successful applicant/s DBS application be recovered via salary deduction following start in post. The amount of £26.50 (standard disclosure) or £54.50 (enhanced disclosure) will be deducted from salary, in manageable monthly instalments for up to 3 months following commencement of employment. Bank posts require upfront payment.

From April 2017, Skilled visa applicants and their adult dependant(s) will be required to provide a criminal record certificate from each country they have lived in consecutively for 12 months or more in the past ten years.

Applicants requiring sponsorship may wish to determine the likelihood of obtaining sponsorship for this position by assessing themselves against the criteria on the gov.uk website - https://www.gov.uk/check-uk-visa.

This organisation has a zero-tolerance approach to the abuse of children, young people and vulnerable adults. All staff must ensure they adhere to the organisations safeguarding children and adults’ policy and comply with the Local Safeguarding Children and Adult Board procedures.

Staff should be mindful of their responsibility to safeguard children and adults in any activity performed on behalf of the organisation in line with the requirements of statutory guidance and legislation.

All employees (and volunteers)are expected maintain their safeguarding knowledge and skills by completing mandatory safeguarding training which includes understanding and recognising the signs of abuse and neglect and taking appropriate action.

As an organisation, we have adopted the Merseyside Domestic abuse workplace scheme which supports our staff who are experiencing Domestic Abuse /any forms of sexual violence.

If you have any personal requirements that will enable you to participate in our recruitment process please contact a member of the Recruitment Services by phone on 0151 706 4666 at the earliest opportunity to ensure that measures can be put in place to enable your application for this post.

Please note: new entrants to the NHS will commence on the first pay point of the relevant band.