Cyber Security Manager
Job Posted: 23 May 2023
Job Updated: 23 May 2023
Job Title: Cyber Security Manager
Location: Nottingham (Hybrid)
Salary: £55,420 rising in increments to £65,200 in year 3
Closing Date: Tuesday 6th June 2023
NHS Supply Chain are recruiting for a Cyber Security Manager.
Purpose of the role
Effective cyber security is an integral part of our strategic goals. Reporting to the Head of Cyber Security, this is a new senior management appointment arising from an ongoing cyber security improvement programme. The successful candidate will play a pivotal role in shaping the future of cyber operations at NHS Supply Chain.
The role will involve hands on, practical application of cyber operations. The successful candidate will have experience of managing cyber incidents through the effective identification, response, and recovery process, even when working under pressure. Applicants should have a sound understanding of managing cyber risks, as well as experience of managing both analytical teams and stakeholders. This role will work closely with colleagues in IT, both internal and third party, as well as those in Data Protection; however, they will also need to engage effectively across the business to ensure a consistent approach to cyber security. This role will suit a people-oriented individual, who is able to promote the benefits of security to non-specialists.
We offer a supportive and collaborative environment, where the successful candidate will be given the opportunity to develop their specialist skillset.
Support the implementation of NHS Supply Chain Security Strategy, in line with recognised frameworks and standards, such as NIST, ISO/IEC 27001 and Cyber Essentials.
Provide expert advice and guidance to stakeholders on cyber security threats and how best to respond. This may involve assessing proposals to introduce new systems, service and processes, and changes to existing systems, services and processes for cyber security risks.
Working with our third-party security partner to ensure the delivery of cyber operations, evidenced through regular KRI/KPI reporting.
Identifying areas of weakness within our current IT systems and processes and make recommendations on appropriate mitigation to minimise risk.
Develop, review, and embed Information Security Policy, associated standards, and guidance across NHS Supply Chain, in line with relevant legislation and industry standards.
Manage our Information and Cyber Security systems, processes and procedures, and contribute to reporting of identified threats and vulnerabilities.
Manages for the Incident Response process, including triage, response, recovery, and post-incident review.
Liaise with external bodies and organisations to keep abreast of emerging trends, technologies and legislation that have an impact on Cyber Security.
Leverage existing technologies and embed new technologies to bolster cyber resilience.
Collaborate with subject matter experts to ensure Cyber Security is managed effectively throughout the IT service delivery lifecycle. This includes Security Operations, Security Architecture and Security Assurance.
Supports the delivery of cyber security training and awareness across NHS Supply Chain, including operational exercises to rehearse incident response plans.
When directed, deputise for the Head of Cyber Security
What skills, qualifications and qualities do I need to be successful?
This role will suit you if you are/have:
Demonstrated experience playing a lead role within Cyber Operations.
Experience implementing policies and procedures in line with recognised frameworks, such as ISO 27001 and Cyber Essentials.
Experience building and developing effective relationships with internal and external stakeholders.
Excellent communication skills, including the ability to articulate changes and technical information to stakeholders with differing levels of technical knowledge and the ability to influence decision makers.
Experience working in a complex IT organisation encompassing service delivery, application development and IT infrastructure.
Demonstrated ability to drive change in an organisation through the use of process improvement, culture change and technology.
Experience of working to deadlines, prioritising a complex range of tasks to ensure delivery in a role which has made competing demands on your time.
Experience applying various technologies and processes used to protect large organisations from cyber threats.
We are flexible and would be keen to hear from candidates who have a range of qualifications or experiences equivalent to the following:
Bachelors’ degree or equivalent
CISM, CISSP, CISA
ISO 27001 lead auditor
How you’ll work
Hybrid working; a blend of home and office working 2/3 days in the office and 2/3 days at home.
In return for your passion, enthusiasm, and hard work you will be rewarded with an attractive salary and benefits package, consisting of:
Performance led annual bonus scheme
27 days holiday plus bank holidays, with the option to purchase up to an additional 5 days
Generous contributory pension scheme (up to 6% employee / 12% employer contributions of your base salary)
Access to Flexible Benefits Scheme – you will be able to choose from a variety of benefits such Life Insurance, Critical Illness Cover, Income Protection, Health Cash Plan, Dental Insurance, and additional pension contributions that suit you
2 days paid Volunteering Leave
1 day paid Wellbeing Leave
Long Service Awards
Access to the Blue Light Card and NHS Discounts
Flexible working options
National Annual season ticket purchase scheme
Eye Care vouchers
Access to a free 24/7 Employee Assistance Programme
NHS Supply Chain, who are we?
We are a part of the NHS family, and our role is to source, deliver and supply healthcare products, services and food for NHS trusts and healthcare organisations across England and Wales. We make sure the products we supply are always safe, quality assured and delivered efficiently.
We’re always listening to the people who use our products, so that we’re aware of the changing needs across the NHS. In all, we serve every NHS Trust and operate a national network of distribution centres. We also manage relationships with more than a thousand suppliers, delivering more than 8,000,000 orders each year to more than 17,000 locations.
And by doing all of this on behalf of the NHS, this gives NHS staff more time to focus on their main priority of proving excellent patient care.
Our, Purpose, Vision and Strategy are clear. We provide direction, leadership, and commercial focus to improve health outcomes.
Vision: To make it easier for the NHS to put patients first
Purpose: Our role is to support the NHS to save lives and improve health
Be The Difference
SCCL is a not an NHS organisation, you will join on SCCL terms and conditions.
For more information on SCCL and the NHS Supply chain please visit: www.supplychain.nhs.uk
For an informal discussion about the role in confidence please email us at Careers@supplychain.nhs.uk
NHS Supply Chain is an equal opportunities employer
SCCL is a company Registered in England and Wales, with company number 10881715, to act as the management function of the NHS Supply Chain.
SCCL values and respects the diversity of its employees and aims to recruit a workforce which reflects our diverse communities. We welcome applications irrespective of people’s age, disability, gender, race or ethnicity, religion or belief, sexual orientation, or other personal circumstances.
Our policies and procedures reflect our commitment to ensure that all applicants are treated fairly and consistently at every stage of the recruitment process.
SCCL reserve the right to close any vacancies from further submissions when we have received sufficient applications from which to make a shortlist. Please apply without delay if you wish to be considered for this role.
If you are shortlisted for interview you will be required to provide proof of ID and the right to work in the UK.