Head of Information Security and Compliance

This role is part of the Informatics Team. This team concentrates on understanding things that are important to our customers (short, medium and long term), and devising and overseeing the appropriate strategy and services, along with the required governance and business infrastructure to meet them.

Head of Information Security and Compliance will improve service delivery and compliance and promote informatics in supporting patient experience and ensure clinicians have appropriate support to support patient care.

Post holder will ensure informatics performance/ quality targets are met across all corporate services. To problem solve as appropriate develop and implement lasting solutions in conjunction with clinical and managerial colleagues.

The post holder will be responsible for strategy and overseeing information and security compliance across NELFT business units.

Main duties of the job

This senior post has responsibility for ensuring that The Trust's information and systems assets are protected from current and emerging cyber threats through the establishment and operation of effective information security risk management, compliance and governance framework supported by the underlying implementation of effective information security architecture, security operations and third party risk management processes.

The primary responsibility of the role is to ensure that information security controls and processes are risk-based, effective and compliant with The Trust's information security policies and legal/regulatory requirements.

Leading by example, with dignity and respect, providing an inclusive and supportive workspace which promotes equality and diversity and a non-discriminatory culture.

About us

Starting with NELFT

NELFT places a great deal of importance on new starters being properly welcomed and inducted into the Trust. All new starters will join the Trust on the first Monday of each month and will undertake a comprehensive induction of up to two weeks which will include mandatory training, systems training and the allocation of equipment. As part of the process, new starters will have the opportunity to also meet the executive team, senior managers and attend a number of drop-in sessions focusing on engagement, health and wellbeing and key processes. The induction will be held at our head office in Rainham, Essex.

Probationary Period

This post will be subject to a probationary period. Internal applicants are exempt from the probationary period (unless you are an internal applicant currently partway through a probationary period or currently a bank member of staff).

High Cost Area Supplement

This post also attracts payment for High Cost Area Supplement of 15% of the basic salary (with a minimum of £4,551 to a maximum of £5,735).

COVID-19 Vaccination

We continue to encourage all staff to ensure that they have been double vaccinated and received their booster. We recognise that taking the vaccine provides the best defence against COVID-19 for our patients, our staff and their families.

We reserve the right to close this vacancy early should sufficient applications be received.

Job description

Job responsibilities

• Highest possible standard of information security and compliance service provision through the effective day-to-day management of the service delivery.
• Act as the primary information security and compliance lead for IM&T service users through the trust.
• Ensure all information security and compliance incidents, changes, and service requests are managed in accordance with service level agreements.
• Act as a specialist in the field of information security and compliance for the Trust.
• Ensure service consistently meets service delivery targets through established capacity and business continuity plans.
• Lead Information Security and Compliance across informatics, develop strategy, formulate objectives and research and develop ideas for future development.
• Monitor and evaluate performance against objectives, identify and manage change.
• Develop and maintain effective communication both within the NELFT and with relevant outside agencies.
• Manage and maintain the Information security and compliance risk register.

Use of AI

Applications for this role should be written by the applicant. If artificial intelligence (AI) programmes are used then the application may be rejected due to this document being an important part of the assessment process. This does not prevent applicants seeking appropriate support with applications should they need to for the purposes of any declared disability.

Please see the attached job description and person specification for more information about this role and working at North East London NHS Foundation Trust. We encourage you to refer closely to this when completing your application.

We welcome your application even if you do not meet all the criteria listed in the person specification. Any development needs to help you succeed in the role can be discussed at the interview stage.

Person Specification

Shortlisting

Essential

• Security Qualifications such as CISSP, CISM
• 10+ Experience
• Strategic lead for the development and implementation of the Information Security and Compliance Strategy and policy across areas of clinical and corporate services, based on a sound understanding of the current and future services and the technology available.

Employer details

Employer name

NELFT North East London Foundation Trust

Address

CEME
Rainham
RM13 8EU

Any attachments will be accessible after you click to apply.

395-CC866-24