Current jobs related to Information Governance, Data Security - Cheltenham - Gloucestershire Hospitals NHS Foundation Trust

• 

  Information Security Consultant

  5 months ago

  ---

  Cheltenham, United Kingdom Iress Limited Full time

  See yourself being part of a large, transformational change? This could be the role for you! At Iress, we make things happen We believe technology should help people perform better every day. Since our beginning in 1993, people across financial services have trusted us to take their performance to the next level. More than 10,000 businesses and 500,000...

• 

  Secure Government Account Lead

  3 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability NS&D Full time

  Secure Government Account LeadLocation: CheltenhamClearance: Candidates must currently hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting.Role OverviewThe Secure Government Account Lead will be responsible for securing new business sales and account management activities...

• 

  Secure Government Account Lead

  3 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability NS&D Full time

  Secure Government Account LeadLocation: CheltenhamClearance: Candidates must currently hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting.Role OverviewThe Secure Government Account Lead will be responsible for securing new business sales and account management activities...

• 

  Secure Government Account Lead

  1 day ago

  ---

  cheltenham, United Kingdom Searchability NS&D Full time

  Secure Government Account Lead Location: Cheltenham Clearance: Candidates must currently hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting. Role overview The Secure Government Account Lead will be responsible for securing new business sales and account management...

• 

  Secure Government Account Lead

  2 days ago

  ---

  Cheltenham, United Kingdom Searchability NS&D Full time

  Secure Government Account LeadLocation: CheltenhamClearance: Candidates must currently hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting.Role overviewThe Secure Government Account Lead will be responsible for securing new business sales and account management activities...

• 

  Secure Government Account Lead

  3 weeks ago

  ---

  Cheltenham, United Kingdom Searchability NS&D Full time

  Secure Government Account LeadLocation: CheltenhamClearance: Candidates must currently hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting.Role overviewThe Secure Government Account Lead will be responsible for securing new business sales and account management activities...

• 

  Secure Government Account Lead

  3 weeks ago

  ---

  cheltenham, United Kingdom Searchability NS&D Full time

  Secure Government Account LeadLocation: CheltenhamClearance: Candidates must currently hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting.Role overviewThe Secure Government Account Lead will be responsible for securing new business sales and account management activities...

• 

  Cyber Security

  4 months ago

  ---

  Cheltenham, United Kingdom Bailie Group Full time

  **Company Overview** CDS Defence & Security (CDS DS) is part of the Bailie Group - a family-owned group of agencies and consultancies with the collective mission to improve people’s lives by sharing knowledge. CDS DS is an industry leading technical consultancy delivering world class services in Support Engineering, Cyber Security & Information...

• 

  Senior Business Analyst

  1 week ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability NS&D Full time

  Job Title: Consultant. We have positions available from grade 3 to grade 7 (Junior, Mid, Senior, Principal, Managing)Location: Cheltenham (Remote-first and Hybrid Options Available)Security Clearance: Applicants must hold the highest level of UK Government security clearance (eDV). There is no scope to obtain this level of clearance prior to starting.Job...

• 

  Data Management Specialist

  1 week ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability Full time

  Secure Government Account LeadClearance: Candidates must currently hold the highest level of UK Government security clearance (eDV) "green badge".The Secure Government Account Lead will be responsible for securing new business sales and account management activities within secure government, focused on selling and account managing business advisory,...

• 

  Information Assurance and Security Manager

  4 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Guidant Global Full time

  Job Title: Information Assurance and Security ManagerGuidant Global is seeking an ambitious Information Assurance Security Manager to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.Main Responsibilities:Provide impartial IA advice and risk assess complex or non-standard systems.Act as a liaison...

• 

  Information Assurance and Security Manager

  4 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Guidant Global Full time

  Job Title: Information Assurance and Security ManagerGuidant Global is seeking an ambitious Information Assurance Security Manager to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.Main Responsibilities:Provide impartial IA advice and risk assess complex or non-standard systems.Act as a liaison...

• 

  Information Assurance and Security Manager

  2 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Guidant Global Full time

  Job Title: Information Assurance and Security ManagerGuidant Global is seeking an ambitious Information Assurance Security Manager to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.Main Responsibilities:Provide impartial IA advice and risk assessments for complex or non-standard systems.Act as a...

• 

  Information Assurance and Security Manager

  2 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Guidant Global Full time

  Job Title: Information Assurance and Security ManagerGuidant Global is seeking an ambitious Information Assurance Security Manager to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.Main Responsibilities:Provide impartial IA advice and risk assessments for complex or non-standard systems.Act as a...

• 

  Security Researcher

  6 months ago

  ---

  Cheltenham, United Kingdom Microsoft Full time

  The Microsoft Security Response Center team (MSRC) is looking for security researchers to join us in protecting Artificial Intelligence and Machine Learning (AI/ML) systems from threats to security and privacy. MSRC is part of the defender community and on the front line of security response evolution. Our mission is to protect employees, customers,...

• 

  Data Management Lead

  1 day ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability Full time

  Secure Government Account LeadClearance: Candidates must currently hold the highest level of UK Government security clearance.The Secure Government Account Lead will be responsible for securing new business sales and account management activities within secure government, focused on selling and account managing business advisory, technology consulting,...

• 

  Information Assurance and Security Manager

  4 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom The Client Full time

  Job Title: Information Assurance and Security ManagerWe are seeking an ambitious Information Assurance and Security Manager to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.Main Responsibilities:Provide impartial IA advice and risk assessments for complex or non-standard systems.Act as a...

• 

  Information Assurance and Security Manager

  4 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom The Client Full time

  Job Title: Information Assurance and Security ManagerWe are seeking an ambitious Information Assurance and Security Manager to work with our exceptional client in a secure environment, supporting challenging and highly rewarding projects.Main Responsibilities:Provide impartial IA advice and risk assessments for complex or non-standard systems.Act as a...

• 

  Data Management Specialist

  3 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability Full time

  Secure Government Account LeadClearance: The ideal candidate must hold the highest level of UK Government security clearance (eDV).The Secure Government Account Lead will be responsible for driving new business sales and account management activities within secure government, focusing on selling and account managing business advisory, technology consulting,...

• 

  Data Management Specialist

  3 weeks ago

  ---

  Cheltenham, Gloucestershire, United Kingdom Searchability Full time

  Secure Government Account LeadClearance: The ideal candidate must hold the highest level of UK Government security clearance (eDV).The Secure Government Account Lead will be responsible for driving new business sales and account management activities within secure government, focusing on selling and account managing business advisory, technology consulting,...

Information Governance, Data Security

3 months ago

---

Cheltenham, United Kingdom Gloucestershire Hospitals NHS Foundation Trust Full time

Job summary

The post holder supports the Associate CIO (DPO) to ensure that the Trust meets its obligations under Data Protection legislation and ensures general awareness throughout the Trust on Information Governance matters.

The primary focus of the role is to manage the IG team, undertaking data protection Impact assessments (DPIA's) provide support and guidance to all staff, including coordination of data breach investigation and ensuring the Trust has robust processes and plans in place to achieve and maintain UK GDPR compliance.

Main duties of the job

- The post holder will be a specialist in the delivery of the Data Security and Protection Toolkit annual return, Data Protection Impact Assessments, Information Asset Register maintenance, drafting and review of data sharing and data processing agreements and act as a subject matter expert on data protection and data security for the Trust, in accordance with national and local policy

- The post holder will conduct and follow up on Information Governance audits across the Trust and draft associated reports. They will ensure that staff, stakeholders, contractors and members of the public are aware of their rights under Data Protection legislation

- The post holder will identify areas in which the Trust is inadequately covered by IG and IT security policies and procedures and, in consultation with the cyber security specialists, information governance team and IT service team, develop new policies and procedures to cover these areas. Supporting senior managers in presenting these to the relevant Boards or other approval bodies

- The post holder will support the maintenance of data security and data protection training and learning programmes. They will also provide expert IG advice to staff at all levels, departments and corporate / clinical functions

- The post holder will have excellent communication skills, be a compassionate leader, promote good IG with all their exchanges, and will be empowered to make decisions in line with policies and procedures

About us

Gloucestershire Hospitals NHS Foundation Trust is the largest employer in the county and with over 8,000 staff, we are one of the largest NHS trusts in the UK. We offer a generous annual leave allowance, excellent bank rates, access to the excellent NHS Pension Scheme, discounts for local shops, restaurants and services, access to our health and well-being hub, access to our two on-site nurseries, flexible working options, discounted public transport, reward and recognition schemes, exercise and activity classes and membership to our popular hospital choir.

Job description

Job responsibilities

Key operational results areas

- Work with the DPO to ensure the completion of the Trusts Data Security and Protection Toolkit assessment, collating evidence, and undertake compliance audits.

- To advise on and provide updates to IG and cybersecurity e-learning training to ensure staff have access to up to date and relevant IG and Data security and protection training.

- To ensure the development and delivery of the UK GDPR compliance action/improvement plans, monitor progress and report.

- To ensure the Trust's contractors and support organisations have adequate IG arrangements in place.

- To ensure the development of local information sharing agreements as required.

- To provide support/undertake date privacy impact assessments.

- To ensure fair processing notices are adequate for flows of personal confidential information.

- To support the Trusts Information Asset Owners in information asset management and assist with undertaking risk assessments.

- To support the management and response to information security incidents.

- To maintain on-going personal development and knowledge of data protection laws, issues and developments.

- Freedom to take actions as the lead specialist, based on own interpretation of policy, to conduct complex investigations into suspected or actual breaches of data protection and security and provide formal written reports advising how legislation and or policy should be interpreted directly to the Information Asset owner, Human resources business partner and service leads. These cases could lead to disciplinary action being taken against staff

- Participate in relevant internal and external working groups/projects, services and initiatives to provide information and analytical advice and expertise.

- Liaise with senior managers of stakeholder organisations, NHS cyber security teams, the Counter Fraud Service, the Police and external organisations, as required, when investigating incidents.

- Investigations into abuse of IT services such as internet and email may occasionally expose the post holder to distressing images and require the post holder to act as a professional witness in disciplinary hearings etc.

- The alignment of digital and operational processes with legislative, NHS and business security requirements.

- Work with the wider digital team in the Identification and management of data protection and data security risks ensuring that digital and operational services maintains compliance in line with the overall Trust corporate governance framework, designing and maintaining appropriate data protection and data security controls and plans with procedures for their operation and maintenance

- Work with services and digital teams to Identify and classify information assets and the level of control and protection required.

- Ensuring that the confidentiality, integrity and availability of trust information is maintained and the public trust in the organisation is promoted and maintained.

- Ensuring that all access to services by external partners and suppliers is subject to contractual agreements and appropriate responsibilities documented.

- Be responsible for a high standard of work supporting the delivery of Information Governance to quality standards and in a cost-effective manner. Maintain documentation and associated plans with regular team meetings to monitor progress and resources.

- Overseeing team members to deliver the requirements listed above; engage and liaise with key stakeholder, in particular:

- To support the delivery of day-to-day activities and projects

- Support the development and maintenance of a high performing IG team

- Advocate Data protection and cyber security during all interactions with staff across all roles and levels within the trust.

- Act as Information asset administrator for IG related assets including the Trusts Information asset register.

Customer care for patients and/or service users

- To act as a champion for patients and their interests in relation to data security and protection

- To ensure all staff and occasional public and patient contact with the office is of the highest professional standard

Leadership and management

- To provide line management for the IG team

- Be visible and available to provide support and guidance or the team and wider organisation staff . This will require on site working with a minimum of 2 days per week on site if a hybrid working pattern is adopted.

- Responsible for undertaking appraisal and personal development for staff within the team

- To support, motivate and develop staff within the team to ensure that they are able to deliver the trust and team objectives

- Liaise with other Managers to share best practice

- Plan, organise, deliver, and review regular IG and ad hoc stakeholder awareness workshops and training sessions on Data security and data protection that raise the awareness of staff of information governance issues and ensure their compliance with policies and procedures, ensuring the collaboration of Human Resources, Training, Data Protection and Information Governance Lead. Take personal responsibility for delivering some of these awareness training programmes. Develop materials to enable others to deliver training in a standard manner

Communications and working relationships

- The post holder will be a contact point in the organisation for IG and provide advice to IAOs, IAAs and liaise with the DPO, Caldicott Guardian and SIRO.

- Provide advice and take action, where necessary, in response to Audit findings and recommendations in respect of information governance.

- Work internally in the development and implementation of IG policies and procedures.

- Act as a consultant to projects, advising on matters relating to information governance & security.

- To work with the Associate CIO for IG and health records (DPO) to ensure that the Trust fully complies with relevant legislation, agreed policies and procedures.

- To deputise for the Associate CIO for IG and health records (DPO) as required in representing the Trust both on internal and external user groups ensuring that the Trust's priorities are effectively communicated, promoted and implemented.

- Ensure that Trust staff know how to report any data protection and data security breaches, incidents, malfunctions and suspected system weaknesses and threats.

- Management of IT security policies, and supporting set of policies, and their controls including their development and review and facilitation of their ratification

- Responsible for proposing and drafting changes, implementation and interpretation to policies and guidelines.

- Ensure that IT security and IG policy is enforced and communicated to all parties.

- Where necessary to liaise with external organisations on IT/cyber security matters, drafting and implementing joint policies and procedures and ensuring external network connections adhere to all appropriate security policies.

- Identify areas within the trust that are inadequately covered by IT/cyber security policies and procedures and, in consultation with operational manager IT specialists, and Data Protection Officer, develop new policies and procedures to cover these areas. Support Digital senior leads in presenting these to the relevant Boards or other approval bodies.

- The post holder will need to maintain a good knowledge of emerging policies from government departments. This will assist in the thinking and definition of the strategy discussions for the network and stakeholders.

Research and development

- Develop and implement ad-hoc audit programmes to test system and data security measures, review findings and improve those system and data security measures

- Plan, develop and evaluate methods and processes for gathering, analysing, interpreting and presenting data and information

Person Specification

Qualifications

Essential

Degree level or equivalent in a discipline directly relevant to the role Evidence of CPD

Desirable

Data Protection professional qualification(s) SSCP/CISSP/CISMP

Experience

Essential

Data protection and data security risk management in an enterprise setting Significant experience of working in, or managing, an IT Security or IG function Demonstrable experience in delivery of training / education to large groups of staff at all levels of the organisation Experience of managing and motivating a team and reviewing performance of the individuals

Desirable

Previous experience of working within the NHS or other healthcare setting

Knowledge / Skills

Essential

Knowledge and understanding in the principles of the DPA, UK GDPR, FOIA and NHS Code of Confidentiality Knowledge in the areas of Caldicott, patient confidentiality, WASPI and information sharing, Privacy Impact Assessments and information sharing, Privacy Impact Assessments and information security Excellent oral, numerical and written skills Ability to make decisions in accordance with agreed departmental protocols Ability to work on own initiative with minimal supervision, prioritise and achieve goals. Responsive and enthusiastic and be able to direct activities of others.

Desirable

Demonstrated capability to plan over short, medium and long-term timeframes and adjust plans and resource requirements accordingly

---

Report this job