Information Security Specialist - Newcastle upon Tyne, United Kingdom - NHS Business Services Authority

NHS Business Services Authority
NHS Business Services Authority
Verified Company
Newcastle upon Tyne, United Kingdom

2 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

We're looking for an organised and motivated Information Security Management professional to join us and play a key role in delivering the information security compliance programme across all services within the NHS Business Services Authority (NHSBSA).


The role will be based in the NHSBSA's Security & Information Governance Team located at our Stella House office, Newcastle upon Tyne.

In line with our hybrid working policy there is also an opportunity for working from home to be considered providing business needs are met.


So, if you are excited by the above, feel you have what it takes to be successful, and would like to join our dynamic team we would love to hear from you.

What do we offer?

  • 27 days leave (increasing with length of service) plus 8 bank holidays
  • Flexible working (we are happy to discuss options such as compressed hours)
  • Flexi time
  • Hybrid working model (we are currently working largely remotely)
  • Career development
  • Active wellbeing and inclusion networks
  • Excellent pension
  • NHS Car lease scheme
  • Access to a wide range of benefits and high street discounts


Actively supporting the continual improvement of the organisation's arrangements for information security management you will work with relevant stakeholders and interested parties (such as special interest groups, professional associations and security forums) to understand the information security threat landscape, trends, and emerging risks.

Here at the NHS Business Services Authority (NHSBSA), what we do matters.

We manage the NHS Pension scheme, process prescription payments and much more.

Our services are used by NHS organisations, contractors and the public:
we take pride in being part of something so meaningful, that touches millions of lives.

Just as we design our services around the needs of our customers, we place our people at the heart of our organisation.

That's why when you join us, you'll be empowered and given the right support to help your career grow.

As one of the UK's Best Big Companies to work for, we're all connected to our values: Collaborative, Adventurous, Reliable and Energetic.

We care about our people, our purpose, and your progress.


We strive to offer a fantastic colleague experience, where every voice is heard, and every colleague is supported and respected.

Wellbeing, diversity and inclusion is at the centre of this, so when you join us, you can connect with our Lived Experience Networks who help us to bring our authentic selves to work.

We are people connected to care.


In this role you are responsible for:

  • Understanding and employing a scenario-based approach to information risk assessment.
  • Undertaking information security risk assessments in line with the approved NHSBSA risk management framework, ensuring effective and timely engagement with key stakeholders including Cyber Security Team, Information Governance Team and Information Asset Administrators.
  • Engaging with senior management (SIRO and Information Asset Owners) to ensure that they understand the information security risks relevant to their service area and to the organisation as a whole.
  • Coordinating the identification of suitable information security risk treatment options.
  • Managing the development and delivery of the information security education, training and awareness programme.
  • Delivering information security management awareness training for all levels of the organisation, including online and facetoface sessions.
  • Providing information security support, advice and guidance to all NHSBSA teams.
  • Establishing information security management arrangements for new services / programmes / projects ensuring that information security controls reflect best practice and are embedded within processes and procedures.
  • Managing the information security incident management process ensuring that remediation actions are taken in a timely manner and that lessons learned inform the security improvement plan.
  • Scoping and conducting information security internal audits in accordance with the ISMS internal audit schedule.
  • Using credible and reliable information and information sources to provide evidence of emerging information security threats.
  • Maintaining a sound knowledge of information security products, systems and procedures used within the NHSBSA.

Responsible to:
Information Security & Business Continuity Manager


Key relationship:
Head of Security & Information Governance, Senior Information Risk Owner, Cyber Security Operations Manager, Business Continuity Specialist, Information Security Compliance Specialist, Information Governance Manager, Information Asset Owners
More jobs from NHS Business Services Authority
See all jobs of NHS Business Services Authority