Head of IT Risk, Governance and Cyber

Job Description

Technology is at the heart of the LAS ability to continuously improve in order to provide safe, high–quality, patient–centred care. An excitingopportunity has arisen for an enthusiastic and highly motivated individual to join the IM&T Senior Leadership Teamas Head of IT Risk,Governance and Cyber.This role will involve strategic decision–making, system implementations, and the adoption and testing of new processes and procedures whichimprove the security and robustness of the organisational infrastructure and associated IT systems.As Head of IT Risk, Governance and Cyber, the role will oversee key staff working to identify and safeguard the Trust from intrusion, security threats, security weaknesses, software bugs and exploits. Accountable for the overall management of IM&T risksand issues ensuring that these risks and issues are mitigated and managed to conclusion. You will be responsible for both staff and the management processes keeping your organisation secure.Main duties of the jobo Strategic decision–making, system implementations, and the adoption and testing of new processes and procedures which improve thesecurity and robustness of the organisational infrastructure and associated IT systems.o Responsible for the Trusts Data,IT and Information Security plus any new software or hardware upgrades relating to its IT security.Working to identify and safeguard the Trust from intrusion, security threats, security weaknesses, software bugs and exploits.o Accountable for the overall managementof IM&T risks and issues ensuring that these risks and issues are mitigated and managed toconclusion.o Ensure that business continuity / Disaster Recovery and IM&T Service Continuity plans are available, up–to–date and regularly testedwith appropriate evidencebeing generated, retained and readily availableo Own the IM&T service reporting process, ensuring that reporting and analytics are fit–for–purpose, evolving, readily available,appropriately distributed and regularly reviewed by the relevant audienceo Takecomplex reporting data from multiple sources, compare and interpret against service baseline and industry standardsAbout usLondon Ambulance Service NHS Trust is the busiest ambulance Trust in the UK. We are seeking someone who will fit with the Trust values ofbeing respectful, professional, innovative and collaborative.The team works widely across the Trust at all levels upto Board and with a variety of other partners such as external NHS Trusts, commercialorganisations, Heathrow Airport, Stadia, Londons Air Ambulance and Healthcare UK and Department for International Trade.You will, therefore, have the opportunity to jointhe team at an exciting time of growth and to gain experience of being involved in a varied portfolio.Annual leave starts at 27 days rising to 33 days, plus bank holidays, in line with agenda for change (NHS terms and conditions).Employees can access Blue Light (emergency services) discounts as well as NHS discount schemesJob responsibilitiesLondon Ambulance Service NHS Trust is the busiest ambulance Trust in the UK. We are seeking someone who will fit with the Trust values of Caring, Respect and Teamwork.For further details, please see attached job description.Person Specification Qualifications

• Educated to degree level in an IT discipline with a relevant postgraduate to Masters level or evidence of extensive experience in a similar role including people management
• Management qualification or equivalent broad experience in managing a team including dealing with staff issues such as grievance, disciplinary, welfare, appraisals, staff sickness, training etc
• Experienced PRINCE 2 practitioner with the ability to apply to complex multi–user systems developments
• Qualified in relevant information security examinations e.g. CISM or CISSP or obtain the qualification within 12 months

Experience

• Experienced in IT Risk, Governance and Cyber Management with good working knowledge of current issues, trends and best practice
• Experience of developing and implementing organisation–wide information security related strategies, policies and procedures
• Experience and ability of influencing decision making within a large multi–site organisation or with the ability to demonstrate that as a promotion you are ready for this position
• Experience of working with conflicting, highly complex, highly contentious and highly sensitive information
• Experienced in managing critical incidents and problem investigation and resolution including managing Security Incident Response Teams and information security breaches
• Experienced in conducting or managing information security audits, penetration testing and incident investigations

Knowledge and Skills

• Experienced in conducting or managing information security audits, penetration testing and incident investigations
• Experienced in conducting or managing information security audits, penetration testing and incident investigations
• Experience of budget management
• Wide ranging knowledge of the IT and information security market place
• Broad knowledge of hardware and software security solutions including Patch Management, Virus Protection and Data Encryption
• Broad knowledge of hardware and software security solutions including Patch Management, Virus Protection and Data Encryption

Disclosure and Barring Service CheckThis post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminalconvictions.Business Support to the Chief Digital OfficerGBP78,163 to GBP88,884 a yearper annum inclusive of HCAS