Overview

The Head of Cyber Security is responsible for shaping and executing the Trust's cyber security strategy, ensuring that digital assets and information systems remain secure, resilient, and compliant with NHS frameworks such as DSPT, CAF, and ISO27001. This role provides strategic leadership by developing and implementing cyber security plans, leading maturity assessments, and offering board-level assurance on risk and compliance. The post holder represents the Trust in key regional and national cyber forums, helping to align local priorities with broader NHS initiatives. In addition to strategic oversight, the role encompasses governance and risk management, including ownership of the Information Security Management System (ISMS), leading audits, chairing assurance groups, and supporting data protection compliance as Deputy SIRO.

Qualifications

• Master’s level education in a relevant subject or equivalent experience
• Specialist qualifications in ICT and/or Cyber Security (e.g., CISSP, CISM, CRISC or equivalent)
• Committed to ongoing specialist training to support the job role and self-development
• Senior leadership experience in cyber security within an NHS or complex public sector environment, with a strong track record of achievement
• Extensive experience of managing cyber security and risk
• Extensive experience interpreting and applying the law governing the management of information
• Broad IM&T knowledge and understanding of computer and confidentiality related legislation and professional standards
• Good understanding of principles of managing enterprise-scale IT networks

About the Trust

Oxford University Hospitals NHS Foundation Trust is one of the largest NHS teaching trusts in the country. It provides a wide range of general and specialist clinical services and is a base for medical education, training and research. The Trust comprises four hospitals – the John Radcliffe Hospital, Churchill Hospital, Nuffield Orthopaedic Centre in Headington and Horton General Hospital in Banbury. Our values, standards and behaviours define the quality of clinical care we offer and the professional relationships we make with our patients, colleagues and the wider community. We call this Delivering Compassionate Excellence and its focus is on our values of compassion, respect, learning, delivery, improvement and excellence.