Regional Cyber Security Principal Consultant (East) – Band 8C
Recruitment role summary and candidate profile
About this role
About the team
The Data Security Centre (DSC) delivers services to assist the Health and Care Sector in
preventing cyber-attacks to their organisations. These services are provided centrally to
support local organisations. The role of Regional Cyber Security Lead is key to supporting
the delivery, augmentation, awareness and application of the services and offering regional
Health organisations with Information Security subject matter expertise when needed.
Head of Regional Leads
*This Role*
This ranges from tactical advice and guidance during a cyber security incident, to
assurance of cyber security strategies and consultancy on security aspects of strategic
development.
Regional Lead
(East)
This role covers all NHS Organisations in the East, with 6 other Regional Leads covering
geographically dispersed territories across England.
You will:
 Be the regional interface and voice of NHS Digital’s DSC in the East of England,
advocating the take-up of DSC services throughout the estate.
 Deputise for the Head of Regional Leads in their absence
 Represent the Regional team at broader NHS Digital meetings
 Engage with a variety of stakeholders, giving a voice to their feedback on a variety
of security services to drive improvement
 Interpret international, national, governmental and sector specific policy and
standards through the lens of local organisations and their development initiatives
 Understand organisations’ security needs in depth, offering advice and guidance to
support the improving maturity of the sector
About NHS Digital
With an annual budget of more than £200 million and oversight of a
£1 billion spend, NHS Digital is responsible for the gathering,
analysis and publishing of health and care information, and for
delivering the crucial IT infrastructure and applications that support
the NHS and Social Care. As such, we play a key role in driving the
speed and efficiency of these services and, ultimately, the delivery
of better patient care.
Profession: Cyber Security
Please note, this role profile is an extract taken from the full job description of Cyber Security Principal Consultant



Support organisations in developing their information security posture using your
expertise
Drive cyber security as a leadership responsibility, across individual organisations
and wider regional structures.
When requested, drive adherence across region to requests for action
About You









The ability to form good working relationships with staff internally and externally.
Strong leadership: able to select, develop and lead complex, diverse and multi-functional teams effectively and lead in a style appropriate to the situation
Impressive Senior Management experience of operating services, providing professional leadership and clear direction by effective decision making and
making critical judgements on engagement performance.
Proven experience in the management and development of detailed technical / business level reports.
Extensive experience in an Information Security environment.
Experience of working with and effectively managing the expectations of stakeholders of differing levels of seniority and influence both inside and outside
the organisation
A proven track record of delivering work for teams within large complex programmes of work.
The ability to think strategically but also, where necessary, to engage in the detail of complex issues.
Be a problem solver
Profession: Cyber Security
Please note, this role profile is an extract taken from the full job description of Cyber Security Principal Consultant
Professional Competencies






Information Security Management - Advanced specialist knowledge of the processes, tools and techniques of information security management, ability to
deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data.
Information Security Technologies - Highly developed specialist knowledge of technologies and technology-based solutions dealing with information
security issues; ability to apply these in protecting information security across the organisation.
Cybersecurity Risk Management - Highly developed specialist knowledge of tools, techniques, approaches and processes of cybersecurity risk
management; ability to ensure organisational network operation and minimize negative effect by cybersecurity risks.
Information Assurance - Detailed knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity
and availability.
Information Technology (IT) Security Policies - Highly developed specialist knowledge of IT security policies, standards, and procedures; ability to utilise a
variety of administrative skill sets and technical knowledge to ensure cyber security compliance.
Communicating Complex Concepts In-depth knowledge of techniques to ensure clear understanding and ability to use summarisation and simplification
techniques to explain complex technical concepts in simple, clear language appropriate to the audience.
Knowledge, Skills and Qualifications
Values and Behaviours
Essential
 Educated to Masters level in a relevant area or
equivalent experience
 Evidence of continuous professional development
in the Cyber Security field
 Excellent written and verbal communication skills.
 Hold industry qualifications such as: CISSP, CISM,
CISA
 Able to be Security Cleared (SC)

People Focused: You value and promote positive relationships with colleagues, customers
and the public and are responsive to their needs.

Trustworthy: You act with integrity, impartiality and openness and in the best interests of the
public.

Professional: You deliver on your commitments by applying the highest levels of expertise,
conduct and personal responsibility.

Innovative: You actively embrace change and bring new ideas to deliver excellent services for
your customers and better outcomes for the public.
Desirable
Profession: Cyber Security
Please note, this role profile is an extract taken from the full job description of Cyber Security Principal Consultant



Understanding of the NHS, Strategic Direction and
political drivers
Knowledge of the NHS
Membership of professional body such as
ISACA/ISC2
The Opportunities





You can positively contribute to improving the Cyber resilience of the products
and services provided by NHS Digital to front line NHS organisations, improving
their resilience to cyber-attack and safeguarding their ability to provide services to
patients throughout England.
You will benefit from a real commitment to your personal and professional
development. A twice-yearly Performance Development Review process with
monthly checkpoint meetings, focuses upon your professional competencies and
identifies opportunities for improvement.
Our staff use the Civil Service Learning portal which allows access to the best
training courses across government.
You will have the opportunity to work on systems and services of unparalleled
scale and complexity.
You will benefit from a real commitment to your personal and professional
development.
The Terms and Conditions






A competitive salary.
Flexible working applications considered.
Family friendly benefits.
Annual leave starting at 27 days per annum plus statutory bank
holidays rising to 33 days with service.
An excellent contributory pension scheme.
This role includes a 20% RRP
Profession: Cyber Security
Please note, this role profile is an extract taken from the full job description of Cyber Security Principal Consultant
Profession: Cyber Security
Please note, this role profile is an extract taken from the full job description of Cyber Security Principal Consultant