Information Governance & Cyber Security Manager

Information Governance & Cyber Security Manager to lead the second line of defence across Information Governance, Cyber Security, Quality, and Digital Clinical Safety. This role oversees the operational delivery of InHealth's management systems, ensuring compliance, accountability, and consistency across the business. You will provide strong leadership, manage a dedicated team, and drive governance priorities that protect patients, staff, and services. This is a full-time permanent role, working remotely with travel to InHealth sites as part of the role.

Information Governance: Oversee policy frameworks, DPIAs, DSAs, and regulatory compliance, and lead the Data Security Protection Toolkit return.

Cyber Security: Manage security policies, lead ISO 27001 certification, embed data security practices, and oversee incident response.

Digital Clinical Safety: Maintain digital clinical safety policies (DCB0129/0160), ensure training compliance, and support safety case documentation.

Quality Management: Manage the Quality Management System (ISO 9001), coordinate audit programmes, and support executive-level decision-making with regulatory insights.

Cross-Domain Governance: Administer IG and Cyber Security Committee operations, oversee risk and action logs, and maintain compliance evidence and training records.

InHealth is the UK's largest specialist provider of diagnostic and healthcare solutions. Our aim is to make healthcare better for patients by working collaboratively with the NHS to deliver a range of high-quality tests, scans, assessments and procedures. In the last year, we have supported more than 5 million people in their healthcare journeys, the majority of these are NHS patients and service users.

As a people-focused organisation, our teams are integral in how we deliver our services and our values of Trust, Passion, Care and Fresh Thinking underpin everything we do, influencing the way we interact with patients, customers, and colleagues.

Our mission is to provide high-quality services within local communities to over 7 million patients by 2030. We are committed to ensuring that patients receive a positive experience, maintaining a 97% patient satisfaction rate.

We are seeking an Information Governance & Cyber Security Manager to lead the second line of defence across Information Governance, Cyber Security, Quality, and Digital Clinical Safety.

In this role, you will oversee the operational delivery of InHealth's management systems, ensuring compliance, accountability, and consistency across the business. You will provide strong leadership, manage a dedicated team, and play a key part in driving governance priorities that protect our patients, staff, and services.

This is a pivotal position for someone who is enthusiastic, motivated, and passionate about embedding high standards of quality and security across a healthcare organisation.

This is a full-time permanent role, working remotely. There will be travel to InHealth sites as part of the role.

What You Will Do

In this role, you will:

• Information Governance: Oversee policy frameworks, DPIAs, DSAs, and regulatory compliance, and lead the Data Security Protection Toolkit return.
• Cyber Security: Manage security policies, lead ISO 27001 certification, embed data security practices, and oversee incident response.
• Digital Clinical Safety: Maintain digital clinical safety policies (DCB0129/0160), ensure training compliance, and support safety case documentation.
• Quality Management: Manage the Quality Management System (ISO 9001), coordinate audit programmes, and support executive-level decision-making with regulatory insights.
• Cross-Domain Governance: Administer IG and Cyber Security Committee operations, oversee risk and action logs, and maintain compliance evidence and training records.

About You

You will bring expertise, leadership, and a collaborative approach to ensure information security and governance excellence.

• Proven experience in governance, risk, or compliance management within a healthcare or regulated environment.
• Strong knowledge of IG legislation, ISO standards, cyber frameworks, and NHS digital safety protocols.
• Lead Auditor qualifications in ISO 9001:2015, ISO 27001:2022, and ISO 14001:2015.
• Advanced proficiency with governance tooling and Microsoft platforms (SharePoint, Excel, Defender).
• Demonstrable leadership and team management experience across technical and clinical disciplines.

• Strong problem-solving, analytical and reporting skills.
• Excellent communication skills, able to translate complex issues clearly for all audiences.
• Motivational leadership, with the ability to influence and embed best practice across teams.
• High level of attention to detail and ability to manage competing priorities under pressure.
• A full UK driving licence.

• Approachable, professional, and empathetic.
• Dedicated to continuous improvement and professional development.
• Calm and resilient under pressure, with a proactive, solutions-focused mindset.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.