Head of Cyber, Band 8b

The Head of Cyber Security is the expert responsible for protecting the confidentiality, integrity and availability of digital services and patient information across acute, community, mental health and primary care partners; our Gloucestershire Integrated Care System (ICS). Protecting our staff, systems and safeguarding our patient data from harm by ensuring technology and information that underpins patient care remains safe, available and trustworthy is of utmost importance and key in in enabling delivery of safe patient care by our 15,000+ staff with confidence, transparency and compliance.

We take pride in placing people at the centre of everything we do, working together as a united team. Driven by a shared ambition to continually grow, develop, and learn, we recognise and value every contribution. By combining our experience and skills, we not only support our vibrant, diverse communities, but also support one another.

The post holder will provide strategic and operational leadership of the Cyber Security Team and acts as the expert adviser to the Chief Delivery & Governance Officer, SIRO, Caldicott Guardian and Audit Committees on all cyber-security matters, working closely with the Information Governance lead and DPO.

They ensure compliance with the Data Security and Protection Toolkit (DSPT) aligned with the Cyber Assessment Framework (CAF) and delivery of the NHS Cyber Security Strategy to 2030 and full participation in the regional "Defend as One" model. The role combines governance, assurance and hands‑on leadership of proactive and preventative tactics, threat intelligence, incident response, vulnerability management, strategy and cultural change to build cyber resilience across the Integrated Care System (ICS).

They will have a proven track record of managing and improving cyber resilience within large, complex or multi‑organisation environments; ideally within the NHS or wider public sector. They will possess deep technical and governance expertise across areas such as threat detection, vulnerability management and incident response, with the ability to translate complex technical risk into clear, articulate, actionable information for senior executives and boards with assurance and confidence.

They will demonstrate a thorough understanding of national and international cyber standards, including the Cyber Assessment Framework (CAF), Data Security and Protection Toolkit (DSPT), ISO 27001, and the NHS Cyber Security Strategy to 2030. Experience of successfully leading cyber compliance programmes, external audits and penetration-testing remediation is essential, alongside a strong grasp of modern tooling such as MS Defender for Endpoint, Sentinel, SIEM and vulnerability-scanning and asset management platforms.

The successful candidate will bring experience in leading multidisciplinary cyber teams, developing capability through mentoring and training and fostering an open culture of shared responsibility for cyber security.

With a team of over 9,000 employees, we are proud to be the largest employer in Gloucestershire and rank among the top 10 largest Trusts in the South West region. By joining our Trust, you will benefit from an excellent package that includes exclusive benefits, flexible working opportunities and the chance to gain valuable experience in one or both of our innovative hospitals.

As well as generous annual leave allowance, you will have access to the excellent NHS pension scheme, competitive bank rates, discounts at local shops and restaurants, access to two on‑site nurseries, discounted public transport, reward and recognition and a range of health and wellbeing initiatives to support you.