Head of Cyber Security - Bicester

Job summary

An exciting opportunity has arisen within the Digital Senior Leadership team at South Central Ambulance Service for a Head of Cyber Security (HCOS). We are looking for an enthusiastic, highly motivated, and flexible individual with excellent leadership, technical, interpersonal, communication and organisational skills to lead the Cyber Security Team responsible for safeguarding the Trust's information, physical assets and cyber infrastructure.

Strong stakeholder relationships are vital to this role, both within the trust and with external partners. With a proven track record in management and leadership, you will provide guidance, direction and mentorship to the team and help to develop junior members of staff in their careers. Alongside these responsibilities, it will be important to have a focus on continuous service improvement.

'Hybrid working is acceptable, your main base will be Northern House, Bicester. However, ability to attend SCAS sites as required is an important element of the post'.

Main duties of the job

The Head of Cyber Security (HCOS) will develop, implement and oversee the Trusts cyber security policies, procedures, and strategies.

The post holder has operational responsibility for the management of the Cyber Security team ensuring that effective cyber security measures are in place to enable the operation of safe, effective and efficient digital systems and services.

The primary purpose of the role is maintaining measures to prevent unauthorised data theft, loss & disclosure; minimising risk of interruption to business-as-usual services that might arise from malicious activity and; identifying and delivering new and more efficient models of cyber security.

The post holder will act as the Trusts expert on cyber security protection, detection, response, and recovery. The role will be responsible for the Trust's pro-active strategic approach to cyber threat management and will lead the strategic planning of current and future digital security solutions, researching and reviewing industry best practice and upcoming changes to technology.

The post holder will be an experienced leader, who will lead a dynamic team in delivering an effective Cyber Security service The post holder will own and be responsible for the completion of all digital and cyber elements of the Data Security Protection Toolkit in addition to working towards and maintaining Cyber Essentials (Plus) certification on behalf of the Trust and providing update reports for senior leaders.

About us

Benefits we offer:

• Full training and a range of courses which you can book locally.
• Holiday entitlement of 27 days, rising to 29 days after 5 years' service and 33 days after 10 years' service, plus an additional 8 days bank holiday (pro rata for part time).
• Automatic enrolment into the NHS Pension Scheme.
• Access to continual professional development within SCAS and the wider NHS.
• Occupational Health support and direct access to our Employee Assistance Programme as well as our own Health and Wellbeing Team.
• NHS Discounts in over 200 + stores saving money on holidays, days out, car insurance, restaurants, clothing and much more.
• Ability to join our staff networking groups (as a member, ally or just for interest).

Corporate Induction

It's really important for us to ensure you have the best onboarding experience which allows you to feel a sense of belonging from the start. To help with this, we will book your Corporate Induction as soon as we possibly can (depending on availability).

All new starters need to attend our *Corporate Induction in person, this is held over one and half days from our educational centres based in: Newbury (Berkshire), Bicester (Oxfordshire) or Whiteley (Hampshire). More specific details will be sent to you once your start date has been confirmed.

*Please note - depending on your role additional training may be required following on from your corporate induction.

Details Date posted

23 July 2025

Pay scheme

Agenda for change

Band

Band 8c

Salary

Depending on experience Pa Pro Rota Per annum

Contract

Permanent

Working pattern

Full-time

Reference number

195-25-251-TAM

Job locations

Bicester or Otterbourne

Bicester

OX26 6HR

Job description Job responsibilities

Please see the attached Job Description and Person Specification for a full list of responsibilities.

As a senior manager within SCAS you will be required to provide leadership to your team to ensure the effective provision of the service they provide and to champion change in the organisation. You will ensure that your staff are motivated and express a positive attitude towards the organisation. You will address any issues and concerns that may inhibit your staff from achieving both their personal and organisational goals.

The HOCS leads and owns the Trusts information security strategy; drives and owns the Trusts information security posture, using a risk based approach; and takes a comprehensive approach to information security. The HOCS leads IT security activities within the Trust, managing the information and technology risk to the Trusts IT facilities and information from internal and external threats; advises the Trust at a strategic level on existing and emerging threats; and owns and develops the necessary IT security policies, standards, and procedures.

Job description Job responsibilities

Please see the attached Job Description and Person Specification for a full list of responsibilities.

As a senior manager within SCAS you will be required to provide leadership to your team to ensure the effective provision of the service they provide and to champion change in the organisation. You will ensure that your staff are motivated and express a positive attitude towards the organisation. You will address any issues and concerns that may inhibit your staff from achieving both their personal and organisational goals.

The HOCS leads and owns the Trusts information security strategy; drives and owns the Trusts information security posture, using a risk based approach; and takes a comprehensive approach to information security. The HOCS leads IT security activities within the Trust, managing the information and technology risk to the Trusts IT facilities and information from internal and external threats; advises the Trust at a strategic level on existing and emerging threats; and owns and develops the necessary IT security policies, standards, and procedures.

Person Specification Qualifications Essential

• Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (eg ISO 27001/2)
• Educated to Masters level or equivalent industry experience

Desirable

• Management Qualification
• Technical accreditations (eg MS Certified Systems Engineer (MCSE))

Knowledge Essential

• Ability to think strategically and develop long-term plans and strategies.
• Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.)
• Significant experience working on both strategic & operational matters and managing digital services, at a senior level
• Significant experience in delivering and managing information security within large organisations
• Experience of developing and implementing digital & cyber security strategies, development programmes and business cases

Skills Essential

• Strong and effective leadership and people management skills
• Strong influencing, persuasion and negotiating skills to gain agreement from multiple stakeholders
• Highly developed verbal and written communication and presentation skills suitable for a range of audiences, including chairing of meetings
• Ability to work with and through others

Person Specification Qualifications Essential

• Formal certification (CISSP, CISM or CRISC) and/or formal training in information security standards and best practice (eg ISO 27001/2)
• Educated to Masters level or equivalent industry experience

Desirable

• Management Qualification
• Technical accreditations (eg MS Certified Systems Engineer (MCSE))

Knowledge Essential

• Ability to think strategically and develop long-term plans and strategies.
• Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.)
• Significant experience working on both strategic & operational matters and managing digital services, at a senior level
• Significant experience in delivering and managing information security within large organisations
• Experience of developing and implementing digital & cyber security strategies, development programmes and business cases

Skills Essential

• Strong and effective leadership and people management skills
• Strong influencing, persuasion and negotiating skills to gain agreement from multiple stakeholders
• Highly developed verbal and written communication and presentation skills suitable for a range of audiences, including chairing of meetings
• Ability to work with and through others

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Employer details Employer name

South Central Ambulance Service NHS Foundation Trust

Address

Bicester or Otterbourne

Bicester

OX26 6HR

Employer's website

https://scasjobs.co.uk/ (Opens in a new tab)

Employer details Employer name

South Central Ambulance Service NHS Foundation Trust

Address

Bicester or Otterbourne

Bicester

OX26 6HR

Employer's website

https://scasjobs.co.uk/ (Opens in a new tab)