Skip to main content
Please wait, loading
  1. Sector
  2. Administrative Services job search
  3. Job list
  4. Job details

Job summary

Main area
Cyber Security
Grade
Band 7
Contract
12 months (Fixed term/secondment due to maternity cover)
Hours
  • Full time
  • Flexible working
37.5 hours per week (.)
Job ref
082-AC006-0125
Employer
Health Education and Improvement Wales
Employer type
NHS
Site
Ty Dysgu
Town
Nantgarw
Salary
£46,840 - £53,602 per annum
Salary period
Yearly
Closing
06/02/2025 23:59
Health Education and Improvement Wales logo

Cyber Security Manager

Band 7

 

 

Job overview

An exciting, fixed term opportunity has arisen for a Cyber Security Manager within the Digital directorate at Health Education and Improvement Wales.

The post holder will be responsible for planning, organising, and managing cyber security tasks. This includes leading on security initiatives, implementing solutions to secure HEIW's environment, and promoting a culture of security awareness.

The ideal candidate will need to demonstrate excellent planning and administrative skills, technical prowess and a practical knowledge of cyber security concepts. An excellent communicator is required to build and establish close working relationships throughout HEIW and the wider NHS Wales community.

This post is Fixed Term/Secondment for 12 months due to maternity cover.

If you are interested in applying for the secondment position, you must obtain permission from your current line manager prior to applying for this post.

Main duties of the job

The post holder will be responsible for planning, organising, and managing cyber security tasks. This includes leading on security initiatives, implementing solutions to secure HEIW's environment, and promoting a culture of security awareness. The role involves working both as part of a team and independently on projects, providing essential input, feedback, and progress reports to stakeholders, while collaborating closely with team members and other departments across the organisation.

The post holder will offer expert advice to develop and implement effective security risk management strategies, playing a crucial role in integrating pragmatic security controls into operational processes. Moreover, the individual will be tasked with developing, monitoring, maintaining, supporting, and optimising the cyber security service.

This position will also entail the day-to-day line management of HEIW’s cyber security team.

The ability to speak Welsh is desirable for this post; Welsh and/or English speakers are equally welcome to apply.

Working for our organisation

Health Education and Improvement Wales (HEIW) is the strategic workforce body for NHS Wales with statutory functions that include education and training, workforce planning, workforce development and transformation, leadership and succession planning, and careers.  Our purpose is to develop a workforce that delivers excellent care to patients/service users and excellent population health. We are a Special Health Authority working closely with our partners; Social Care Wales, education providers, professional and regulatory bodies and Welsh Government.

HEIW’s is committed to developing an internal culture of choice. Our Values reflect our thoughts, feelings and beliefs in how we will, and will not, behave and treat others:

- Respect for All in every contact we have with others,

- Ideas that Improve: Harnessing creativity and continuously innovating, evaluating and improving,

- Together as a Team: Working with colleagues across NHS Wales and with partner organisations.

HEIW received the HPMA Award for Employee Engagement in 2019.

What you can expect:

- a corporate induction and 90 day Welcome itinerary,

- compassionate leadership,

- a meaningful values based performance appraisal process,

- the opportunity to impact upon health and social care services and the lives and wellbeing of the people of Wales.

Many of our colleagues and stakeholders have commented on the buzz and atmosphere we create by working together as “One HEIW Team”. Do you want to join that team?

Detailed job description and main responsibilities

You will be able to find a full Job Description and Person Specification attached within the supporting documents or please click “Apply now” to view in Trac.

Person specification

Qualifications and Knowledge

Essential criteria
  • Educated to Degree Level in a relevant IT subject (preferable cyber security) or equivalent experience.
  • Cyber security qualifications (e.g. CISSP, CISM, SSCP, CISMP) or equivalent level of work experience and knowledge.
  • Detailed knowledge of endpoint, server and/or network security.
  • Comprehensive understanding of cloud computing, service models (e.g. IaaS, PaaS, SaaS) and deployment models.
  • Understanding of the Network and Information Systems Regulations.
  • Excellent understanding of cyber security best practices, frameworks, standards, guidelines and terminology (e.g. ISO/IEC 27001, NIST CSF, CE, CE Plus, NCSC).
  • Evidence of continual professional development.
Desirable criteria
  • Applied knowledge of cyber security domains (e.g. risk management, asset management, security architecture, communications and network security, identity & access management, security operations and cyber incident response.
  • Application of cyber security in a healthcare and educational environment.
  • ITIL Foundation.
  • Recognised Project Management Qualification.

Experience

Essential criteria
  • Relevant experience working in cyber security, using relevant industry standards, security products and tools.
  • Experience implementing cyber security controls, process and performance monitoring.
  • Experience of implementing cyber security controls and measures across local and wide area networks to protect resources (e.g. devices, infrastructure networks, systems and services) from cyber security threats.
  • Thorough knowledge of a range of ICT domains acquired through qualification or relevant industry experience.
  • Experience of working with cyber security solutions. Specific experience of working with Security Information and Event Management (SIEM) solutions, vulnerability scanning solutions, threat protection solutions etc.
  • Evidence of cyber security or other relevant work outside formal training or employment (voluntary, research, academia, social media etc).
Desirable criteria
  • Leadership and team management experience.
  • Experience of working in fields other than cyber security.
  • Delivery of training to technical and non-technical employees.
  • Report writing, procedure development and presentation delivery.

Skills and Attributes

Essential criteria
  • Excellent communication and interpersonal skills.
  • Excellent problem solving and analytical skills.
  • The ability to effectively communicate complex technical information to technical and non-technical stakeholders.
  • Develop and maintain effective working relationships across multifunctional departments and teams.
  • Ability to work with service providers and colleagues throughout NHS Wales to deliver projects.
  • Able to manage complex workloads, multi-task in complex and sensitive environments.
  • Ability to effectively communicate with stakeholders when defining requirements and implementing solutions.
  • Effective document writing and presentation skills (e.g. letters, reports, presentation).
  • Ability to quickly understand and apply new technologies.
  • Ability to complete lessons learnt and root cause analysis of cyber security incidents.
  • The ability to assess and assist in the selection of good and best practice security controls and measures.
  • The ability to champion and embrace change in the drive towards continuous improvement.
  • Excellent organisational skills, the ability to work on own initiative, organise workload, organise team workload, work to tight deadlines and deliver projects with minimal support.
Desirable criteria
  • Detailed understanding of ICT.
  • Ability to speak Welsh.

Other

Essential criteria
  • The ability to work independently and as part of a team.
  • Self-motivated and committed to self-development and improvement.
  • Friendly and helpful nature when engaging with stakeholders.
  • Enthusiastic, committed, proactive and innovative.
  • Shows respect for others’ views and appreciate others’ inputs.
  • Willing to seek out learning opportunities.
  • The ability to provide and receive constructive feedback.
  • Flexible and adaptable approach to working.
  • Self-motivated and uses initiative to recognise problems and seek-out solutions.
  • The ability to work well with others, independently and work well under pressure.
  • Ability to travel within geographical area.
Stonewall Hyrwyddwr Amrywiaeth Diversity ChampionDisability confident committedDying to Work CharterERS Silver Banner WelshEmployer pledge demonstrating a commitment to change how we think and act about mental health

Applicant requirements

Welsh language skills are desirable

Documents to download

Apply online now

Further details / informal visits contact

Name
Ricky Hartland
Job title
Head of Cyber Security and Information Assurance
Email address
[email protected]

List jobs with Health Education and Improvement Wales in Administrative Services or all sectors

Apply online nowAlert me to similar vacancies
  1. Sector
  2. Administrative Services job search
  3. Job list
  4. Job details