Find More Than 10K+
United Kingdom Jobs

About the Role

The IT Security and Risk Lead is responsible for establishing an enterprise security stance through policy, architecture, and training processes for international. Secondary this role is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.

Reporting to the CIO the role works across all areas of IT, ensuring that we meet our security and risks goals and objectives working closely with the Group security and the regional Heads of IT.

Key responsibilities:

Information Security Governance –

• Establish, communicate, and maintain Information Security policies, standards, procedures, and other documentation that support Information Security.
• Facilitate the development of an Information and cyber-Security strategy aligned with Life Healthcare’ IT governance model and its strategic goals and objectives.
• Design and develop security solutions and platforms including, Defence, Audit, Monitoring and Detection, Analysis and Reporting, etc.
• Practical planning and implementation of effective cyber defence and detection technologies
• Work with IT Ops on identified systems vulnerabilities to seek remediation.
• Identify current and potential legal and regulatory requirements affecting Information Security.
• Establish reporting and communication channels that support Information Security.

Information Security Risk Management –

• Establish a process for information asset classification and ownership.
• Implement a structured information risk assessment mitigation and reporting process.
• Ensure that threat and vulnerability evaluations are performed on an ongoing basis.
• Identify and periodically evaluate Information Security controls and countermeasures to mitigate risk to acceptable levels.
• Integrate risk, threat, and vulnerability identification and management into operational management and program delivery processes.

Information Security Program Management –

• Oversee the execution of Information Security programs.
• Oversee the performance of contractually agreed information security controls (e.g., with joint ventures, outsourced providers, business partners, and third parties).
• Provide Information Security advice and guidance (e.g., risk analysis, control selection) across the institution.
• Provide Information Security awareness, training, and education to stakeholders (e.g., business process owners).
• Monitor, measure, and report on the effectiveness and efficiency of Information Security controls and compliance with Information Security policies.

Information Security Incident Management and Response –

• Develop and maintain plans to respond to and document Information Security incidents.
• Develop and implement processes for preventing, detecting, identifying, analysing, and responding to Information Security incidents.
• Establish escalation and communication processes and lines of authority.
• Track and facilitate the investigation of Information Security incidents (e.g., forensics, evidence collection, and preservation, log analysis, interviewing).
• Provide guidance on the resolution of major Information Security incidents.

Please note, this is a homebased role. You must however be UK based as there will be a requirement to attend our Head Office, based in Warwick. This role is not eligible for sponsorship so you must therefore have the Right to Work in the UK.

Please note that we will be interviewing throughout the duration of this advert. Therefore if you are interested in this role an early application is advised as we may close the advert prior to the advertised date.

Benefits Of The Role

This role offers:

• Salary of £70,000 - £76,000 per annum DOE.
• 20% Bonus plan.
• Company car

In addition to the Alliance Medical offering of

• 5 weeks’ paid holiday each year plus UK Bank Holidays, plus you will have the flexibility to buy or sell up to 24 hours’ annual leave per year.
• Pension scheme.
• Life assurance.
• Cycle to work scheme.
• Employee Assistance Program.
• Healthcare plans.
• Eyecare vouchers.
• Discounted scans for friends and family.
• Discounts of food, retail and dining via our benefits App.

Required Skills and Experience

• Broad range of security technologies/products, standards, and methodologies.
• Information Security industry-standard certifications such as CRISC, CISA, CISM, or CISSP would be advantageous
• Security experience within a large complex corporate environment in the development of security plans, strategies, roadmaps, methodologies, and frameworks.
• Undergraduate or master’s degree preferably in one of the following areas Business Management, Information Systems, Computer Science, Engineering, and other related majors and/or
• 8+ Years of IT , Information Security, and Risk Management
• Familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, active directory, MFA, SIEM, vulnerability management,
• Cloud Access, Security Brokers, Data Loss prevention solutions, anti-virus, single sign-on, and Cryptography.
• Knowledge of common web technologies, and enterprise and network architecture.
• Proof for right to live and work in the UK,

About Alliance Medical

Alliance Medical Values:

Leaders, managers, and supervisors have a particular responsibility to be role models in terms of how they demonstrate these values themselves and how they engage their teams to work in this way.

Collaboration:

We work together and in partnership for all our patients. We respect expertise and combine it to achieve more.

Excellence:

We never compromise. We strive to deliver the very best in everything we do to ensure the highest quality of care. We treat our patients and each other with compassion, dignity, and respect.

Learning:

Knowledge and understanding comes from learning. At Alliance Medical we are committed to ensuring that each and every one of us keeps on learning and that we continuously look for improved ways of working.

Efficiency:

Efficiency in healthcare means more patients get better care. We constantly seek new ways to use the scarce resource of healthcare more intelligently so that more people can live longer, fuller lives.

Openness:

We act with transparency and honesty in everything we do, where staff is encouraged to speak up to ensure a safe and secure environment for our patients.