Head of Information Security

Posted 25 October 2022
SalaryMarket related
LocationDevon
Job type Permanent
DisciplineDigital InnovationOffice jobs
ReferenceINT/HoIS/6488
Referral6488
ContactSian Heard

Job description

Head of Information Security 

These are no ordinary times for Newcross as a business - join us on a journey of process change & innovation as we transform into a technology company, while keeping people at the heart of every decision.  

Our mission is to become the world’s leading provider of healthcare services by creating a platform that connects healthcare workers directly to those in need of healthcare services. Our Massive Transformational Purpose is underpinned by the motto - “Systemise the transactional, so we can humanise the exceptional’.  

We're building a new platform from the ground up to enable us to enter a period of exponential growth and opportunity. We're redefining work for underserved Nurses & Carers by creating a biosphere of care, ensuring that every touchpoint with Newcross results in a positive experience they want to share with others.  

We've released several products that have had a fundamental impact on the business, and you'll be joining at a time when we are accelerating change across all departments.   

We challenge everything and believe wholeheartedly 'What got us here, won't get us there' - we must constantly evolve and improve to achieve our vision. Technology is a key driver of innovation at Newcross and you'll be an important contributor of ideas that push the company to the next level.  

This is a rare opportunity to join us in a new and highly strategic initiative in a senior role right at the start of the journey. We are looking for a Head of information security ready to step up for the next challenge to help bridge IT security with healthcare regulation. You will be reporting directly to the CTO and will initially need to be hands on while building the department over the next two years. 

About you 

You are a problem solver, a servant leader, and an excellent communicator. Your remit is to help set up the department that will raise the bar in how we protect a business that has global ambitions. As an innovator in cyber security it is key that you are able to scale your knowledge by creating repeatable documented security transformation processes that others across the business can implement and replicate.  

What you’ll be doing 

  • You will ultimately be building our CISO structure within 2 years whilst being hands on  

  • You’ll be responsible for building an integrated Privacy, Security and Governance capability within the organisation                  

  • You’ll be collaborating with in-house specialists across various functions including Clinical Governance, DevOps (infoSecOps), Corporate IT, Data, Legal & Product Engineering 

  • You’ll work closely with business and technology teams to communicate the Info Sec governance programme, identifying risks and threats, evaluating and helping implement controls and improvements 

  • You’ll challenge the status quo by incorporating the latest market developments/best practices and bring outside knowledge into the organisation 

  • You’ll attract and retain a high-performing Info Sec talent; you’ll coach and mentor a team to develop their professional career 

  • You’ll set individual and team OKRs to fulfil Newcross Healthcare’s values and vision 

  • You’ll facilitate periodic security testing activities (e.g. penetration testing, DR exercises) and prioritise and manage response activities 

  • You’ll improve and support relevant security metrics; analyse data, identify trends and drive improvements to the control environment 

  

What you need to know 

  • Demonstrated experience in a senior level Info Sec role 

  • Good balance of technical, management and policy hands on experience  

  • Passionate about building a strong Info Sec culture                                                             

  • Experience in aligning Info Sec controls to regulatory obligations (GDPR, HIPAA) 

  • Demonstrated ability to translate security requirements and standards into easily understood business concepts and vice versa 

  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, SOC2 and relevant industry certifications.  

  • You are fluent in the English language both spoken and written, confident in your communications ability and able to rapidly build relationships with a diverse range of stakeholders 

What we’re offering

  • Flexible working. Home Based with access to work in our office in central London for team meetings on an ad-hoc basis 

  • Company Performance Bonus up to 10% of your salary 

  • 28 days annual leave including Bank Holidays, increasing to 33 days after 12 months service. A further 5 days of annual leave can be earned through length of service.   

  • Subscription to online learning platform O’Reilly 

  • Hackathon days and personal development days 

  • Perks at Work and Medicash schemes giving you access to a 24/7 Employee Assistance Programme, cash back on a range of services including optical, dental and physio as well as exclusive employee pricing and discounts 

  • BUPA Private Medical Cover, a scheme that you will be asked if you wish to opt into 

  • MacBook & IT kit to help you stay productive