Cyber Security Lead

As Cyber Security Lead (Grade 8b subject to banding), you will provide strategic leadership, governance and assurance for cyber security across The Christie NHS Foundation Trust, acting with delegated authority from the CIO and SIRO. You will ensure cyber security enables safe, resilient, and trustworthy digital services that protect patient information and support clinical care, aligned to the Trust and Digital Strategies and national NHS cyber priorities.

You will oversee cyber security services delivered by internal teams and third-party suppliers, maintain a clear view of cyber risk exposure, and provide high-quality reporting and escalation to senior governance and Board-level forums.

• Develop, own and maintain the Trust Cyber Security Strategy and Roadmap, aligned to Trust objectives and national NHS cyber policy.
• Act as the Trust's senior authority on cyber security risk, providing expert advice, assurance, and appropriate challenge to executive and Board-level forums.
• Translate national requirements and frameworks (including DSPT & the NCSC Cyber Assessment Framework) into pragmatic, risk-based controls and improvement plans.
• Establish and maintain robust governance, policies, standards, and assurance processes; lead the annual Data Security and Protection Toolkit submission.
• Maintain oversight of the cyber security risk register to ensure risks are assessed, owned, mitigated, and escalated appropriately.
• Provide high-quality cyber risk and assurance reporting to Digital governance groups, Audit/Risk & Assurance Committees, & the Trust Board.
• Provide strategic oversight of cyber operations (monitoring, incident response, vulnerability management, identity & access management) delivered internally & via third parties; assure the effectiveness of managed services.
• Embed secure-by-design principles across architecture, procurement, and project delivery; provide cyber input to high-risk initiatives, including risk assessments, threat modelling, & assurance reviews.
• Promote a positive security culture through engagement & awareness activities across clinical, operational, and corporate teams.
• Contribute to business continuity, disaster recovery, & cyber resilience planning, including exercises, testing, & post-incident learning; participate in out-of-hours incident response where required.

The Christie is one of Europe's leading cancer centres, treating over 60,000 patients a year. We are based in Manchester and serve a population of 3.2 million across Greater Manchester & Cheshire, but as a national specialist around 15% patients are referred to us from other parts of the country. We provide radiotherapy through one of the largest radiotherapy departments in the world;

chemotherapy on site and through 14 other hospitals; highly specialist surgery for complex and rare cancer; and a wide range of support and diagnostic services. We are also an international leader in research, with world first breakthroughs for over 100 years. We run one of the largest early clinical trial units in Europe with over 300 trials every year. Cancer research in Manchester, most of which is undertaken on the Christie site, has been officially ranked the best in the UK.