155 jobs found

Job Title: Head of Cyber Security Delivery Job Family: Head of Cyber Security Job Group: Solutions Job Band: B Days: Monday to Friday Hours: 40 hours per week Typically reports to Chief Information Security Officer Classification: Confidential Role Purpose The Head of Cyber Delivery is accountable for defining, mobilising and executing the Cyber Security change portfolio in alignment with the organisation's cyber strategy. Operating within the Cyber Security Leadership Team and reporting directly to the CISO, the role ensures that strategic cyber objectives are translated into structured, governed and measurable programmes of delivery across a complex, highly regulated Critical National Infrastructure (CNI) environment. This position operates at the intersection of Cyber Security, Enterprise IT, Operational Technology (OT), and Business Leadership, ensuring that cyber initiatives are aligned with enterprise risk appetite, regulatory obligations, and operational resilience priorities. Specific Responsibilities Translate the enterprise Cyber Security Strategy into an executable, prioritised and governed delivery roadmap. Lead and mature cyber programme and project delivery disciplines across the Cyber function. Ensure compliance with UK regulatory frameworks applicable to aviation and Critical National Infrastructure. Strengthen Heathrow's cyber resilience posture in the context of evolving threat landscapes. Ensure cyber investment delivers measurable risk reduction and operational value aligned to business objectives. Programme & Project Delivery Lead a team of Cyber Project Managers responsible for delivering a portfolio of security transformation initiatives. Oversee large-scale change programmes spanning IT, OT and airport operational environments. Ensure delivery methodologies are appropriate for a regulated CNI context (e.g., hybrid agile/waterfall, structured assurance checkpoints). Manage interdependencies across technology, operational and regulatory workstreams. Ensure delivery outcomes are measurable in terms of risk reduction, control maturity and compliance uplift. Regulatory & Compliance Alignment UK aviation security frameworks CNI requirements Data protection legislation Relevant standards such as National Cyber Security Centre guidance and ISO/IEC 27001 Stakeholder & Relationship Management Cyber Security leadership CIO and senior IT leadership Operational airport leadership External partners and suppliers Regulatory authorities Capability & Team Leadership Develop and mature the Cyber Delivery function, embedding best practice programme and portfolio management disciplines. Provide functional oversight to technical teams delivering cyber capabilities. Establish a performance culture focused on accountability, transparency and continuous improvement. Mentor and develop Cyber Project Managers and delivery leads. Financial & Commercial Oversight Own cyber delivery budget tracking, forecasting and benefits realisation management. Oversee supplier performance and contract delivery in conjunction with Commercial and Procurement teams. Qualifications and Experience Experience (Essential): Minimum 5 years' experience in a senior cyber, technology or security delivery leadership role. Demonstrable experience leading large-scale transformation programmes in complex, highly regulated environments. Experience operating within Critical National Infrastructure sectors (e.g., aviation, transport, utilities, defence). Proven track record of delivering cyber security capabilities at enterprise scale. Experience engaging directly with executive stakeholders and regulators. Exposure to aviation sector environments and understanding of airport operational systems. Essential Skills: Strong portfolio and programme governance expertise (e.g., MSP, PRINCE2, SAFe or equivalent frameworks). Deep understanding of cyber risk management, threat landscapes and control frameworks. Ability to align cyber investment to quantified risk reduction and business outcomes. Executive-level communication and reporting capability. Advanced stakeholder management and influencing skills. Financial acumen including budget management and benefits realisation. Strong leadership capability across matrix and federated structures. Desirable Skills: Experience integrating IT and Operational Technology (OT) security programmes. Knowledge of aviation-specific regulatory environments. Familiarity with NIS Regulations and UK CNI oversight structures. Experience in crisis management or cyber incident recovery programmes. Exposure to cloud security transformation and identity modernisation initiatives. Education & Professional Certifications: Bachelor's degree in Cyber Security, Information Security, Computer Science, Engineering or related discipline (or equivalent professional experience). Relevant certifications such as CISSP, CISM, CRISC, MSP / PRINCE2 Practitioner, PgMP or equivalent senior programme qualification (desirable). Personal Attributes Strategic thinker with strong execution discipline. Credible and authoritative leader within technical and business environments. High integrity and resilience under pressure. Collaborative, transparent and outcome-driven. Comfortable operating in a highly visible, mission critical national infrastructure setting.

Team Information Security Working Pattern Hybrid - 2 days per week in the Vitality Bournemouth Office. Full time, 35 hours per week. We are happy to discuss flexible working! Top 3 skills needed for this role Information Security Governance & Risk Leadership Regulatory & Framework Expertise (ISO27001, GDPR, NIST) Stakeholder Communication & Security Culture Influence What this role is all about As Senior Information Security Officer, you'll drive a business wide security agenda, shaping how we identify, assess and manage risk while keeping pace with evolving threats and regulations. Working closely with the CISO, you'll turn strategy into action, lead our Security Governance team, and ensure our security posture not only protects but enables the business to thrive. Key Actions Lead the continuous improvement of Vitality's ISO27001 framework and Information Security Management System (ISMS), ensuring ongoing compliance Deliver key security initiatives that bring the Information Security Strategy to life and drive measurable impact Own and mature Information Risk management in alignment with the Enterprise Risk Framework Act as a trusted advisor on regulatory requirements and best practice frameworks (ISO27001, GDPR, NIST, ITIL), protecting the confidentiality, integrity and availability of systems Lead security governance forums and manage the Information Security Governance team, including the Information Risk function Embed security across projects and development lifecycles, ensuring risks are identified, assessed (including DPIAs), and effectively mitigated Oversee supplier and third party security risk, working closely with Cyber Security Operations to protect Vitality's wider ecosystem Drive a strong security culture by maintaining policies, delivering compliance reviews, and rolling out engaging awareness and training programmes What do you need to thrive? Minimum 5 years' experience working in an Information Security Environment Proven experience in assessing and managing supplier and third party security risk Strong communication skills, with the ability to translate technical concepts into clear, business friendly messaging and produce high quality documentation (policies, standards, project artefacts) Demonstrated experience working across projects and development lifecycles (SDLC), including Agile environments Hands on experience implementing and maintaining ISO27001 and broader security governance frameworks (e.g. ISO27001/2, NIST, PCI DSS) Solid understanding of data protection and regulatory requirements (e.g. FCA, ICO, PRA, GDPR) and how to apply them in practice Ability to balance risk, compliance and business objectives in a fast paced, evolving environment So, what's in it for you? Bonus Schemes - A bonus that regularly rewards you for your performance A pension of up to 12% - We will match your contributions up to 6% of your salary Our award winning Vitality health insurance - With its own set of rewards and benefits Life Assurance - Four times annual salary

Data Protection Manager Behind every safe healthcare service is information that is protected, managed and used responsibly. At IC24, the way we handle information directly impacts patient trust, regulatory compliance and the quality of care we provide. Every data request processed, every information sharing decision made and every cyber security measure implemented plays a part in keeping our patients, colleagues and organisation safe. The Role We're looking for a Data Protection Manager who understands that information governance is more than compliance - it's about protecting people. This role sits at the centre of how IC24 manages data protection, information governance and information security. You'll work closely with senior leaders, operational teams, clinical colleagues and external partners to ensure we meet our legal, regulatory and organisational responsibilities. You'll lead the operational delivery of data protection and information governance across the organisation, acting as the primary internal lead while working alongside our appointed external Data Protection Officer (DPO). You'll provide expert advice, manage compliance activity and help shape how we respond to an increasingly complex information and cyber security landscape. This is not just about policies and processes. It's about ensuring information is handled safely, securely and in a way that supports high quality patient care. What you'll focus on Leading data protection and governance - oversee information governance and data protection activity across IC24, ensuring compliance with UK GDPR, DSPT and wider regulatory requirements. Managing requests and risk - lead on SARs, FOIs, DPIAs and information sharing arrangements, ensuring requests are handled efficiently and risks identified early. Strengthening information security - working closely with IT and security teams, support cyber security initiatives, incident response and organisational awareness. Providing expert advice - act as a trusted advisor to colleagues and senior leaders, helping them navigate complex data protection and information governance matters. Driving improvement - using audits, reviews and compliance monitoring to identify opportunities to strengthen governance, reduce risk and improve organisational practice. What matters in this role Has significant experience in Data Protection, Information Governance, Freedom of Information or Cyber Security. Holds a recognised Data Protection or Information Governance qualification (or is actively working towards one) and keeps up to date with evolving legislation, guidance and best practice. Possesses strong knowledge of UK GDPR, data protection legislation and information governance frameworks. Has experience working within the NHS, healthcare or another highly regulated environment. Can interpret complex legislation and provide practical, outcome focused advice to colleagues and senior stakeholders. Has strong analytical and problem solving skills, with the ability to assess risk and make sound recommendations. Builds strong working relationships and takes a proactive approach to continuous improvement. Who are we? We are Integrated Care 24 (IC24), the leading not for profit Social Enterprise providing innovative and patient focused primary care services. IC24 is committed to improving access to health and social care for our patients and reducing the demand on secondary care services. IC24 provides services to over 6million patients, including GP led out of hours services, NHS 111, primary care and secondary care support services. Location Ashford - Kent. Hybrid working with flexibility based on service need. What's in it for you? Annual Salary of £40,000. Opportunity to join the NHS Pension Scheme. Additional annual leave above statutory minimum based on service. Enhanced family leave (maternity, paternity and adoption leave and pay). Inclusive wellbeing benefits. Employee Assistance Programme including free 24/7 independent counselling and occupational health services. Professional development opportunities. Free membership to our reward and discount platform. Access to Blue Light Card and other NHS Discount Schemes. Due to the nature of this position, employment is subject to proof of eligibility to work in the UK, completion of a satisfactory enhanced DBS disclosure and two references. Equal Opportunities We are committed to providing equal opportunities for all and encourage applications from ethnic minorities, those with disabilities, LGBTQ+ communities, neurodiverse individuals, and other under represented groups. We're dedicated to creating an inclusive environment where everyone feels they belong. We celebrate brave ideas and brave people.

About this job Summary of Role The Head of Business Operations will play a key leadership role within The Brain Charity, leading and overseeing the effective and safe delivery of a range of business and operational activities. This includes responsibility for premises management, health and safety, data protection compliance, ICT systems, and operational services such as room hire and café provision. Working closely with the Chief Executive Officer and senior colleagues, the role will ensure that systems, processes and services run efficiently, meet regulatory requirements, and support the charity's wider objectives. The postholder will also lead on continuous improvement, oversee operational performance, manage budgets and commercial activities, and develop sustainable income-generating services that support people living with neurological conditions. Management of Physical Assets Hold responsibility for the organisation's assets register. Ensure that all buildings owned by the organisation and their fixtures and fittings are maintained to a high standard in a cost-effective way. Health & Safety, Security & Business Continuity Provide leadership and assurance on the effectiveness of Health & Safety controls across the organisation. Ensure the safe, secure and continuous operation of the charity's premises, including oversight of access arrangements, security controls, and incident response. Ensure Health & Safety and food safety policies are in place, effectively implemented, embedded into day to day operations, and consistently monitored to maintain full compliance across all operational activities. Ensure statutory checks, monitoring activities and remedial actions are completed, documented and reviewed in line with regulatory requirements. Maintain organisational readiness for incidents affecting premises safety, security, or continuity of service delivery, and act as the designated Deputy within the Business Continuity Plan, carrying out responsibilities in line with the defined scope and actions of the plan. Act as a designated security key holder and first point of contact for premises alarm activations and building security incidents, ensuring appropriate timely response and escalation. Data Protection & GDPR Support and contribute to ensuring compliance with GDPR and data protection legislation across the organisation. Support the CEO and senior leadership team in meeting data protection responsibilities, including compliance reporting and engagement with the ICO and Subject Access Requests where required. ICT, Digital & Systems Oversight Provide oversight of ICT infrastructure, Microsoft 365 accounts and CRM systems, ensuring they support operational and business objectives. Produce and present quarterly reports covering ICT performance, KPIs, system risks and improvement activity. Manage supplier relationships and contracts for IT support services, including due diligence, contract management and renewal. Support ICT and CRM development initiatives in line with organisational priorities. Ensure compliance with Cyber Essentials requirements and oversee the organisation's cyber security posture. Operational Management Take responsibility for improving the performance, productivity, efficiency, and profitability of the café, room hire services. Work collaboratively with the Communications Team to support the promotion and advertising of business activities, including room hire and café services. Lead and manage facilities refurbishment and improvement projects, ensuring they are delivered safely, on time and within budget. Oversee contractor engagement ensuring compliance with Health & Safety and contractual requirements during works. Ensure appropriate insurance policies are in place, regularly reviewed and maintained in line with organisational risk exposure. Act as the operational lead for insurance related matters, including renewals and claims support. Support the CEO and Trustee Board with financial matters relating to business activities as required. Monitor and analyse business data, producing reports and delivering presentations to senior management and the trustee board. Set and manage budgets for existing product and service delivery. Forecast sales targets and monitor progress against these. Contract Type: Permanent Closing Date: 03/07/2026 Proud member of the Disability Confident employer scheme

Great British Energy (GBE) is a publicly owned energy company, created to accelerate the deployment of clean energy technologies and to ensure UK taxpayers, billpayers, communities and the energy workforce reap the benefits of a clean and secure energy system. Reporting to the Chief Executive Officer, the Chief Corporate Officer (CCO) will translate GBE's strategic vision into operational excellence, ensuring the organisation is equipped to deliver on its growth and public value objectives. This includes designing and implementing a digital first operating model, driving productivity, resilience, and public trust, and embedding a culture of continuous improvement. Reporting directly to the CEO and serving as a key member of the Executive Leadership Team (ELT), the CCO leads corporate functions such as Corporate Services (IT/Estates), Data, Digital & AI, Procurement and supply chain management, and Health, Safety, Sustainability & Social Responsibility. The CCO will line manage the HR Director and work closely with the General Counsel to ensure alignment across governance, compliance, and people strategy. The CCO will champion operational excellence, commercial discipline, and digital transformation across all corporate functions, ensuring compliance, safety, sustainability, and strong stakeholder engagement. Key Responsibilities Implement the Target Operating Model (TOM) across corporate functions; set SLAs and KPIs that enable market-facing verticals to deliver outcomes efficiently. Lead the design and implementation of scalable operational processes to support rapid growth and adaptation in the evolving energy sector. Data, Digital & AI Own strategy, architecture, and secure operations; champion automation and data governance for end-to-end business processes. Drive digital transformation, leveraging technology and data analytics to improve efficiency, transparency, and innovation. Work with Divisional Managing Directors to implement the key digital enablers of their go-to-market strategies and simplified customer journies. Procurement & supply chain management Lead group procurement policies (Procurement Act/MPM alignment), contract management, and internal outsourcing strategies; support grant delivery processes where applicable. Build and manage resilient supply chains and strategic vendor partnerships (those not specific to asset development or operations), ensuring commercial discipline and value for money. Health, Safety, Sustainability & Social Responsibility (HSSR) Establish best-in-class safety management systems; embed nature-positive practices and social responsibility in operations. Ensure full compliance with health, safety, environmental, and regulatory requirements, and lead on ESG and sustainability reporting. Corporate services Oversee IT operations, estates/facilities, and enterprise platforms; ensure business continuity and cyber resilience. Governance & assurance Coordinate with Board/ELT committees; uphold standards of transparency, accountability, and public value. Represent GBE with key external stakeholders, including regulators, industry partners, and local communities. Leadership & culture Build high-performing teams; role-model GBE values; partner with the HR Director on organisation-wide change and engagement. Foster a high-performance, inclusive, and values-driven culture, mentoring and developing senior leaders across the organisation. Person Specification Essential Experience and Skills Executive leadership of complex corporate functions at scale, delivering measurable service excellence. Proven experience as a COO / CCO or senior operational leader in energy, renewables, infrastructure, or a comparable sector. Strong commercial acumen and financial literacy, with experience managing large budgets and contracts. Track record of digital transformation, data governance, and cybersecurity stewardship. Deep experience of public procurement policy and contract management. Demonstrated success in scaling operations in a fast-growth or start-up environment. Proven Health & Safety leadership and integration of sustainability principles. Deep understanding of UK and international energy markets, regulatory frameworks, and public sector governance. Exceptional leadership, change management, and communication skills, with the ability to build high-performing teams and drive organisational culture. Operating model design in matrix organisations, ideally with energy sector familiarity. International operational experience, bringing a global perspective to strategy and delivery. Experience with advanced digital transformation initiatives and data analytics. Advanced degree (e.g., MBA or MSc in Engineering, Operations, or related discipline) Qualifications: Bachelor's degree in business, engineering or related field (required). Advanced degree (MBA or equivalent) preferred. Relevant professional certifications (e.g., CIPS, NEBOSH, Prince2) are advantageous. Apply Now Click the Apply Now link below to apply for this role. You will need to submit your CV, Covering Letter and complete the equal opportunities questionnaire. To arrange a confidential conversation, please contact the Edinburgh office via or call us on . Contact the team at FWB to discuss your individual or company requirements, or to discover more about our specialist services.

Head of Cyber Defence Location: London, GB, N1 9FN Ingenico is the global leader in payments acceptance solutions. As the trusted technology partner for merchants, banks, acquirers, ISVs, payment aggregators and fintech customers our world-class terminals, solutions and services enable the global ecosystem of payments acceptance. With 40 years of experience, innovation is integral to Ingenico's approach and culture, inspiring our large and diverse community of experts who anticipate and help shape the evolution of commerce worldwide. At Ingenico, trust and sustainability are at the heart of everything we do. The Head of Cyber Defense is accountable for protecting the organisation from cyber threats by leading the strategy, governance, and operational execution of all defensive security capabilities. Reporting directly to the Chief Information Security Officer (CISO), the role provides leadership across threat detection, incident response, vulnerability management, application security, cloud and platform security, and identity security. The organisation operates a Managed Security Service Provider (MSSP/MSP) model for Security Operations. The Head of Cyber Defense owns the relationship, performance oversight, and strategic direction of the MSP to ensure high quality, risk aligned security operations. The role leads five specialist domains through the following direct reports: Lead - SecOps Incident Management & Response, Lead - Application Security & Vulnerabilities, Lead - Cloud & Platform Security, Lead - IAM/PAM, and Lead - Incident Response and Cyber Resilience. Key Results Areas 1. Strategic Leadership & Cyber Defense Architecture Define and execute the organisation's Cyber Defense Strategy, ensuring alignment with business objectives and the wider security strategy set by the CISO. Own the end-to-end cyber defense operating model across Enterprise and Tech Ops BAU, ensuring consistent protection and response. Develop and maintain a cohesive defense architecture across detection, response, identity, cloud, and application security. Ensure alignment between internal teams, Tech Ops, and third-party providers (MSSP, platform teams). Drive continuous improvement and maturity uplift across all defensive capabilities. Ensure cyber defense strategy, architecture and control priorities are informed by current threat intelligence, attacker techniques and incident trends. 2. Security Engineering & Platforms Own cybersecurity engineering across endpoint protection (EDR/XDR), network security, email and collaboration security, and cloud and platform security (including Azure, AWS, GCP). Drive secure by design implementation for security tooling, platforms, and integrations. Ensure scalability, resilience, and operational effectiveness of all security controls. 3. Security Operations Oversight (MSP Delivered) Act as the senior owner of the MSP relationship for Security Operations. Set performance expectations, SLAs, KPIs, and quality standards for SOC services. Ensure effective threat detection, triage, escalation, and incident response processes. Own the quality, coverage and continuous improvement of security detection use cases, including validation, tuning and effectiveness of detections delivered by internal platforms and the MSP. Ensure clear escalation paths, governance, and continuous improvement of MSSP services. Lead service reviews, challenge performance, and ensure the MSP delivers measurable risk reduction. 4. Security Incident Response, Crisis & Tabletop Exercises Provide executive oversight of major cyber incidents, ensuring coordinated response across internal teams, MSP, and external partners. Serve as the senior escalation point for high severity incidents. Ensure effective coordination during major incidents with Legal, Data Protection, Communications and senior management, including regulatory and customer impact assessment where required. Ensure post incident reviews, root cause analysis, and remediation plans are completed and embedded. Lead crisis management, preparedness, incident tabletop exercises and crisis simulations across Enterprise IT, and coordinate with Technology security/operations where required. Ensure lessons learned are captured and translated into improved controls and processes. Ensure cyber resilience and technical recovery readiness are embedded into incident response, including coordination with IT disaster recovery and business continuity teams from a cyber perspective. 5. Vulnerability, Application, and Platform Security Oversee the organisation's vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks. Ensure cloud and platform security controls are effectively designed, implemented, and monitored to support proactive vulnerability management. Define prioritisation, risk based remediation expectations, and escalation for unaddressed vulnerabilities and weaknesses. Ensure effective coordination between teams, including MSP, Product Security, and Technology Ops. 6. Identity, Access, and Privileged Access Management Provide strategic direction for IAM and PAM capabilities, ensuring robust identity governance, access control, and privileged account security. Own global IAM and PAM security from a cyber defense perspective, including technical security architecture, monitoring and detection of identity based threats, and privileged access controls and abuse detection. Oversee the adoption of Zero Trust principles across identity and access. Ensure all cyber defense activities align with regulatory, legal and policy requirements. Contribute to enterprise risk assessments and provide expert input on cyber risk posture. Support the Head of Security Risk Management with evidence and material for audits, risk assessments and customer assurance. Produce clear reporting for the CISO, senior leadership, and governance committees. Lead, mentor, and develop a team of senior security specialists and domain leads. Foster a culture of accountability, innovation, and continuous improvement. Build strong relationships with technology, risk, compliance, and business stakeholders. Candidate Requirements Skills & Experience - Essential Proven leadership experience in cyber defense, security operations, or incident response at scale. Strong understanding of modern security architectures, cloud security, identity security, and application security. Experience managing or governing MSP/MSSP delivered security services. Demonstrated ability to lead during high pressure cyber incidents. Strong stakeholder management and communication skills, including reporting to senior executives. Deep knowledge of threat landscapes, attack techniques, and defensive controls. Experience in regulated industries. Certifications such as CISSP, CISM, CCSP, GIAC, or equivalent. Experience implementing Zero Trust, DevSecOps, or advanced detection engineering. As part of our values, we embrace diversity and inclusion at Ingenico. We are an equal opportunity employer and do not discriminate on the basis of an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status or any other protected characteristic under applicable law, whether actual or perceived. Ingenico welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. We want to adapt our processes and create a safe work environment that welcomes everyone. To learn more about what it's like working inside Ingenico, follow us onLinkedIn

As the Chief Information Security Officer (CISO) for the Actuation GBU/subsidiary, you play a central role in safeguarding the integrity, confidentiality, and availability of all Information Systems (IS) across the GBU's sites. You report hierarchically to the CISO of Safran Electronics & Defense and functionally to the Actuation GBU IT Department. You are responsible for ensuring compliance with all applicable internal and external security frameworks, including (subject to nationality constraints): Safran Information System Security Policy NCSC Cyber Assessment Framework France IGI 1300 Export Control, ITAR, and related regulatory requirements Key Responsibilities Governance & Compliance Oversee and monitor accreditation and approval processes for all local IS within your scope. Ensure compliance with Safran ISS policies and all relevant national and international regulations. Contribute to defining security objectives and requirements for IS across the GBU. Develop, implement, and maintain IS security procedures. Conduct audits and continuous monitoring to ensure adherence to ISS rules. Monitor local enforcement of applicable data protection and regulatory requirements. Security Expertise & Project Support Provide ISS expertise and support for GBU IT projects, including Secure by Design practices. Support Industrial Management teams in securing operational and industrial environments. Act as the primary ISS point of contact for local authorities and external contractors. Awareness, Training & User Engagement Advise, inform, and raise awareness among users on ISS best practices (encryption, removable media, travel procedures, etc.). Deliver onboarding ISS training for newcomers and recurring awareness sessions for all staff. Conduct targeted awareness sessions for newly authorized personnel or those renewing authorization. Incident Response & Operational Security Manage ISS alerts originating from Safran CERT/SOC and the SED ISS operational unit. Handle alerts on administrator and user workstations, including first level forensic analysis, user interviews, and coordination with Local Support teams. Escalate issues requiring clarification or broader company involvement to central ISS teams. Candidate Profile Master's degree in cybersecurity, information systems, or a related field (or equivalent experience). Broad, versatile expertise in information systems security. Knowledge of British, US, French, or European regulations related to the protection of national defence information is a strong advantage. Excellent interpersonal and communication skills, with the ability to educate and influence stakeholders at all levels. Demonstrated availability, reliability, and strong team spirit. Comfortable working in an international, multi site environment with regular travel.

Would you like to join a centre of excellence in rural and remote healthcare? Chief Nursing Information Officer (CNIO) NHS AfC: Band 8b Main area Digital Management - 202119 Grade NHS AfC: Band 8b Contract Permanent Hours Full time Flexible working 37.5 hours per week Job ref 262-A-26- Site Trust wide Town Carlisle Salary £66,582 - £77,368 Per annum Salary period Yearly Closing 23/06/:59 Job overview Chief Nursing Information Officer Are you passionate about making a difference to the lives of people in Cumbria? Do you enjoy working with people and supporting them to transform the way they work? Are you passionate about improvement and change? If so, we'd love to hear from you! An exciting opportunity exists for a Chief Nursing Information Officer to work with our Care Collaboratives and Digital Programmes team, helping to support a transformational digital modernisation programme and introduce an electronic patient record system. The CNIO role combines knowledge of patient care, digital technology and change management to effectively address the information and knowledge needs of healthcare professionals and patients to promote safe, effective, and efficient use of Digital Health solutions in clinical settings. The post holder will act as a change agent working with nursing and clinical leadership teams to identify, develop, plan, implement, and measure initiatives that deliver the digital strategy and support quality patient care and professional practice. If you are enthusiastic, experienced, highly motivated, respond positively to new challenges, and want to be involved in delivery of digital improvements in healthcare in Cumbria and have what we are looking for, we would be delighted to hear from you. If you would like an informal chat about the role, please contact us. Main duties of the job The CNIO role combines knowledge of patient care, digital technology and change management to effectively address the information and knowledge needs of healthcare professionals and patients to promote safe, effective, and efficient use of Digital Health solutions in clinical settings with the ultimate aim of improving patient outcomes. The post holder will act as a change agent working with nursing and clinical leadership teams in the identification, development, planning, implementation, and measurement of initiatives that deliver the digital strategy to support quality patient care and professional practice. The CNIO will work closely with the Chief Clinical Information Officer (CCIO), Associate Director of Digital and Head of Digital Programmes to deliver the Trust's digital strategy with particular focus on making the digital strategy work for clinicians, supporting the objectives to: Use technology and information to enable smarter, safer working. Digitise our health and care records so that information can be shared quickly, appropriately, securely, to improve health outcomes. Provide public facing digital services. Understand our data and its context to be able to make informed decisions to improve patient care and population health. Working for our organisation At NCIC, we have an ambition to deliver outstanding healthcare services to the population of North Cumbria. The Trust is committed to creating a centre of excellence in providing rural and remote healthcare and provides a wide range of community and acute services throughout our county. Our five key principles demonstrate our belief in the delivery of "safe, high quality care every time": Being a clinically led organisation. Quality and safety at the heart of our Trust. A positive patient experience every time. A great place to work. Managing our money well. As an organisation we are serious about supporting a diverse workforce that reflects our local community and are very much focused on being an inclusive and compassionate place to work. Across the North East and North Cumbria we are working together to deliver our ambition to be the greenest region in England by 2030. All staff are expected to support sustainability. Person specification Qualifications Professional nursing or AHP qualification. Registered with relevant Professional Regulator. Evidence of ongoing continuous professional development. Evidence of post registration training/education. Educated to Masters level or equivalent or able to demonstrate an equivalent level of knowledge. Certified Clinical Safety Officer. Registered with a professional body related to Information Technology e.g. FEDIP, The Chartered Institute for IT, or the Faculty of Clinical Informatics (FCI). A high level of knowledge for Programme and Project Management. Information technology related qualifications or training. Completed or be working towards accredited courses which enable potential development. Knowledge & Experience Senior nursing management / leadership experience. Broad knowledge of new technologies and their potential for application in healthcare and understanding of the wider NHS digital agenda. Ability to provide a strategic overview of the development of clinical digital systems to support high quality care and organisational effectiveness. Organisation development: understanding of the requirements of an information culture and an interest in emerging technologies, clinical information systems outcomes and measures. Demonstrable experience in leading at least one major digital intervention, such as deployment of an Electronic Patient Record system to improve care quality, within the last five years. Change management experience related to the planning and delivery of work in a clinical setting with demonstrated success in overcoming resistance to a change in clinical working practice. Extensive experience in clinical practice with substantial experience as a senior nurse / manager. Proven track record of using professional knowledge to bring about change related to the planning and delivery of clinical services and changing clinical working practice. Experience of working across professional boundaries. Deep understanding of health care. Sound knowledge of EPR functionality including care planning, risk assessment, physical health care. Knowledge and experience of quality governance. Proven ability to engage effectively with a broad range of multi professional stakeholders within and outside the organisation. Experience of development of clinical pathways.Ability to support, train and develop nursing and other staff who may have poor IT literacy. Knowledge of the national nursing agenda for digital transformation. Experience of working across Digital and Information Technology Services. Experience of leading technology based clinical projects in a complex environment. Experience of using quality improvement methodologies. Experience of implementing and monitoring standards of care, including clinical audit and governance. Technical knowledge and skills in relation to data and/or computer systems. Appreciation of cyber security and information governance. Previous CNIO experience and senior level management experience. Experience of translating business requirements into information/system requirements, and producing other documentation associated with the implementation of IT systems; e.g. Business Cases, Risk Assessments, Risk/Issues Logs, Policies, Procedures, Process Maps, Work Plans. Skills and Aptitudes Strong interpersonal and communication skills - both written and oral; demonstrated in settings within and outside the organisation involving front line staff to Director level. Able to express complicated, multi stranded concepts in an accessible way, both verbally and in writing and in a multi professional environment. Often acting as a translator between digital and clinical teams. Able to enthuse and inspire others using advanced communication and presentation skills. Skilled negotiator and high level influencing skills, able to persuade clinicians to engage with, implement and embed change to achieve successful outcomes. High-level presentation skills: able to confidently present information publicly using a variety of media in different settings in both 1:1 settings and to large gatherings of clinical professionals (conferences and workshops etc.). Ability to present to Board and engage with a broad range of stakeholders within and outside the organisation and in a multi professional environment. Benefits management: able to identify and articulate benefits of nursing information enabled change and drive through these benefits through to fruition. Training / coaching / mentorship. Demonstrates a transformational and coaching leadership style. Passionate about the digital clinical agenda with a positive, persuasive and inclusive style. Credible in a multi professional environment. Ability to develop and maintain effective clinical networks. Ability to communicate contentious information to an audience that may not be receptive. Provide and receive complex, technical, information, negotiate with senior stakeholders on complex issues, and present complex and sensitive information to large and influential groups. Can articulate and engage others in a vision for digital as an enabler for improvements in clinical quality . click apply for full job details

# Technical Support Officer Aylesbury, Buckinghamshire A J Recruit LtdView Profile Contact A J Recruit LtdApply on company site Share: Stay Safe"Only access Gumtree from and do not follow links sent by other users Share photos and ask lots of questions about the items you are buying and selling If an ad or reply sounds too good to be true, it probably is Use the 'Reply to ad' button for your safety and privacy Don't reply to email addresses hidden in text and pictures Beware of fake Gumtree, eBay or escrow sites and invoices"1 of 6Read all safety tipsHours: Full TimePosted: 7 hours agoSalary: £28,000 - 30,000 - AnnumRecruiter: A J Recruit LtdCloses: 18 Aug 2026Course: NoRecruiter Type: Direct Employer DescriptionRole Profile Job Title: Technical Support Officer Location: Aylesbury Salary: £28,000 - £30,000 per annum Contract Type: Permanent, Full-time Hours: 5 days per week (37.5 hours), including weekend working on a rotational basis as part of our seven day cover. Time off in lieu is provided for all weekend shifts. The Role: Stately house and gardens set in the Buckinghamshire countryside just outside Aylesbury owned by the National Trust. The estate also includes a working aviary, wine cellars, shops, restaurants, and a woodland playground. Staff and volunteers help deliver special exhibitions, host educational visits, hold wine tastings, lead guided walks and talks, and run events throughout the year, including a magical Christmas season. Private events such as parties, meetings, and weddings. The Technical Support Officer will deliver first- and second-line support across all business areas, including Estate & Farms, The role will work closely with third-party IT provider(s) to maintain the smooth operation of IT environment, acting as a key liaison between external partners and internal teams to ensure support requests are resolved effectively and within agreed SLAs and timescales. You will have excellent people skills and the ability to support the evolving needs of the organisation, ensuring that systems and software continue to reflect the technological advancements required for The Estate to remain a premier visitor attraction. Main Responsibilities: Provide first line support for day today IT issues for all staff via telephone, email, web portal, or walk-ins. This includes password resets, remote access issues, hardware and software faults, and support for ePOS tills and PDQ machines.Carry out initial call triage within one hour of an issue being raised, escalating any calls that cannot be resolved at first line to an appropriate technician and/or third-party provider. Manage and maintain all service desk tickets, ensuring calls are logged, prioritised, assigned, and updated through to resolution. Liaise with users, department heads, and third-party providers to ensure issues are resolved promptly and in line with agreed Service Level Agreements. Use knowledgebase articles and system documentation to resolve first line issues, ensuring all documentation is kept up to date and creating new articles where required. Create new user accounts in Active Directory and Microsoft 365, assigning security groups and application permissions as required. Support wider Microsoft 365 administration, including Azure AD, Exchange Online, Intune, Microsoft Defender, SharePoint and Teams, maintaining user access, security policies, and device management configurations Support senior technical team members by maintaining and updating internal IT documentation covering software, policies, procedures, and guidance. Manage and maintain the asset register for all hardware across the Estate using the service desk system. Set up and configure new hardware, including (but not limited to) PCs, laptops, docking stations, printers, tablets, mobile phones, monitors, telephones, PDQ machines, and ePOS tills. Diagnose faults on network ports and cabling using appropriate diagnostic tools. Assist senior team members with network management tasks as required. Provide IT support for events, including occasional evening work during the Waddesdon Christmas season. Undertake any other duties reasonably required from time to time. Experience and Qualifications: Essential: Knowledge and experience of Windows 11, Active Directory, and Microsoft 365 products (including applications and administration portals). Understanding of core infrastructure technologies such as DNS, DHCP, and basic networking principles. Understanding of IT security best practice and data protection principles. Minimum one year's experience in desktop and application support within a multi site or service desk environment. Good working knowledge of computer hardware components and peripheral devices. Strong analytical abilities and a creative, methodical approach to problem solving, with the ability to prioritise workload effectively. Proven track record of delivering excellent customer service in a technical support environment. Strong interpersonal and communication skills, both written and verbal, with the ability to engage confidently with staff at all levels and maintain a friendly, 'can do' attitude. Excellent time management and organisational skills. Full UK driving licence essential, with business insurance for use of own vehicle (the post holder will be required to work at other sites across the Estate and occasionally in London). Willingness to learn new technologies and adapt to evolving organisational needs. Desirable Experience working with network switches, network cabling, and fault finding, including the ability to terminate cabling, LAN ports, and patch panels to T568B standards. Working experience with Microsoft Server () and Microsoft 365 administration portals, including Admin, Azure AD, Defender, Entra, Exchange Online, Intune, SharePoint, Teams and related services. Awareness of cybersecurity best practice and endpoint protection tools. Understanding of backup solutions and disaster recovery principles. Experience with Cisco Meraki wireless access points and the Meraki Dashboard. Knowledge or experience of Microsoft SharePoint administration or site management. Knowledge or experience of Microsoft SQL Server Management Studio (SSMS). Familiarity with business financial systems, ideally including Sage 50 Payroll and Sage 200c. Benefits: Complimentary tickets - We are proud of where we work and want to share with family and friends by offering a number of complimentary tickets to the house and grounds Discounts - 50% discount in the food-to-go outlets at the Manor. 20% in the Manor gift shop and restaurants, 20% discount on special event tickets made available to staff. Staff Card - A National Trust staff card entitles two adults and children under 18 years of age free admission to all National Trust properties and 20% discount in NT retail and catering outlets. Annual Leave - 33 days rising to 40 days based on length of service (including public holidays). Sick pay - If you become ill, one week of sick pay during your first 3 months. This rises to a maximum of 3 months full pay within a rolling 12-month period. After four years you also receive a further 3 months at half pay in the rolling 12-month period. Pension - They will top up your pension by matching any contribution you make, up to 10% of your basic salary. Income Protection - On completing one year of continuous service, income protection may be available at 50% of basic salary for a maximum of 5 years. Life Assurance - lump sum of 4x basically annual salary payable upon death in service. Flexible & Hybrid Working - we encourage departments to manage their own way of working to suit the workload and nature of the work. We recommend a minimum of 3 days a week on-site. Long Service Awards - recognition every 5 years for your contribution to the organisation, including a celebration and a cash award. Mental Health and Wellbeing Support - access to a wellbeing platform and fully funded 1:1 counselling service. Enhanced Maternity Pay - after 12 months of continuous service, you can choose 13 weeks of maternity leave at full pay followed by 26 weeks statutory pay. Enhanced Paternity Pay - after 12 months of continuous service, you may take 3 months of paternity leave at full pay. Eye Care - eye care vouchers for employees who are DSE users. Flu Jabs - free flu jabs in October. Travel - Cycle to Work Scheme, Season Ticket Loan for train or bus, Octopus Electric Vehicle Scheme. Deposit Loan Scheme - financial support to go towards a private rental deposit. Access to Perk at Work - access to exclusive discounts from hundreds of retailers, and up to 55% off cinema tickets. Memberships - 20% discount on new Nuffield gym memberships. xjnqpsq 15% off Hartwell Spa Memberships and treatments, and 15% off food in the restaurant. Pay: £28,000.00-£30,000.00 per year

Salary: £32,000 - 72,000 per year Requirements Proven leadership experience within an MSP, technology services or consultancy environment Strong technical background across cloud, infrastructure, cyber security and modern workplace technologies Experience developing and executing technology strategies Demonstrable success leading technical teams and driving organisational growth Strong stakeholder management and communication skills Commercial awareness with the ability to align technology investments to business outcomes Experience supporting customer facing technical engagements Experience within a Microsoft-focused technology environment Knowledge of Azure, Microsoft 365, Modern Workplace and AI technologies Experience developing managed service offerings Exposure to mergers, acquisitions or business transformation programmes Relevant technical or leadership certifications Responsibilities Define and execute our technology strategy and roadmap Ensure our technology services align with business objectives and customer requirements Identify emerging technologies and opportunities for innovation Drive continuous improvement across technical operations, service delivery and customer outcomes Act as the senior technical authority within our business Oversee the development and evolution of our managed services, cloud, cyber security and modern workplace offerings Ensure our technical solutions remain competitive, scalable and commercially viable Work closely with our sales and customer success teams to support solution design and customer engagement Contribute to the development of new service offerings, including AI and automation capabilities Support strategic customer engagements and technical escalations where required Lead, mentor and develop our technical teams across infrastructure, cloud, security and professional services Foster a culture of accountability, innovation and continuous learning Support succession planning and talent development initiatives Ensure our teams possess the skills and capabilities required to support future growth Build trusted relationships with customers, partners and vendorsSupport business development activities through technical leadership and solution expertise Participate in customer strategy discussions, workshops and presentations Ensure technical decisions support both customer outcomes and commercial objectives Maintain oversight of our technical standards, security frameworks and best practices Ensure compliance with relevant regulatory and industry requirements Manage technology risk and support business continuity initiatives Drive operational efficiency through automation, standardisation and process improvement Technologies AI Azure Cloud Support Microsoft 365 Security Office 365 CTO DevOps More We are a growing technology business based in North East England, operating on a hybrid basis. This is a hands on executive leadership opportunity for an experienced and commercially minded Chief Technology Officer to shape our technical strategy, drive innovation and strengthen service development. We offer a competitive salary with an executive benefits package, plus the autonomy to influence our direction, build high performing teams and help define the future of our technology offering. last updated 25 week of 2026

Belmont Recruitment are currently looking for an experienced IT Security Officer to join Bradford Council on an ongoing temporary contract. This is a full-time role working 37 hours per week, Monday to Friday. Working within the Enterprise and Systems team, you will help deliver information and cyber security initiatives, support security technologies, manage cyber risks, and contribute to incident response activities. Key Responsibilities Support, maintain, configure, and develop IT security technologies and solutions. Assist with vulnerability assessments, security reviews, and cyber risk mitigation activities. Support the investigation and management of cyber security incidents, including evidence gathering and liaison with external agencies where required. Contribute to the development and maintenance of information security policies, procedures, and documentation. Maintain and update cyber security risk registers and support actions to reduce identified risks. Provide information security advice and guidance to colleagues across the Council. Deliver security awareness guidance, training and support to users. Requirements Experience working within an ICT, IT Infrastructure, Cyber Security, or Information Security environment. Knowledge of cyber security principles, technologies, and risk management. Experience providing technical advice and guidance to users and colleagues.

Sivara GmbH is seeking an experienced Data Protection Officer to lead governance and protection activities. You will ensure compliance with UK GDPR, support cybersecurity initiatives, and provide advice to senior leaders. The ideal candidate will have significant experience within the NHS or similar, possess strong analytical skills, and maintain up-to-date knowledge of data protection legislation. The role offers hybrid working, a competitive salary of £40,000, and additional benefits including NHS Pension Scheme access.

Salary: £80,000 - 80,000 per year Requirements We need at least 5 years of experience working in an information security environment. We need proven experience assessing and managing supplier and third-party security risk. We need strong communication skills and the ability to translate technical concepts into clear, business-friendly messaging. We need experience producing high-quality documentation, including policies, standards, and project artefacts. We need demonstrated experience working across projects and development lifecycles, including Agile environments. We need hands on experience implementing and maintaining ISO27001 and broader security governance frameworks such as ISO27001/2, NIST, and PCI DSS. We need a solid understanding of data protection and regulatory requirements, including FCA, ICO, PRA, and GDPR. We need the ability to balance risk, compliance, and business objectives in a fast paced, evolving environment. We need experience in information security governance and risk leadership. We need familiarity with security culture influence and stakeholder communication. We are happy to consider flexible working arrangements. This is a full time role at 35 hours per week with a hybrid working pattern, requiring 2 days per week in our Bournemouth office. Responsibilities We will have you drive the continuous improvement of our ISO27001 framework and Information Security Management System (ISMS), ensuring ongoing compliance. We will have you deliver key security initiatives that bring our Information Security Strategy to life and create measurable impact. We will have you own and mature our information risk management approach in alignment with our Enterprise Risk Framework. We will have you act as a trusted advisor on regulatory requirements and best practice frameworks, including ISO27001, GDPR, NIST, and ITIL. We will have you lead security governance forums and manage our Information Security Governance team, including the information risk function. We will have you embed security across projects and development lifecycles, ensuring risks are identified, assessed, including DPIAs, and effectively mitigated. We will have you oversee supplier and third party security risk, working closely with Cyber Security Operations to protect our wider ecosystem. We will have you drive a strong security culture by maintaining policies, delivering compliance reviews, and rolling out awareness and training programmes. We will have you work closely with our CISO to turn strategy into action and strengthen our security posture. We will have you help ensure our security controls protect and enable the business to thrive. Technologies ITIL Security Support More We are Vitality, a multi award winning UK insurance brand with a purpose driven culture focused on making people healthier and happier. We are proud to be recognised as one of Glassdoor's Best Places to Work 2026 and a Top 10 Place to Work in the Sunday Times Awards in 2024. In this Senior Information Security Officer role, you will join our Information Security team in a hybrid arrangement, working 2 days per week from our Bournemouth office on a full time 35 hour schedule. We offer a competitive package that includes bonus schemes, pension contributions of up to 12%, matched contributions up to 6% of salary, award winning health insurance, and life assurance at four times annual salary. We are committed to flexibility, career growth, a healthy work life balance, and creating an environment where our people can be themselves, do their best work, and help us make a positive difference for our 1.7 million members and society.

Group Head of Data Protection (DPO) We're 1st Central, a market leading insurance company utilising smart data and technology at pace. Rapid growth has been based on giving our 1.4 million customers exactly what they want: great value insurance with an excellent service. And that's the same for our colleagues too; we won Insurance Employer of the Year at the British Insurance Awards 2024 and our Glassdoor score is pretty mega too! At 1st Central, data sits at the heart of everything we do, so protecting it is both a legal obligation and a core responsibility. We're looking for a Group Head of Data Protection (DPO) who's passionate about privacy, someone who's curious, commercially aware, and ready to shape the future of data protection across our Group. You'll be our senior voice on all things data protection - advising the Executive, Boards and senior leaders, and setting the strategic direction for privacy across the Group. You'll lead a high performing Privacy team and make sure we're not just compliant, but confident in how we manage and protect data. What we're looking for Significant experience as a DPO or from a similar compliance role Expert knowledge of data privacy legislation including GDPR Expert knowledge of cybersecurity risks and other information security standards, such as ISO27001 The ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks What's involved Be responsible for the development of a high performing Privacy team and creating a clear vision whilst building strong relationships inside and outside the Group, to collaborate with and influence the executive and senior management across the Group and externally with corporate partners, including data subjects, regulators, suppliers and professional bodies Have an excellent understanding of the key regulatory and statutory rules, regulations, principles and codes of practice incumbent upon Group companies and the jurisdictions in which they are domiciled in so far as they are relevant to the delivery of appropriate Data Protection compliance requirements, and keep such awareness up to date Define with the Executive, Boards and other senior stakeholders, and implement the Group's Data Protection Strategy Define, scope, gain Audit Committee approval for, and deliver the Group's data privacy programme Report to the Group's Risk Committees on the compliance position highlighting key risks, incidents and matters requiring decisions by the relevant Board or senior management Act as Data Protection Officer for all Group entities where the role is required, and be owner of the Group Data Protection Policy Take overall responsibility for the oversight of Data Protection compliance and related Regulatory matters across the Group Inform and advise Senior Management on data protection laws and policies Monitor compliance with data protection laws and policies, and report on this to the Executive, SICL Management Committee, FCIM Management Committee and Group Audit committees Oversee the maintenance of records required to demonstrate data protection compliance Supervise the Privacy Team's completion of data protection impact assessments and develop and execute relevant project plans Manage a program of awareness raising and training to deliver compliance and to foster a data privacy culture within the company Review Data Protection clauses in client terms and supplier contracts Define, implement and lead a data incident response and data breach notification procedure as well as provide incident management response where applicable Be the contact point with and co operate with the relevant Data Protection Authorities and to data subjects when exercising their individual data rights as well as supervise and advise on the response to such requests Be the focal point for all activity relating to data protection Promote a culture of awareness of data security throughout the company Comply with the requirements, and act in accordance with, the Group Code of Conduct and Fitness and Propriety policies at all times Maintain department risk registers, provide evidence and commentary for controls, updates for Mitigation Actions and maintain control matrices and attestations; ensure employees are aware of their responsibility to identify and report risk Ensure compliance with Company Policies, Values and guidelines and other relevant standards/ regulations at all times, including compliance with the Senior Managers Certification Regime (SMCR) Conduct Rules Job specific Competencies Experience & Knowledge Knowledge of FCA requirements (including individual responsibilities in relation to Consumer Duty) Significant experience as a DPO or from a similar compliance role Proven track record in leading data protection issues at a senior level Project management experience Experience of interfacing with data protection regulators Experience in designing and implementing a data protection strategy Experience leading a department Educated to degree level IAPP CIPP/E or CIPM or equivalent data privacy qualification Qualified Lawyer Very familiar with UK, Gibraltarian, Guernsey and European data protection laws and practices, including (but not limited to) the Data Protection Act 2018, Privacy & Electronic Communications Regulations 2003 and the General Data Protection Regulation A knowledge of best practice in information security, risk management, legal or audit Expert knowledge of data privacy legislation including GDPR Expert knowledge of cybersecurity risks and other information security standards, such as ISO27001 Skills Ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks Excellent time management and organisation skills Ability to conduct the role independently and with integrity Ability to plan, organise and prioritise tasks and projects Strong analytical skills Extremely strong communication, influencing and stakeholder management skills Behaviours Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels Strong team player and proven ability to lead and manage a team Enthusiastic and positive Ability to remain calm, controlled and resilient Self motivated and enthusiastic An organised and proactive approach Strives to drive business improvements to contribute to the success of the business Benefits People first. Always. We're passionate about our colleagues and know the best people deserve an extraordinary working environment. Our workplaces are energetic, inspirational, supportive. To get a taste of the advantages you'll enjoy, take a look at all our perks in full here.

Centrica plc is seeking a Business Information Security Officer (BISO) to play a critical role in enhancing cyber resilience. This UK-based hybrid position requires expertise in cyber and information security, influencing technology decision-making within the organization. The ideal candidate will have extensive leadership experience in complex environments, strong skills in security governance, and the ability to communicate effectively with senior stakeholders. Benefits include a competitive salary and comprehensive healthcare plan.

Group Head of Data Protection (DPO) We're 1st Central, a market leading insurance company utilising smart data and technology at pace. Rapid growth has been based on giving our 1.4 million customers exactly what they want: great value insurance with an excellent service. And that's the same for our colleagues too; we won Insurance Employer of the Year at the British Insurance Awards 2024 and our Glassdoor score is pretty mega too! At 1st Central, data sits at the heart of everything we do, so protecting it is both a legal obligation and a core responsibility. We're looking for a Group Head of Data Protection (DPO) who's passionate about privacy, someone who's curious, commercially aware, and ready to shape the future of data protection across our Group. You'll be our senior voice on all things data protection - advising the Executive, Boards and senior leaders, and setting the strategic direction for privacy across the Group. You'll lead a high performing Privacy team and make sure we're not just compliant, but confident in how we manage and protect data. What we're looking for Significant experience as a DPO or from a similar compliance role Expert knowledge of data privacy legislation including GDPR Expert knowledge of cybersecurity risks and other information security standards, such as ISO27001 The ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks What's involved Be responsible for the development of a high performing Privacy team and creating a clear vision whilst building strong relationships inside and outside the Group, to collaborate with and influence the executive and senior management across the Group and externally with corporate partners, including data subjects, regulators, suppliers and professional bodies Have an excellent understanding of the key regulatory and statutory rules, regulations, principles and codes of practice incumbent upon Group companies and the jurisdictions in which they are domiciled in so far as they are relevant to the delivery of appropriate Data Protection compliance requirements, and keep such awareness up to date Define with the Executive, Boards and other senior stakeholders, and implement the Group's Data Protection Strategy Define, scope, gain Audit Committee approval for, and deliver the Group's data privacy programme Report to the Group's Risk Committees on the compliance position highlighting key risks, incidents and matters requiring decisions by the relevant Board or senior management Act as Data Protection Officer for all Group entities where the role is required, and be owner of the Group Data Protection Policy Take overall responsibility for the oversight of Data Protection compliance and related Regulatory matters across the Group Inform and advise Senior Management on data protection laws and policies Monitor compliance with data protection laws and policies, and report on this to the Executive, SICL Management Committee, FCIM Management Committee and Group Audit committees Oversee the maintenance of records required to demonstrate data protection compliance Supervise the Privacy Team's completion of data protection impact assessments and develop and execute relevant project plans Manage a program of awareness raising and training to deliver compliance and to foster a data privacy culture within the company Review Data Protection clauses in client terms and supplier contracts Define, implement and lead a data incident response and data breach notification procedure as well as provide incident management response where applicable Be the contact point with and co operate with the relevant Data Protection Authorities and to data subjects when exercising their individual data rights as well as supervise and advise on the response to such requests Be the focal point for all activity relating to data protection Promote a culture of awareness of data security throughout the company Comply with the requirements, and act in accordance with, the Group Code of Conduct and Fitness and Propriety policies at all times Maintain department risk registers, provide evidence and commentary for controls, updates for Mitigation Actions and maintain control matrices and attestations; ensure employees are aware of their responsibility to identify and report risk Ensure compliance with Company Policies, Values and guidelines and other relevant standards/ regulations at all times, including compliance with the Senior Managers Certification Regime (SMCR) Conduct Rules Job specific Competencies Experience & Knowledge Knowledge of FCA requirements (including individual responsibilities in relation to Consumer Duty) Significant experience as a DPO or from a similar compliance role Proven track record in leading data protection issues at a senior level Project management experience Experience of interfacing with data protection regulators Experience in designing and implementing a data protection strategy Experience leading a department Educated to degree level IAPP CIPP/E or CIPM or equivalent data privacy qualification Qualified Lawyer Very familiar with UK, Gibraltarian, Guernsey and European data protection laws and practices, including (but not limited to) the Data Protection Act 2018, Privacy & Electronic Communications Regulations 2003 and the General Data Protection Regulation A knowledge of best practice in information security, risk management, legal or audit Expert knowledge of data privacy legislation including GDPR Expert knowledge of cybersecurity risks and other information security standards, such as ISO27001 Skills Ability to make good judgements regarding data privacy risks and to prioritise resources and activity around managing those risks Excellent time management and organisation skills Ability to conduct the role independently and with integrity Ability to plan, organise and prioritise tasks and projects Strong analytical skills Extremely strong communication, influencing and stakeholder management skills Behaviours Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels Strong team player and proven ability to lead and manage a team Enthusiastic and positive Ability to remain calm, controlled and resilient Self motivated and enthusiastic An organised and proactive approach Strives to drive business improvements to contribute to the success of the business Benefits People first. Always. We're passionate about our colleagues and know the best people deserve an extraordinary working environment. Our workplaces are energetic, inspirational, supportive. To get a taste of the advantages you'll enjoy, take a look at all our perks in full here.

Group Head of IT Department: IT Employment Type: Full Time Location: London Reporting To: Angus Beaumont Description Harmony is on a mission to be the best life safety partner to work with and for. Rated an 'Outstanding Employer' by Best Companies in 2025, we are only getting bigger and stronger - and we're looking for A-players to help us get there. We are passionate about making a difference and obsessed with quality. Our goal is to build a world where every resident can sleep safely at night, knowing their home is 100% safe. This is a security first leadership role. You will own cyber security and data protection across the Harmony group (Harmony Fire, Solidcor, Auro Technology) end to end - strategy, delivery and BAU - acting as the most senior security voice in the business below the Group IT Director. Cyber Essentials Plus, IASME Cyber Assurance and ISO 27001 sit with you. UK GDPR compliance sits with you as the group's Data Protection Lead (a non statutory role distinct from a formal DPO appointment). The group's security posture, risk register, incident response and audit defensibility all sit with you. If something has a security or data protection dimension, it lands on your desk first. Security cannot exist in isolation, so you will also run the day to day IT function - line managing the IT Technician, overseeing the helpdesk, vendor stack and infrastructure resilience for around 250 users across three trading entities. Operations exist to deliver a secure platform, not the other way around. IT Project Managers will deliver new systems into the group; you will accept those handovers and operationalise them into BAU only once they meet your security bar. Reporting to the Group IT Director, you will be the security leader the group trusts to keep its people productive, its data protected and its certifications intact through 30% year on year growth. This is more than an IT role. It is about bringing the right energy, accountability and resilience to our mission of saving lives through fire and height safety. Key Responsibilities Own the group's cyber security strategy, posture and risk register - the most senior security accountability in the business below the Group IT Director. Lead all formal security certifications end to end: Cyber Essentials Plus annual recertification, IASME Cyber Assurance alignment and ISO 27001 ISMS - scoping, risk treatment, Statement of Applicability, internal audits, management review and external audit defence. Apply additional frameworks where they strengthen the group's posture - NIST CSF, CIS Controls, NCSC Cyber Assessment Framework - and embed them into operational practice. Act as the group's Data Protection Lead (not a statutory DPO under UK GDPR Article 37) - own UK GDPR and DPA 2018 compliance, ROPA, DPIAs, retention schedules, DSARs, breach notification, processor agreements and supplier due diligence. Run security operations day to day - endpoint protection (Bitdefender GravityZone), conditional access, MFA, identity governance, vulnerability management, and security awareness and phishing simulation programmes via KnowBe4. Lead incident response - triage, containment, recovery, post incident review and reporting, with playbooks kept current and tested. Oversee security across Auro Technology's software stack - IoT device firmware, cloud platforms, mobile and web applications - partnering with the Auro engineering team on secure SDLC, code review, dependency management, secrets handling and product security posture. Act as the security gatekeeper for IT project handovers - accept newly delivered systems from IT Project Managers into BAU only once documentation, monitoring, support runbooks and security controls meet the group's bar. Run vendor and licensing relationships across the IT and security stack - renewals, commercial negotiation and security due diligence on every new supplier before they are onboarded. Run the day to day IT function in service of the security mission - line manage the IT Technician, oversee the Atera helpdesk, own SLAs and personally take the hardest tickets when they have a security dimension. Maintain infrastructure resilience - backups, disaster recovery, business continuity, identity, network and connectivity - owned, documented and tested. Run secure onboarding and offboarding at scale, keeping identity hygiene and asset control airtight as the group grows. Skills, Knowledge and Expertise An A-player mindset - high standards, extreme ownership and the drive to do things properly, the first time. A security professional first and foremost - your career identity is cyber security and information assurance, not IT generalism that happens to include security. Proven track record leading Cyber Essentials Plus and ISO 27001 (or actively driving towards certification) in a real organisation - not a tabletop exercise. Strong working knowledge of UK GDPR and the Data Protection Act 2018, with hands on experience of DSARs, DPIAs, breach response and supplier DPAs. Deep, hands on Microsoft 365 and Entra ID security experience - conditional access, Intune, identity governance, the Defender stack and security baselines. Demonstrable security operations experience - EDR/XDR, vulnerability management, incident response and security awareness programmes. Pragmatic, hands on operator - comfortable running a helpdesk and line managing an IT Technician alongside the security and compliance remit. Confident commercial mindset - budget ownership, vendor negotiation and the ability to challenge supplier security claims with evidence. Excellent written and verbal communication, able to translate technical risk plainly for non technical leadership and field staff. Right to work in the UK and able to travel between London, Yeovil, Chesterfield, Edinburgh and other group sites as required. Recognised certification - CISSP, CISM, ISO 27001 Lead Implementer or Lead Auditor, Microsoft SC 100 / SC 200 / SC 300. IASME Cyber Assurance experience. Formal Data Protection Officer training or qualification (e.g. PC.dp, BCS Practitioner Certificate in Data Protection). Experience in fire safety, construction, manufacturing or field engineering environments. Familiarity with our wider stack - Salesforce, SimPRO, Unleashed, Supabase, Cloudflare, Microsoft Fabric. Hands on experience with KnowBe4 (or equivalent security awareness and phishing simulation platforms). NIST CSF, CIS Controls or NCSC CAF practical experience. Benefits This is a chance to own cyber security and data protection end to end for a three entity group at one of the UK's fastest growing safety specialists - with the autonomy to set the security bar, hold certifications and shape the group's posture as we grow 30% year on year. At Harmony, we ask a lot - and we give a lot back. The hours are real, the standards are high and the work is demanding, but for those who show up, deliver and go the extra mile, the rewards follow. A players here enjoy a competitive salary, a performance bonus tied to successful, on time delivery against roadmap milestones and delivery KPIs, a Personal Development Plan with ongoing training and leadership mentoring, unlimited holiday, private medical insurance, enhanced maternity and paternity, lunch, snacks and refreshments on us every day (fresh fruit and Takeaway Fridays included), a team social budget, cycle to work, an auto enrolment pension, two major company events a year and our Reward and Recognition scheme - including European mini breaks for those who go above and beyond. It is a collaborative, high energy environment focused on doing things the right way - technically, ethically and practically - and none of it is a perk for showing up; it's what we share with the people pulling the business forward. Harmony is an equal opportunity employer. We consider all applicants for employment regardless of age, disability, sexual orientation, gender identity, family or parental status, race, colour, nationality, ethnic or national origin, religion or belief. We want everyone who works with us to feel valued and to make a difference.

Overview At Centrica, we're building a more secure, resilient and digitally enabled future. As a Business Information Security Officer (BISO) you'll play a pivotal role in modernising platforms, strengthening cyber resilience, and partnering with Technology CIOs to deliver secure outcomes. Location UK based hybrid role - occasional travel to sites. Responsibilities Act as the trusted security partner to Technology CIOs and their leadership teams, providing pragmatic, risk based advice that enables confident business and technology decisions. Lead the execution of Centrica's information security strategy within the business unit, ensuring alignment to organisational priorities, regulatory expectations and industry standards. Own information security risk management for the business unit, overseeing the identification, assessment and mitigation of risks and ensuring effective controls are designed, implemented and maintained. Embed security by design across technology initiatives and change programmes, working closely with delivery teams from ideation through to live operations to strengthen resilience. Serve as the primary escalation point for cyber security governance, incidents and resilience matters, ensuring issues are managed transparently and lessons learned drive continuous improvement. Provide clear, evidence based reporting and security awareness leadership, keeping senior stakeholders informed on security posture, key risks and progress while promoting a strong security culture. Qualifications Extensive experience in cyber and information security leadership, operating in complex, regulated enterprise environments and influencing security outcomes at scale. Proven authority in security governance, risk management and compliance, with strong working knowledge of recognised frameworks and standards such as ISO 27001, NIST, COBIT and GDPR, and experience supporting control and assurance activities. Confident senior level communicator, experienced in briefing CIOs and business leaders, translating technical risk into clear business insight and influencing decisions through credibility, judgement and impact. Strong delivery mindset with the ability to manage multiple complex initiatives simultaneously, demonstrating consistent outcomes across risk management, incident response, assurance and security improvement programmes. Advanced capability in the safe and responsible use of AI and emerging technologies, including enterprise AI co pilots and knowledge assistants, with a clear understanding of accuracy, bias, compliance and escalation within defined governance guardrails. Resilient, adaptable leader with exceptional interpersonal skills, able to operate independently while contributing to wider leadership teams, motivating virtual and matrix managed teams and championing a strong, values led security culture. Benefits Market competitive salary with an additional 15% Employee Energy Allowance. Comprehensive pension plan and fully funded company healthcare plan. Generous holiday allowance: 25 days plus public holidays, with option to purchase up to 5 extra days.