Senior Data Security & Privacy Manager

Posted 4 hours 13 minutes ago by NHS

Permanent
Not Specified
I.T. & Communications Jobs
Yorkshire, Barnsley, United Kingdom, S70 1
Job Description

Are you ready to make a meaningful management impact in the world of Data Security and Privacy? NHSBT has the vision of enabling a world where every patient receives the donation they need. This role will play a crucial part in achieving this vision by working within the Data Security, Privacy and Records Management (DSPR) function to manage the Data Security and Privacy teams, ensuring that all NHSBT services, systems, and projects are secure and enable privacy by design. In this exciting new role, you'll be at the forefront, reporting directly to the Head of DSPR and managing our Data Security and Privacy teams. You will ensure that our data security and privacy practices align with regulatory requirements and industry standards. If you thrive in a high-energy environment and are deeply committed to safeguarding people, assets, and our organisational reputation, and have people management, technical skills, and data security and privacy expertise, we want you to be part of our close-knit team. Your journey with us will involve managing, enhancing, and expanding our data security and privacy capabilities. This is a rewarding role in an organisation dedicated to saving and improving lives. Join us, and let's shape the future of Data Security and Privacy together at NHS Blood and Transplant.

Main duties of the job

In this role, you will play a key part in the Data Security, Privacy and Records Management (DSPR) team led by the Head of DSPR, supporting all areas of the organisation. Your responsibilities will include:

  1. Operationally manage the Information Security and Data Privacy functions.
  2. Support the delivery of the DSPR Programme, including BAU activity and the strategic agenda to ensure Security and Privacy operate as enablers, ensuring compliance with regulatory and statutory legislation.
  3. Be a point of contact for specialist knowledge in Information Security and Data Protection, providing expert guidance to the organisation and wider stakeholders.
  4. Work with colleagues across NHSBT to lead on the design and implementation of our Data Privacy Framework.
  5. Lead on the design and development of the security supplier assurance framework to ensure full assurance across our supplier base.
  6. Lead on the development, update, and implementation of policies, procedures, and guidelines to embed Security and Privacy by Design across NHSBT.
  7. Develop and deliver specialist training and awareness activities in line with legislation across NHSBT.
  8. Lead on investigations of security incidents, escalating to the Head of DSPR and DPO as appropriate.
  9. Lead on design and articulation of compliance indicators.
  10. Represent Data Security and Privacy as required at key NHSBT committees and boards.
  11. Lead on improvement areas as part of the wider strategic agenda.
About us

It takes all types of people to deliver the kind of service that saves and improves lives. At NHS Blood and Transplant, you'll join a team of more than 6,000 people who are making a genuine difference to communities, families, friends, relatives and more across the UK. We play a unique and special role in the NHS by helping people do something extraordinary - donate blood, blood products, organs, tissues, or stem cells to save someone in need. Our three core values are what set us apart. They guide and inspire everything we do. By being caring, expertly meeting the needs of our patients and our people, and accepting nothing less than the best quality, we can do extraordinary work and help our people to do something extraordinary in their career, too. Three small words, one big difference - Caring, Expert and Quality. Together we'll save and improve more lives than ever. You will join us on our journey to create an inclusive workplace and aim to reflect the diverse communities we work with, and we positively encourage applications from all sectors of the community.

Person Specification Qualifications
  • Accredited professional qualification at master's level or clear equivalent experience in one or more of the following areas to Master's level:
  • Data Protection
  • General Data Protection Regulation
  • Demonstrates commitment to own continued professional development (CPD)
Experience
  • Up-to-date knowledge of applicable legislation and relevant best practice within the public sector.
  • Evidence of knowledge of successful change management processes.
  • Experience in use of Data Privacy related systems provided by NHS Digital including DSP Toolkit and Data Privacy training materials.
  • Previous contribution to successful governance in a clinical organisation.
  • Previous experience in an IG/Data Privacy role.
  • Experience of regulation through the ICO and/or NHS Digital.
  • Experience in updating, refining, and executing IG/Data Privacy processes and procedures.