Head of Cyber Security

Head of Cyber Security

The closing date is 22 January 2026

The Head of Cyber Security will lead the Trust's cyber security strategy, governance, and operations. This senior leadership role ensures the confidentiality, integrity, and availability of OUH's digital assets and information systems. The post holder will act as the authoritative voice on cyber security, representing OUH in regional and national forums, and will be responsible for aligning the Trust's cyber posture with NHS frameworks such as DSPT, CAF, and ISO 27001.

Main duties of the job

The Head of Cyber Security is responsible for shaping and executing the Trust's cyber security strategy, ensuring that digital assets and information systems remain secure, resilient, and compliant with NHS frameworks such as DSPT, CAF, and ISO27001. This role provides strategic leadership by developing and implementing cyber security plans, leading maturity assessments, and offering board-level assurance on risk and compliance. The post holder represents the Trust in key regional and national cyber forums, helping to align local priorities with broader NHS initiatives.

In addition to strategic oversight, the role encompasses governance and risk management, including ownership of the Information Security Management System (ISMS), leading audits, chairing assurance groups, and supporting data protection compliance as Deputy SIRO.

About us

Oxford University Hospitals NHS Foundation Trust is one of the largest NHS teaching trusts in the country. It provides a wide range of general and specialist clinical services and is a base for medical education, training and research. The Trust comprises four hospitals - the John Radcliffe Hospital, Churchill Hospital and Nuffield Orthopaedic Centre in Headington and the Horton General Hospital in Banbury. For more information on OUH please view OUH At a Glance by OUHospitals - Issuu

Our values, standards and behaviours define the quality of clinical care we offer and the professional relationships we make with our patients, colleagues and the wider community.

We call this Delivering Compassionate Excellence and its focus is on our values of compassion, respect, learning, delivery, improvement and excellence.

Job responsibilities

For further information, please refer to the attached job description and person spec. For an informal discussion about the role, please contact Ian Fabbro.

Person Specification

Qualifications

- Educated to Masters level in a relevant subject or have equivalent experience

- Specialist qualifications in ICT and/or Cyber Security, for example: CISSP/CISM/CRISC or equivalent

- Committed to ongoing specialist training to support job role and self-development

Experience

- Senior leadership in cyber security within an NHS or complex public sector environment, with a strong track record of achievement

- Extensive experience of managing cyber security and risk

- Extensive experience of interpreting and applying the law governing the management of information

- Broad IM&T knowledge and an understanding of computer and confidentiality related legislation and professional standards

- Good understanding of principles of managing enterprise-scale IT networks

Disclosure and Barring Service Check

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Oxford University Hospitals NHS Foundation Trust

£76,965 to £88,682 a yearper annum pro rata

Contract

Permanent

Working pattern

Full-time,Flexible working,Home or remote working,Compressed hours

#J-18808-Ljbffr