About the role

Do you want to use your cyber skills to undertake a cyber security role at an unprecedented scale that makes a real difference to healthcare in England?

Cyber Operation's purpose is to support safe care and build public trust by building NHS England's cyber resilience and enabling the wider health system to be cyber resilient. As well as, supporting the Transformation Directorate's purpose of delivering the best care and outcomes for the NHS.

The Cyber Operations sub-directorate consists of 4 operational areas:

  • Cyber Security Operations Unit (CSOU).
  • Cyber Delivery Unit (CDU).
  • Cyber Improvement.
  • Chief Information Security Office Function (CISO).

The CISO Function consists of four operational teams:

  • Security Strategy.
  • Secure (by Design).
  • Security Assurance.
  • Security Governance, Risk & Compliance (GRC).

The Secure Consulting Team (part of the wider Chief Information Security (CISO) function, Secure (by Design)) provides expert specialist security consultancy to country wide services to ensure they are designed and built securely to improve cyber resilience. This in turn improves patient safety and provides a more efficient health service.  This involves the provision of security advice to all the Critical National Infrastructure and major national services across NHS England.

Our Senior Cyber Security Advisors are key members of the team and focus on ensuring NHS England's systems operate from a cyber resilient architecture. They provide detailed cyber security advice and guidance to project teams within NHS England and our partners, assuring the cyber resilience of all systems prior to live-service.

This is an exciting opportunity to help shape, guide and deliver NHS England's Cyber Security Strategy. You'll be given the support and autonomy to use your skills, knowledge, and experience to have a real long-lasting impact. Helping to improve NHS England's cyber resilience, which in turn, improves patient safety and provides a more efficient health service.

We are recruiting Senior Cyber Security Advisors to focus on ensuring our systems operate from a Cyber resilient architecture.

As a Senior Cyber Security Advisor, within the Secure Consulting team you will:

  • Conduct threat modelling to ensure systems are designed to reduce the risk and impact of compromise, security assessments and providing expert cyber advice.
  • Be primarily focused on the provision of expert cyber security consultative advice and guidance, to advise on security standards, designs and patterns as well as ensuring there is security design governance in place.
  • Proactively interact with key stakeholders to gather information, resolve problems and make recommendations for improvements for developing and delivering an integrated information and cyber security strategy.
  • Implement project level strategies, defining objectives and addressing technology-related controls, risks, and issues.
  • Support programmes and projects in the delivery of secure systems
  • Provide short-term cover for Cyber Security Leads.

This is a critical role in ensuring that NHS England’s security measures are aligned to government and industry security standards, and appropriate measures are in place to mitigate against cyber security risks.

The security landscape is constantly evolving, and this is your opportunity to think creatively and positively contribute towards improving the security resilience of health and care organisations across England. It’s a great time to join NHS England and be part of the journey. 

Important: Please be aware there are residency requirements you need to meet:

All NHS Digital/England Cyber Security personnel must hold security clearance SC level as a minimum. To meet National Security Vetting requirements, you must have resided in the UK for a minimum of 3 out of the past 5 years for SC clearance. Candidates who were posted abroad for service with HM Government, Armed Forces or within a UK government role - will still be considered. More information on SC clearance can be found here.

Please make sure you meet these requirements before applying for this role. You don’t need to have SC already, however, failure to achieve the requirements for SC after offer, will result in the job offer being withdrawn. 

Why work for us?

We value the different experiences our people bring to their work at NHS England. We're working to create an environment where everyone can make a full contribution no matter their background, identity, or circumstances.  Which means, we encourage applications from people of all backgrounds and abilities.  

Our work matters. You matter.

What we offer you:

  • We offer a hybrid working approach which offers you an informal, flexible way of blending home and office working. Colleagues with a contractual office base are expected to spend, on average, at least 40% of their time working in-person.
  • Flexible working opportunities - we value and respect the diversity of our employees, and applications from prospective candidates who require flexible working arrangements are welcomed; these include part-time hours, job sharing, flexible hours and part-remote set ups
  • 27 days annual leave increasing to 33 days with service.
  • generous pension (with our contribution equal to 20.6% of your earnings).
  • NHS Discounts including shops, restaurants, gym, mobile phones, and insurance.
  • Employee benefit schemes including our Season Ticket Loan, Car Lease and Bike to Work schemes.

About you

To be successful in this role, the ability to manage your own workload and to present findings to a high standard are a must. This is a crucial and influential role requiring excellent negotiating and analysis skills, alongside the ability to communicate with key stakeholders at all levels of seniority.

Some of the skills and experience we're looking for include: 

Consulting - extensive knowledge of techniques, roles, and responsibilities in providing technical or business guidance to clients, both internal and external; ability to apply this knowledge appropriately to diverse situations.

Information Security Management - Proven knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organisational data. 

Vulnerabilities Assessment - specialist knowledge of vulnerability assessment tools, techniques, models, and systems; ability to utilises the knowledge to identify vulnerabilities on network, operating system, mobile application, etc. 

Information Assurance - Demonstrable knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability. 

Cybersecurity Risk Management - working knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organisational network operation and minimise negative effect by cybersecurity risks. 

Application Security - working knowledge of the tools and processes for maintaining application security; ability to design and implement security programs to prevent data loss and access intrusion from web and mobile applications. 

For more information about the role and what we're looking for, please view the role profile. 

What's in it for you

  • a role as part of a dynamic team using data and digital technology to transform health and care
  • a range of opportunities to build your experience in an environment where your
    work has a direct and positive impact
  • a real commitment to your personal and professional development with access
    to a broad range of learning opportunities

About us

We are a great place to work. What we do matters.

NHS England leads the NHS in England to deliver high quality care for all. We support NHS organisations to deliver better outcomes for our patients and communities, work to get the best possible value for taxpayers, and drive improvement across the NHS. This includes improving the health of the population and the quality of care, tackling inequalities, and delivering care more efficiently. 
Our outstanding teams are passionate about technology and public service, making use of everyone's skills to improve people's lives. 

We collaborate to deliver world class tech and intelligence, so come and join us. We are committed to sustainability, diversity and inclusion; our people are at the heart of what we do.

To find out more about the type of work we do, please take a look at our website.


We use NHS Terms and Conditions of Service (Agenda for Change) pay rates. This role offers the 8a salary band and attracts a 20% recruitment and retention premium (known as RRP), making the total salary on offer £61,124- £68,818. We do not salary match, most new employees to the NHS will start at the bottom of the band and receive the salary at top of the band after 5 years continuous service. We do recognise relevant experience with the same level of responsibility, but this needs to be 5 years or more to receive the salary at the top of the band.

You can find more information about Agenda for Change pay rates here Pay scales for 2023/24 | NHS Employers.

Next steps

Our application process is straight forward, you will need to upload a copy of your CV and input a supporting statement. Within your supporting statement you must evidence your knowledge, skills and experience from the criteria in the "About You" section of the advert.

Our assessment process comprises of 2 stages; 

  • First stage interview (which assesses your skills and knowledge for the role) will take place on 7th and 8th May 2024 via MS Teams.
  • Second stage interview (which assesses you against our core competencies and Leadership framework) will take place on 16th and 17th May 2024 via MS Teams.

Applicants who are shortlisted for interview will be contacted by email.


This post is not exempt from the Rehabilitation of Offenders Act 1974. We only ask applicants to disclose convictions which are not yet spent / unspent under the Rehabilitation of Offenders Act 1974. Following an offer of employment, we will carry out a Basic Disclosure and Barring Service (DBS) check as part of the pre-employment check process.

Other jobs like this