Contact us CareFlow Connect sign in

View navigation

Back to all vacancies

Information Security Manager



Reporting to

Chief Technical Officer 

Job purpose

To be responsible for ensuring that the companies, products, networks, infrastructure and services remain secure, working with development, technical and other internal teams to ensure that our products and offerings are secure by design.

The security manager will be responsible for all aspects of security from product/service inception through to delivery, helping define and enforce policy, standards and good practice across the business as well as validating and coordinating internal and external test activities to ensure our offerings remain secure and our customers are provided with the confidence they need when using our products and services.

The ideal candidate will have a technical or development background.  It is important that the individual has the ability to win the hearts and minds of colleagues, with a keen and enthusiastic ability to communicate while making positive and appropriate change within the Organisation. 


The Information Security Manager is responsible for the following: 

  • Manages product standards compliance ensuring appropriate stakeholder representation and ownership of actions to ensure product compliance with appropriate standards.
  • Support the development of software by providing Information Security expertise as required.
  • Liaising with colleagues in deployment areas to give advice and assist in problem solving
  • Co-ordinate and deliver knowledge transfer as required ensuring colleagues have an overview of their requirements to be compliant with Information Security.
  • Track the developments of Cyber Security and Information Security standards and guidance, ensuring products will comply in accordance with implementation deadlines.
  • Assist and contribute to the clinical safety cases for product releases providing IS assurances and confirming that changes do not contravene national recommended best practice.
  • Ensure the Alliance meets the National Data Guardians 10 Data Security Standards.
  • Assist in the arrangement and delivery of annual Information Governance and Information
    Security Training.
  • Work closely with linked colleagues across the companies, including the Executive Team, the Information Governance Manager, Compliance Manager and the Technical and Operational
  • Point of contact to manage and administer Security Incidents and keeping records of such.
  • Promoting awareness of customer and security requirements.
  • Security Risk Assessments, continual improvement including corrective and preventative actions.
  • Consideration of Information Security risks and recommendations in the completion of required Data Protection Impact Assessments.
  • Assist and contribute to the clinical safety cases for product releases providing IS assurances and confirming that changes do not contravene national recommended best practice.
  • Provide feedback on Information Security compliance to senior management.
  • Keep up to date with legislation on Security and data quality both corporately and within the NHS.


  • An excellent technical or developmental background or experience.
  • A good understanding of the Information Security industry and cyber security plans
  • Good knowledge of networking/server and product development technologies
  • Penetration Testing toolkits, SIEM and other security related product experience. Knowledge of data quality principles and standards (including relation to NHS healthcare data).
  • Experience with information systems, processes and uses of information with the NHS
  • A proactive and positive approach and attitude to developing an increased Information Security aware culture.

Mandatory skills

  • Ability to produce reports that evaluate and present complex data in an understandable way.
  • Have a high degree of competence in the use of Microsoft Office and desktop applications and can demonstrate good skills with respect to database and spread sheet management.
  • Excellent verbal, written and presentation skills.
  • Excellent interpersonal and communication skills.
  • Ability to use laptops, projectors and other presentation equipment effectively.
  • Ability to work in a pressurised environment.
  • Ability to meet deadlines.
  • Ability to respond to unpredictable work patterns and interruptions.
  • Ability to work as part of a team or in a stand-alone capacity

Communications and working relationships:


  • Ability to interact and co-operate with all colleagues at all levels;
  • Maintain professional internal relationships;
  • Proactively establish and maintain effective working team relationships with adjacent departments and associated companies;
  • Effectively communicate and support other members within the post holder’s team.


  • This role involves may sometimes involve working with and managing the relationships with external suppliers and agencies, partners and customers.


Please apply in writing, sending a covering letter and CV to