Working as a partnership, both Isle of Wight NHS Trust and Portsmouth Hospitals University NHS Trust have a shared vision for excellence in care for our patients and communities; with a set of strategic aims underpinning how we will achieve this. The creation of a single corporate service (SCS) is essential for us to support our clinical and operational services, and our wider transformation programme

This vacancy is part of the Single Corporate Services Division and our vision is :

• Be an employer of choice for corporate talent, attracting and retaining people who share our values for excellence in care and welcome the opportunity to benefit from the broad range of flexible career and development opportunities we can offer.   
• Improve efficiency through simplified and standardised policies, processes, and systems, drawing on the best from both Trusts.  
• Do things once and reduce any duplication on transactional tasks giving corporate staff the ability to focus on higher value and more diverse activities.  
• Co-invest in the latest digital solutions and standardise our approach, meaning we do things once for both organisations. 
• Improve learning and development opportunities and sharing best practice, upskilling both Trusts.  
• Co-locate teams in purpose-built facilities on the Island and in Portsmouth to enable closer working and sharing.  
• Build resilience for individuals and our teams. 

The SCS is delivered across IWT or PHU , you may be based at either location and be required to undertake business travel between sites. 

Single Corporate Service Summary

This vacancy is open to employees of Isle of Wight NHS Trust and Portsmouth Hospitals University NHS Trust only.

NHS Band 7:  £49,387 - £56,515 per annum (effective from 01/04/2026)

Hours Per Week:  37.5 full time

Contract Type: Fixed term for 2 years

Job purpose

As team leader for the Technical Services Security Team, the post holder will be the lead IT Security technical role in the provision of effective, efficient and fully integrated IT operational services that maximise their availability and integrity for end-users and optimise the value gained by the Trust from its investment in IT.  They will work across the Digital and the wider organisation to ensure that the Trust maintains the highest standards of compliance and defence against cyber security threats, ensuring that cyber security is a golden thread running through all our processes and planning.   This will be achieved by:

• Oversee Security Operations: Ensure the smooth and efficient operation of security services across the Group Model across two hospitals, maintaining a safe and secure environment for patient and operational data.
• Risk Assessment and Management: Conduct regular risk assessments in support of the Digital Service operations and working alongside the IT Security Architect for new services. Identifying potential security threats, and implementing appropriate measures to mitigate these risks in both hospitals.
• Policy Implementation: support the development and adoption of hospital security policies and procedures, ensuring compliance with NHS guidelines and local regulations.
• Staff Supervision and Training: Lead, train, and supervise Security team members , ensuring they are equipped with the skills and knowledge necessary to perform their duties effectively in a dual hospital setting.
• Incident Response Coordination: Coordinate and manage the response to security incidents, ensuring timely and effective resolution while minimizing disruption to hospital operations. Ensuring effective escalation communications are designed and implemented.

Job summary

Team Management

• In the absence of the Technical Services Manager, ensure tasks are appropriately prioritised and scheduled, skills appropriately utilised, procedures documented and followed, adequate coverage for absence and Out-of-Hours support is in place, and consistent, up-to-date documentation is established and maintained.
• Provide the immediate line management for the Security Specialists within the Technical Security Team.
• Monitor security standards for the Technical Services team, monitoring achievement against these, and devising improved ways of working, working with the Technical Services Manager.
• As a team leader, take a lead role in the daily scrum held within the team to ensure the team collaboration and focus is aligned to the business outcomes.
• Play a leading role in contributing to the Technical Services team working processes and operating procedures.
• Facilitate Triage of incoming workloads and allocation of work throughout the team as required.
• Ensure that Technical Services team and external contractors work in a responsible and safe manner and have due regard for health and safety regulations.

System Design & Hosting

Secure System Architecture: Design and implement robust security architectures for IT solutions, ensuring the integration of security principles such as least privilege, defense in depth, and secure by design throughout the IT solutions lifecycle.

• Access Control Management: Develop and enforce access control policies, ensuring that only authorized personnel have access to sensitive systems and data, using multi-factor authentication, role-based access, and other security mechanisms.
• Data Encryption and Protection: Implement strong encryption protocols and secure data handling practices to protect sensitive information both in transit and at rest, ensuring compliance with relevant regulations and standards.
• Vulnerability Management: Conduct regular vulnerability assessments and security testing (e.g., penetration testing) to identify and mitigate potential security weaknesses in system design and hosting environments.
• Incident Detection and Response: Design and implement systems for real-time monitoring and logging, enabling the timely detection, investigation, and response to security incidents and breaches.
• Compliance and Audit Support: Ensure that systems are designed and hosted in accordance with relevant regulatory requirements and industry standards, providing necessary documentation and support during security audits and compliance assessments.

Software and Hardware Installation

• Secure Configuration and Hardening: Ensure that all software and hardware installations follow secure configuration guidelines and hardening practices to minimize vulnerabilities and reduce the attack surface.
• Patch Management: Oversee the timely installation of security patches and updates for both software and hardware across the entire IT landscape & two hospitals, ensuring that systems are protected against known threats and vulnerabilities.
• Malware Protection: Implement and configure antivirus, anti-malware, and intrusion detection/prevention systems during installation to safeguard against malicious software and unauthorized access.
• Access Control Implementation: Configure and enforce strict access controls during software and hardware installation, ensuring that only authorized users can access and modify system components.
• Data Backup and Recovery Setup: Establish and verify secure data backup and recovery procedures during installation, ensuring that critical data is protected and can be restored in the event of a failure or breach.
• Documentation and Compliance: Maintain detailed records of software and hardware installations, including configurations, security settings, and compliance with industry standards, to support ongoing security management and audits.

Infrastructure Developments/Innovation

• Secure Infrastructure Design: support the development of secure infrastructure solutions, incorporating advanced security measures and best practices into the planning, design, and implementation of new technologies.
• Emerging Threat Mitigation: Proactively identify and address emerging security threats and vulnerabilities, adapting infrastructure developments to stay ahead of potential risks and ensure ongoing protection.
• Integration of Security Technologies: Evaluate, select, and integrate cutting-edge security technologies and tools within the infrastructure to enhance overall security posture and support innovative solutions.
• Scalability and Flexibility: Ensure that infrastructure developments are designed with scalability and flexibility in mind, allowing for secure expansion and adaptation to future technological advancements.
• Automation and Orchestration: Implement automation and orchestration tools to streamline security processes within infrastructure developments, improving efficiency, consistency, and responsiveness to security incidents.
• Collaboration with Stakeholders: Work closely with cross-functional teams, including IT, operations, and management, to align infrastructure innovations with security requirements and Hospital Group aims, ensuring that security is integrated into all phases of development.

For additional information please read attached full job description.

Qualifications

Essential

• ITIL v3 Foundation
• Degree-level Qualification or equivalent in a Computing or analytical field
• Technical Accreditation in one or more of the following: -
  • Microsoft MCP/MCSA/MCSE
  • Cisco CCNA
  • CompTIA Security+ .
  • Certified Ethical Hacker (CEH) 

Desirable

ISO27001

CISSP

The health and wellbeing of our staff is at the forefront of everything we do. We are proud to be able to offer our staff some fantastic benefits including our on-site Nursery, access to our free Beach Hut for those long summer days, our on-site Wellness Centre including a gym and a swimming pool, access to our fantastic staff networks including LGBTQ, Race Equality and Disability, and awards ceremonies to recognise your achievements. We believe we can offer support to all of our staff when they need it the most.

We welcome the unique contributions that you can bring in terms of your education, opinions, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, veteran’s status, colour, religion, disability, sexual orientation, and beliefs.