Cyber Security Governance, Risk and Compliance (GRC) Principal

Care Quality Commission

Grade A: £52,737 (National Framework) or £58,409 (London Framework – if you are London office-based or home-based and live within the boundary of the M25)  There is also an additional homeworking allowance of £581 per annum for those working from home 

Contracted Hours: Full time 37 hours per week. We may also be able to offer part time hours or a variety of flexible working patterns.

Contract Type: Permanent

Location: We can offer homeworking, office-based work or talk to us about flexible working. 

Closing Date: Sunday 16th February 2025 at 11.59 pm  

This role is NOT open to applications from those who will require sponsorship under the points-based system. Should you apply for this role and be found to require sponsorship, your application will be rejected, and any provisional offer of employment withdrawn.

 

Are you committed to helping us regulate health and social care within England?

Here at CQC our colleagues are all working towards our core purpose and are motivated by the knowledge that what we do makes a difference to so many people. CQC helps ensure the people in our communities receive safe, effective, compassionate, high-quality care, and we work with service providers to achieve this.   Technology is key to the delivery of CQC’s core purpose. Our Technology team does what matters most by providing high quality, customer centric technology solutions and services to CQC colleagues, providers and the public through modern, agile and innovative technology.  Technology makes a difference; it speeds processes up, enables more efficient communication and ways of working, and enables colleagues to make decisions, which translates into better regulation of services.   By taking your next career step with us you will become part of a team that designs, builds and maintains the organisations digital infrastructure all while giving you the opportunity to build an enviable career in an organisation that values equity, diversity and inclusion, learning and development and supports colleagues to be the best they can be.  We are looking for people who are caring, demonstrate integrity and work well as part of a team to join with us and share in our Technology journey. If you would like to make a positive impact to health and social care within England, then read on. 

Why this could be a great role for you….

This is a brilliant opportunity for a Cyber Security GRC Principal to join our developing Technology Team. 

 The Cyber Security GRC Team plays a crucial role in enabling good security practices by providing security policies, guidance, and education. As the Cyber Security GRC Principal you will lead a small team of risk and security professionals to deliver security risk and assurance activities across the CQC.

 In this role, you will: 

  • Own the Information Security Assurance framework and programme. 
  • Design and perform themed reviews to provide assurance of information security control's effectiveness. 
  • Be responsible for establishing and implementing the information security and technology risk management programme. 
  • Identify, engage and manage 3rd party organisations to ensure appropriate security assurance activities are conducted. 
  • Lead Secure by Design activities to ensure business and technical changes meet security requirements. 
  • Liaise with other bodies to contribute to the maturing of cyber security practices across the Health and Social care industry. 

We’re offering a unique and highly rewarding opportunity to enhance your experience and professional portfolio in a leading regulatory body, where your knowledge and dedication will ultimately help to improve the health outcomes of millions of people across the UK. 

What we can offer you...

Our technology roles can be offered on either a full-time, part-time or a multitude of other flexible working arrangements such as compressed hours. We are happy to work with you to ensure a suitable arrangement can be made.    Your health and wellbeing are important to us, we recognise the importance of a meaningful work-life balance, and we will support you to find that harmony.   We offer an enviable benefits scheme which includes; 

  • 27 days’ annual leave, rising with service to 32.5 days, plus 8 Bank Holidays  
  • NHS pension scheme, with around a 14% employer contribution  
  • Free employee assistance service 24 hours a day  
  • Discounts to supermarkets, high street stores, electronics and fleet cars  
  • Discounted gym vouchers  
  • Cycle to work scheme  
  • Internal reward scheme where you could earn yourself a voucher or two!  
  • Equipment for homeworking  

We want to make working for CQC a great experience for everyone, and to role model a diverse and representative culture. To support an inclusive environment where colleagues feel empowered to bring their whole self to work, we support a variety of staff networks, including the Race Equality Network, LGBT+ Equality Network, Carers Equality Network, Disability Equality Network and Gender Equality network.   We want to support you to succeed and be your very best with opportunities for training and development; along with the support of experienced managers and mentors.

What you will bring…

With demonstrable experience of working at a senior level in a specialist area of Information Security you will support the Cyber Security GRC Team to enable good security practises in the organisation.  The ideal candidate for this role will; 

  • Experience in authoring governance documentation (standards, policies, reporting, proposals, analysis). 
  • Understanding of common security standards, frameworks and regulations relating to the health industry environment. 
  • Experience in delivering culture, training and awareness programmes. 
  • Strong knowledge of Security controls across Microsoft-based technologies, Endpoints, IdAM, Networks, Applications, Email and Cloud. 
  • Experience in working with Senior stakeholders to champion the security agenda. 

 Cyber Security GRC Principal JD

 

For an informal discussion or further information on the role, please contact Ryan Torrance, Information & Cyber Security Manager, at ryan.torrance@cqc.org.uk .

Individual adjustments... 

We are committed to being open and transparent around our processes, and we endeavour to offer every candidate the opportunity to perform at their best throughout the recruitment process. We seek to support candidates to identify potential challenges and work with them to identify and facilitate reasonable adjustments as appropriate. Should you require assistance and/or would like to request a reasonable adjustment at any stage of the recruitment process, please contact a member of the team via email: recruitment@cqc.org.uk 

CQC is committed to promoting a fair and inclusive workplace where all our people can flourish and reach their full potential. We know diverse teams allow for a more creative and productive environment and therefore encourage applications from everyone regardless of age, gender/sex, gender identity or expression, religion or belief, disability, ethnicity or sexual orientation. For this role, we are particularly encouraging people from ethnically diverse communities and people with a disability to apply, who are currently under-represented at this level in the organisation.

Candidates must ensure that all information provided in their application is detailed in their own words and is factually accurate.  Any examples provided must be taken from personal experience. CQC abides by honesty and integrity as part of its core values, if evidence of plagiarism or generating answers from other sources is found, applications may be withdrawn.

Click to Apply

Similar jobs

View more jobs