We are seeking an experienced and strategic Head of Cyber Security to spearhead the development and execution of a robust cyber security strategy. HC One, largest health and social care workforce outside of the NHS, is undergoing an accelerated digital transformation and has made significant progress in cyber-readiness. We’re looking for a visionary leader to elevate our cyber security capabilities to the next level. This pivotal role is central to safeguarding the confidentiality, integrity, and availability of our enterprise-wide systems and data. Ensuring the protection of critical assets across a complex and evolving digital landscape.
You will lead a growing cyber security function and be accountable for operational resilience, threat intelligence, and security governance. The role requires strong technical acumen, strategic leadership, and the ability to drive cultural change across a large and diverse organisation.
About You
You will be a strategic thinker with a proactive, solution-oriented mindset and the resilience to remain composed during high-pressure security incidents. Strong leadership and communication skills are essential, along with the ability to influence stakeholders and drive cultural change across the organisation. You’ll possess excellent analytical and documentation abilities, enabling you to translate complex technical risks into clear, actionable insights.
Your commitment to continuous learning and staying ahead of emerging threats will be vital. As will your ability to lead change, promote best practices, and foster a security-first mindset throughout the organisation.
Roles & Responsibilities
Cyber Security Strategy & Operations
Define, lead, and implement a cyber security strategy aligned with organisational risk appetite and priorities.
Develop and manage the security operations roadmap, ensuring effective incident response, threat detection, and vulnerability management.
Operationalise cyber security through policy, architecture, and process improvements.
Act as the primary escalation point for security events and incidents.
Own the lifecycle of cyber security programmes, from strategic planning to execution and ongoing improvement.
Ensure the security architecture accommodates modern AI and analytics use cases, including cloud-native platforms, APIs, and third-party data processing.
Develop policies and technical controls that support secure machine learning operations (MLOps), data sharing, and integration across systems.
Manage cyber security budgets and resource allocation, ensuring strategic priorities are met within financial constraints
Team Leadership & Cross-Functional Collaboration
Build, lead, and mentor a high-performing cyber security team.
Collaborate with Legal, IT, Compliance, and the Data Protection Officer to embed security into business operations.
Ensure secure access to enterprise data platforms—enabling responsible innovation while upholding security and compliance.
Work cross-functionally to design and implement data classification schemes and access policies that balance utility and risk.
Represent the cyber function at governance forums and leadership meetings.
Promote and embed a security-first culture through training, awareness, and ongoing engagement.
Governance, Risk & Compliance
Lead the development, review, and enforcement of cyber security policies and documentation.
Ensure compliance with standards such as ISO 27001, GDPR, Cyber Essentials, and other relevant frameworks.
Strengthen third-party cyber risk oversight, including supplier assessments, contract clauses, and continuous monitoring of key partners and platforms.
Support the implementation of data governance frameworks by aligning security practices with metadata management, data lineage, and data usage auditing.
Coordinate responses to third-party risk assessments and audits.
Track and report key metrics to senior leadership.
Co-develop standards for encryption, masking, pseudonymisation, and secure storage to meet privacy and analytics requirements.
Innovation & Continuous Improvement
Stay abreast of emerging threats, technologies, and tools.
Conduct regular threat assessments, horizon scanning, and risk modelling.
Identify and implement innovative solutions to strengthen cyber defence.
Proactively assess emerging risks in AI, advanced analytics, and third-party data partnerships.
Support secure design and implementation of new systems, platforms, and services.
Evaluate secure data access and compute environments (e.g. data clean rooms, federated learning, privacy-preserving ML) in collaboration with the Data Science team.
Qualifications and Experience
We’re looking for a dynamic cyber security leader with a strong technical foundation, strategic insight, and a proven ability to deliver in complex environments. You will combine deep subject matter expertise with excellent leadership and communication skills, enabling you to effectively manage risk. Whilst driving operational resilience, and influence security culture across the organisation.
Essential:
Degree in Cyber Security, Computer Science, or a related field—or equivalent professional experience.
Industry-recognised certifications such as CISSP, CISM, CISA, CRISC, or CGEIT.
Demonstrated experience in leading cyber security teams, with a strong focus on operational security and incident response.
In-depth knowledge of cyber risk management, threat intelligence, IAM, and vulnerability management.
Familiarity with key regulatory and compliance frameworks, including ISO 27001, GDPR, NIST, and Cyber Essentials.
Ability to communicate complex technical risks in clear, actionable terms to business stakeholders.
Desirable:
Additional certifications such as CompTIA Security+, CEH, SSCP, or Microsoft Security qualifications (e.g. AZ-500, SC-200, SC-300).
Experience working within ITIL and Agile environments.
Exposure to highly regulated or large-scale enterprise environments.
Familiarity with modern security methodologies and frameworks such as OWASP, DevSecOps, and the Cyber Assessment Framework (CAF).
About HC-One
At HC-One, kindness is more than a word; it is a belief that caring for people means understanding what matters most to them, so we can support them to lead their best life. Our team embodies five key qualities, known as Kindness the HC-One Way: curiosity, compassion, creativity, courage, and reliability.
We champion inclusivity, fostering a workplace where everyone feels valued and can be themselves. Our diverse workforce helps us better represent the communities we serve.
Our dedicated colleagues strive to deliver outstanding care, and we support their professional and personal growth through robust career pathways, CPD, and postgraduate programs. HC-One invests in our team, offering opportunities to progress into regional and national roles.
Safeguarding is everyone's responsibility. All colleagues receive appropriate training to recognise and respond to signs of abuse, harm, or neglect. We ensure everyone knows how to seek advice and report concerns, including escalation if necessary.
We invite applicants from all backgrounds to join our HC-One family, committed to providing a quick and supportive onboarding process.
Rewards & Benefits
Complimenting your salary, you will enjoy access to a huge variety of benefits and services to support your physical and psychological well-being and throughout your career we will invest in you and you will enjoy additional support and benefits including:
Award-winning learning and development
25 days annual leave
An opportunity to learn from experienced colleagues as part of an outstanding and committed team.
GP online - providing around the clock GP consultation via an interactive app - available to you and your children under 16
Colleague discounts – Access to over 1600 high street discounts including carefully selected discount partners
Wellbeing - free of charge access to an independent and confidential Employee Assistance Programme. This gives Colleagues and their family access to 24/7 365 support for a whole range of issues including physical, mental and financial issues
Ready to Apply?
This is a rare opportunity to lead a critical function within a digitally evolving organisation. If you are a visionary cyber security leader looking to shape strategy, build a high-impact team, and make a lasting impact—we want to hear from you
