Head of Cyber Security

Head of Cyber Security

Application Deadline: 15 June 2025

Department: Technology Services

Employment Type: Permanent - Full Time

Location: London, Portland Place

Reporting To: David Massey

Compensation: £73,571 - £87,797 / year

Description

About the team and what we do

We’re building something new and important. This brand-new role sits at the heart of our Technology Services team, reporting directly to the Assistant Director. Our team is responsible for the digital foundations that power the organisation’s work—and cyber resilience is critical to that mission. As our services evolve and expand, we need an expert voice to lead on all aspects of cyber security and ensure our defences are as smart and adaptive as the threats we face.

This is a strategic opportunity to shape the NMC’s approach to cyber resilience from the ground up, while working closely with colleagues across all functions to keep our systems, data and services safe.

Your role and impact

As Head of Cyber Resilience, you’ll lead and drive the NMC’s security agenda—embedding resilience into everything we do. You’ll be the organisation’s go-to expert on cyber threats, guiding our response to evolving risks and ensuring we're ready for anything.

You’ll be a visible, trusted leader who not only defines our cyber security strategy but also brings it to life across the organisation. Whether supporting senior leaders, collaborating with peers across IT and operations, or building awareness among staff, your influence will reach far and wide. This is your chance to leave a lasting impact on how we protect what matters most.

What you will do

• Set the strategic direction for cyber resilience, ensuring our approach is modern, pragmatic, and future-ready.
• Lead the implementation of robust security policies, controls and standards across infrastructure, applications, and cloud services.
• Build strong relationships across the organisation, translating complex risks into clear, practical advice for both technical and non-technical audiences.
• Champion a security-first mindset through training, engagement and awareness campaigns.
• Own our incident response and recovery planning, ensuring we’re always ready to respond and recover.
• Oversee audits, risk assessments and compliance work aligned with ISO 27001, Cyber Essentials, NIST and other frameworks.
• You’ll combine strategic oversight with practical know-how—ensuring our digital services remain secure, trusted and resilient.

What you will bring

We’re looking for a confident leader with deep expertise in cyber security and a passion for enabling secure innovation. You’ll bring:

• Proven experience leading cyber security or resilience functions at an enterprise level.
• Strong knowledge of current and emerging cyber threats, technologies and regulatory requirements.
• The ability to make the complex simple—translating technical detail into meaningful action and advice.
• Experience with frameworks such as ISO 27001, Cyber Essentials, NIST, and robust incident management.
• Relevant certifications such as CISSP, CISM, or equivalent.
• A collaborative mindset and a proactive approach to risk—balancing security with the needs of a modern, service-driven organisation.
• You don’t need to have all the answers on day one, but you do need the curiosity, resilience and leadership to shape our future.

Why join us
This is more than a technical leadership role—it’s a chance to shape an essential function in a high-impact organisation. You’ll be the first in post, with the freedom and support to build a resilient, secure environment from the inside out.
At the NMC, we’re ambitious about the role digital plays in delivering for the public. We’re also kind, collaborative and driven by our values. If you’re ready to bring your cyber expertise into a purpose-led environment—where people value your knowledge and are ready to work with you—this is the perfect next step.

Interviews will be held during w/c 30 June 2025

If required we may add a second interview which will be held during w/c 7 July 2025

Benefits

• 30 days annual leave
• Enhanced Pension Contributions via our attractive Pension Scheme – with a basic 8% employer contribution as standard which increases up to 14% with optional added Employee Contributions 
• Life Insurance – 4 x current salary
• Hybrid/Flexible working policies
• Enhanced Maternity and Paternity Leave
• 24 Hours Employee Assistance Programme
• Cycle to Work Scheme
• Perkbox membership 
• Subsidised restaurant in our Portland Place office
• Season ticket loans 

About Us

Our core role is to regulate. First, we promote high education and professional standards for nurses and midwives across the UK, and nursing associates in England. Second, we maintain the register of professionals eligible to practise. Third, we investigate concerns about nurses, midwives and nursing associates - something that affects a tiny minority of professionals each year. We believe in giving professionals the chance to address concerns, but we’ll always take action when needed.  To regulate well, we support our professions and the public. We create resources and guidance that are useful throughout people’s careers, helping them to deliver our standards in practice and address new challenges. We also support people involved in our investigations, and we’re increasing our visibility so people feel engaged and empowered to shape our work.
 Regulating and supporting our professions allows us to influence health and social care. We share intelligence from our regulatory activities and work with our partners to support workforce planning and sector-wide decision making. We use our voice to speak up for a healthy and inclusive working environment for our professions. 
 Check out our NMC LinkedIn page here for an insight into the NMC, our vacancies and the world of healthcare regulation.  

Additional Information

We encourage you to complete your application as soon as possible to avoid disappointment.

The role you are applying for is a flexible role, and whilst you will be posted initially to a team, this may require movement between teams as the flow of work dictates. You will of course understand that this flexible approach enables us to provide the best possible service to our registrants and reach the outcomes to our cases quickly and within a reasonable timeframe. This will not change your terms and conditions and will be discussed with you prior to you taking up the post.


Hybrid Working Policy

We are currently working to a policy of office attendance for two days per week with the rest of the time working from home. Before making your application please ensure your able to commit to working in one of our office locations twice per week. If you are applying for a part time role please pro-rata office attendance based on number of day you would be working.

 

Our Pay Policy

It is expected that staff new to the NMC will ordinarily be appointed to the bottom of the relevant pay band. However in exceptional circumstances, it may be possible to offer a salary above the bottom of the relevant pay band but we may request proof of current earnings. Please note that we offer an annual review of salaries and adopt a generous progressive pay approach. Further details of which are available on request.


For our internal colleagues, you will be paid in accordance to our internal pay policy.


Reasonable adjustments

We will provide reasonable adjustments to support disabled candidates throughout the recruitment process. Please let us know if you need any additional support to enable you to make an application with us.

Screening and vetting

All of our roles are subject to pre-employment checks. We are in the process of introducing a vetting policy, and it is possible that this role may become subject to DBS and further vetting checks in future.