Deputy Director Privacy and Compliance (Paternity Cover)

UK Health Security Agency
Birmingham
1 month ago
Applications closed

Related Jobs

View all jobs

Deputy Headteacher

Deputy Headteacher

Deputy Headteacher

Deputy Headteacher

Deputy Headteacher

Deputy Headteacher

Job summary

The Deputy Director, Privacy and Compliance is responsible for the functions that collectively enable UKHSA. The team helps to ensure that UKHSA can make the best use out of its data and information to protect public health. Teams provide a single locus for UKHSA to assure Public Health data activities and monitor corporate information risk performance, supporting UKHSAs SIRO obligations to the Department of Health. It leads second line of defence compliance for the Director General of Chief Data Office

Main duties of the job

The job holder will be responsible for leading a team of civil servants and contractors across three areas: (1) Data Compliance, (2) Data Release & Acquisition and (3) Privacy (General Data Protection Regulation); providing professional and accessible data services across UKHSA to enable the use of and sharing of data in support of the UK's Public Health.

The UKHSA Privacy and Compliance directorate sits within Chief Data Office (CDO) Group within UKHSA. The CDO Group has grown out of the Data, Analytics and Surveillance group and Technology; and is now responsible for providing supporting cutting-edge digital, data, analytical With this role we will expect attendance at leadership events in London from time to time as well as any travel necessary to attend sites across the UKHSA estate as required.

This role is a 3-4 month's cover for the Deputy Director of Privacy and Compliance. It will require quickly taking on leadership the Privacy and Compliance team.

About us

We pride ourselves as being an employer of choice, where Everyone Matters promoting equality of opportunity to actively encourage applications from everyone, including groups currently underrepresented in our workforce.

UKHSA ethos is to be an inclusive organisation for all our staff and stakeholders. To create, nurture and sustain an inclusive culture, where differences drive innovative solutions to meet the needs of our workforce and wider communities. We do this through celebrating and protecting differences by removing barriers and promoting equity and equality of opportunity for all.

Please visit our careers site for more information

Job description

Job responsibilities

Key responsibilities will include:

Ensure UKHSAs approach and process for managing information risk is in accordance with the Framework Agreement with DHSC. Provide advice and best principles for delivering Public Health outcomes. Take the lead in maintaining effective working relationships on Information Risk with key stakeholders, including DHSC, NHS Digital (NHSD), and UKHSA seniors. Responsibility for all data and information sharing (across UKHSA) under formal arrangements or in accordance with legal requirements inbound and outbound data / information, personal and non-personal data. Lead lean/efficient UKHSA services for other groups to enable permissions on data ingestion, use and sharing in support of Public Health outcomes, whilst engendering the trust and confidence of the public, government and our oversight bodies. Responsibility for overseeing adherence to data compliance, privacy, GDPR and other information security controls and standards. Coordinate for the UKHSA Deputy Senior Information Risk Owner (SIRO) the design and implementation of information risk governance and meet all necessary reporting requirements established by the Department of Health and Social Care. Ensure that information risks are appropriately fed into Boards, Audit Risk Committee and DHSC Senior Accountability Meeting as required. Assure the implementation of ICO audit recommendations, that evidence to demonstrate delivery against recommendations is quality assured, collated and made ready in good time. Lead a separate compliance function, working closely with the Data Protection Officer, understanding and evaluating information risk across UKHSA

This role will influence the following key stakeholders:

Internal Data and Analytics function Deputy Directors peers Data and Analytics function Director General and Directors Role and office of the Caldicott Guardian Directors and Deputy Directors across UKHSAIMP Team Data Operations Enterprise Data and Analytical Platform (EDAP) Programme team Legal Commercial Cyber Technology

External

Senior civil servants within Cabinet Office, ONS, DHSC, NHS and other government organisations Roles and organisations such as the National Data Guardian, UK Caldicott Guardian Council, Information Commissioners Office, UK Statistics Authority Concerned stakeholders within identified partnerships with the private sector DHSCs Office of Data Protection (ODPO) DHSCs SIRO DHSCs Information Risk and Assurance (IRMA) team NHS England (NHSE) ICO National Data Guardian (NDG) Government Internal Audit Agency (GIA)

Essential Criteria.

Availability to begin the role on the 7th April 2025 on a short term basis, rolling off in 18th July 2025, (with possible short extension.) Minimum of a Bachelors level degree or equivalent leadership experience. Demonstrate strong leadership skills, having an ability to influence a cross-functional groups towards unified direction, in the face of ambiguity, and having an ability to influence senior business leadership Experience of effective stakeholder management and the ability/gravitas to engage with senior stakeholders across disparate business areas An understanding of, or experience working in, the three main areas of IMP work (information management, data governance and compliance with laws relating to the management of data) Experience of leading and motivating teams to deliver challenging delivery objectives at a time of significant change Knowledge of data-related government regulatory requirements and emerging trends and issues. Experience of, or aptitude for, developing processes and ways of working that comply with the law and/or important government policies.

For full details, please refer to the attached Candidate Pack.

ExternalOpen to all external applicants (anyone) from outside the Civil Service (including by definition internal applicants).

Stage 1: Application & Sift

You will be required to complete an application form. You will be assessed on essential criteria, and this will be in the form of an Application form (Employer/ Activity history section on the application) a 1000 word Statement of Suitability.

This should outline how your skills, experience and knowledge provide evidence of your suitability for the role, with reference to the essential criteria.

The Application Form and Statement of Suitability will be marked together.

Please note you will not be able to upload your CV. You must complete the application form in as much detail as possible.

Unfortunately, late applications will not be considered.

If you are successful at this stage, you will progress to interview & assessment.

Please do not exceed 1000 words. We will not consider any words over and above this number.

Feedback will not be provided at this stage.

Stage 2: Interview (success profiles)

You will be invited to virtual interview.

Behaviours, technical and experience will be tested at interview.

There will be a 5-minute presentation, based on Technical and Experience, the topic of which will be confirmed prior to the interview.

The Behaviours tested during the interview stage will be Leadership Delivering at Pace

Interviews will be held week commencing 17th February 2025. Please note, these dates are subject to change.

Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Successful candidates must pass a disclosure and barring security check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is Security Clearance.

For meaningful National Security Vetting checks to be carried out individuals need to have lived in the UK for a sufficient period of time. You should normally have been resident in the United Kingdom for the last 5 years as the role requires Security Check (SC).

UK residency less than the outlined periods may not necessarily bar you from gaining national security vetting and applicants should contact the Vacancy Holder / Recruiting Manager listed in the advert for further advice.

UKHSA operates a hybrid working model where business needs allow. This provides us with greater flexibility about how and where we work, to get the best from our workforce. As a hybrid worker, you will be expected to spend a minimum of 60% of your contractual working hours (approximately 3 days a week pro rata, (averaged over a month) working at one of UKHSA's locations (Birmingham B2 4BH, Leeds LS2 7UE, Liverpool L3 1DS, and London E14 4PU). Specialist or regional roles will be based at the appropriate UKHSA site. For certain roles, some additional flexibility may be possible, which will be agreed upon with the hiring manager based on individual requirements and business needs.

Relocation expenses are not available.

Person Specification

Experience

Essential

Application Form & Statement of Suitability

Behaviours

Essential

Leadership Delivering at Pace

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers Jobs

10 Must-Read Cyber Security Books for UK Professionals: Boost Your Career and Stay Ahead of Threats

With rapid advancements in digital infrastructure, cloud computing, and the Internet of Things (IoT), cyber threats continue to evolve at lightning speed. For organisations across the UK—and globally—robust cyber security is no longer optional: It’s a strategic imperative. From healthcare and finance to government agencies and tech start-ups, every sector needs skilled professionals to safeguard critical data and protect users. If you’re looking to break into or advance within the cyber security industry, staying updated on the latest techniques, threat landscapes, and defence strategies is paramount. One of the best ways to build and sharpen your expertise is by reading authoritative, high-quality books that combine foundational knowledge with cutting-edge insights. In this guide, we’ve compiled a list of ten books that cater to various skill levels, spanning ethical hacking and threat intelligence to secure software development and cryptography. By diving into these resources, you’ll fortify your understanding of cyber security fundamentals, explore hands-on techniques for defending systems, and gain the strategic perspective needed to excel in roles throughout the UK’s thriving cyber security landscape.

Careers

Navigating Cybersecurity Career Fairs Like a Pro: Preparing Your Pitch, Questions to Ask, and Follow-Up Strategies to Stand Out

In a world where digital threats are escalating and online infrastructure underpins nearly every aspect of our personal and professional lives, cybersecurity has swiftly become one of the most sought-after career fields. Demand for skilled cybersecurity professionals outstrips supply, both in the UK and globally. From ethical hackers and penetration testers to governance, risk, and compliance (GRC) specialists, the opportunities are extensive—and lucrative. Amidst this surge in demand, cybersecurity career fairs provide an invaluable chance to meet potential employers face-to-face, gain industry insights, and make connections that can accelerate your career trajectory. Unlike applying to countless jobs online, these events bring companies, security leaders, and aspiring candidates together under one roof. When approached with the right strategy, a single conversation at a cybersecurity fair can open the door to your dream job. In this comprehensive guide, we’ll explore how to prepare thoroughly, engage confidently, and follow up effectively after a cybersecurity career fair. By incorporating these insights into your approach, you’ll stand out from the crowd and maximise your chances of securing the perfect role in this fast-growing field.

Jobs

Common Pitfalls Cyber Security Job Seekers Face and How to Avoid Them

The cyber security industry in the UK and worldwide is experiencing rapid growth. With cyber attacks growing in sophistication and frequency, organisations are investing more resources than ever into defending their digital assets. From penetration testers and threat analysts to security architects and compliance officers, cyber security professionals are in high demand across a variety of sectors—including finance, healthcare, government, and retail. Yet, in spite of this high demand, the process of landing a cyber security role can be more challenging than many candidates anticipate. The stakes are high: prospective employers entrust cyber professionals with their most sensitive data, their compliance posture, and often their core business operations. Therefore, they’re looking for candidates who can demonstrate not just technical know-how, but also excellent communication, adaptability, and an awareness of the broader business context. In this article, we’ll explore the most common pitfalls that cyber security job seekers face, especially in the UK market, and how to avoid them. Whether you’re a recent graduate, a professional transitioning from a different field, or an experienced practitioner aiming for a senior role, these insights will help you stand out and secure the opportunities that fit your skill set and career goals.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.