Information Security Officer

Information Security Officer

Barbican, London | Hybrid Working | Legal & Secretary | Permanent | Full Time
Competitive salary available, depending on experience
37.5 hours per week

At Nuffield Health, our purpose is to build a healthier nation and protecting our information and systems is central to delivering safe, high‑quality services. The Information Security Officer supports the development and continuous improvement of our Information Security Management System, ensuring we remain secure, compliant and resilient across all operations. You’ll contribute to governance, risk management, compliance, supplier assurance, incident response, audit activity and security awareness, helping embed a strong security culture across the organisation.

As our Information Security Officer, you will:

• Support the management of the Information Security Management System and maintain documentation aligned with ISO 27001 and NHS DSPT.

• Identify, assess and manage information security risks, maintaining security risk registers and treatment plans.

• Conduct internal assurance activity, including control testing, compliance reviews and supplier security assessments.

• Support change programmes by assessing security implications of new technologies, ensuring a “Secure by Design” approach.

• Contribute to incident management, including coordination, investigation, root‑cause analysis and post‑incident reviews.

• Maintain compliance with relevant legislation and standards, supporting internal and external audits.

• Deliver security awareness activity and contribute to a strong security culture across the organisation.

• Provide guidance to colleagues and support Data Protection work including privacy controls and DPIAs.

• Produce and develop security reporting and contribute to policy, standards and procedure development and implementation.

To succeed as the Information Security Officer, you’ll bring:

• Knowledge and experience in Information Security.

• Understanding of security risk and supplier security management processes.

• Be an advocate for security as an organisational enabler.

• Experience delivering security awareness or training.

• Strong analytical, problem‑solving and communication skills.

• Proficiency in Microsoft Office.

Desirable:

• Experience in healthcare or regulated environments.

• Experience of Data Protection or GRC roles.

• Audit or assurance review experience.

• Knowledge of ISO 27001, NHS DSPT and security controls.

Helping you feel good.

We want you to love coming to work, feeling healthy, happy and valued. That’s why we’ve developed a benefits package with you in mind. Here, you can choose from a range of fitness, lifestyle, health and fitness wellbeing rewards, such as free gym membership, health assessments, retail discounts and pension options.

At Nuffield Health, we take care of what’s important to you.

If you like what you see, why not start your application now? We consider applications as we receive them and reserve the right to close adverts early (for example, where we have received an unprecedented high volume of applications). So, it’s a good idea to apply right away to ensure you’re considered for this role.

Apply today… It starts with you.