Lead Information Governance Analyst
About the facility
Internationally renowned HCA Healthcare UK, London’s largest private healthcare providers are actively recruiting for an Lead Information Governance Analyst to join our growing IT team.
From complex and urgent care, to primary care, outpatient and day-case treatment, HCA Healthcare UK provide exceptional care across our network of facilities and key NHS partnerships in London and Manchester. Our facilities include The Harley Street Clinic, The Lister Hospital, London Bridge Hospital, The Portland Hospital, The Princess Grace Hospital and The Wellington Hospital. We also run HCA Laboratories and are growing via our expanding joint ventures divisions, including partnering with the NHS.
Our primary purpose is to provide exceptional care delivered with compassion and kindness, using state-of-the-art technology operated by expert, dedicated teams.
The Lead Information Governance Analyst is a security specialist with an emphasis in information governance and risk management. The role is responsible for applying information security concepts, knowledge and skills to support a comprehensive information security governance program. This program evaluates and monitors the current state of information governance across the organization.
This is a full time and permanent opportunity offering a competitive salary package dependent upon candidate experience. Along with a competitive salary, the incumbent will also receive 25 days holiday, private healthcare and our company flexible benefits scheme. This role is based a short walk from London Bridge station and may need to occasionally travel to other central London sites.
Duties & Responsibilities
Collect the top and most pressing Information Governance areas (regulatory, security of critical enterprise applications and security infrastructure, etc.), analyze them, and derive strategic decisions that balance risk with operation and economic costs of protective measures.
Collects and maintains an inventory of key applications, processes, and infrastructure items and their impact to the top and most pressing Information Governance risks. Additionally, maps applications, processes, and infrastructure items to appropriate security risks.
Facilitates/performs activities to map key controls (policy, procedure, practice, or organizational structure) that if implemented would provide reasonable assurance that security objectives will be achieved and undesired events will be prevented or detected and corrected
Facilitates/performs activities to review, development, and implementation of security plans, products, and control techniques.
Facilitates/performs activities to conduct technical security reviews and assessments of applications, processes, and technology infrastructure and document within a Data Privacy Impact Assessment (DPIA).
Skills and Experience
Previous experience within Security Technologies / Methodologies, Information Governance and Compliance, IT Risk Management, Information Security Metrics and Reporting.
Must have working knowledge of the COSO and COBIT methodologies.
Experience with ISO 27001, Data Protection Act and Data Protection Bill.
Experience with Information Governance, regulatory, or compliance responsibilities
About the Individual
Strong Communication Skills; oral and writes modalities.
Ability to work under tight deadlines and prioritize responsibilities.
Ability to handle and maintain confidential information.