About

Permanent, Full Time (35 hours per week)We’re looking for a Cyber Security Lead to provide strategic leadership and organisation-wide direction for cyber security, setting security standards, influencing governance, and shaping long-term security strategy across JRF and JRHTAbout the roleYou will be responsible for leading the delivery of the organisation’s cyber security activities, ensuring that digital systems and information assets are protected against current and emerging threats. Maintaining the cyber risk register, you will lead investigations into security breaches, coordinate disaster recovery (DR) and cyber incident response, and support business continuity planning (BCP), including defining Restore Point Objectives (RPOs) and Recovery Time Objectives (RTOs).The role ensures compliance with cyber security and information governance policies whilst providing subject matter expertise across the organisation. You will advise colleagues and senior stakeholders and act as a key liaison with third-party providers to safeguard our digital environment and ensure alignment with standards and audit requirements.This is a hands-on, standalone cyber security role. As the organisation’s senior cyber security authority, the postholder will be the sole individual delivering cyber security activity, working closely with the Technology Manager and external IT provider. The role combines strategic oversight and independent risk-based decision-making with direct ownership of day-to-day cyber security delivery, driving continuous improvement in security maturity and organisational resilience.About youWe are seeking an experienced cyber security professional with expertise in frameworks such as ISO 27001, NIST, CIS Controls, GDPR, the UK Data Protection Act, and Cyber Essentials. The successful candidate will bring expertise in disaster recovery, business continuity, risk ma