Head of Information Governance, Assurance and Strategic Direction

Posted Date 3 weeks ago(13/03/2023 10:43)
# of Posts
Closing Date
GBP £79,360.00/Per Annum
Pay Supplement
GBP £5,000.00/Per Annum
Digital Data and Technology
Hire Type
External / OGD


We are currently seeking applications for a Head of Information Governance and Cyber Security Strategy within Digital Health and Care based in St Andrews House, Edinburgh. These are permanent and pensionable appointments and new entrants will normally start on the minimum of the pay range. Candidates with a disability who meet the essential criteria below will be invited to the assessments.


DDaT Pay Supplement
This post attracts a £5,000 DDaT pay supplement after a 9 months DDaT competency qualifying period. Pay supplements are temporary payments designed to address recruitment and retention issues caused by market pressures and are subject to regular review.



The Digital Health and Care Directorate sits within Health & Social Care at the Scottish Government. We work to ensure that the health and care needs of the people of Scotland are met, and that they benefit fully from our innovation and digital and data developments, while ensuring that measures are in place to protect the confidentiality and preserve the integrity of personal data. About Us - Digital Healthcare Scotland (digihealthcare.scot)


Digital Health & Care is a wide and varied landscape with many challenges around interoperability of technology and consistent and appropriate decision making around data and security. Our Information Governance and  Cyber Security Unit provides cross-cutting expertise and oversight in both the wider governance of information across health and care, and ensuring the technical security of that information through the scrutiny of the Network and Information Systems Component Authority.  Cyber Security and Technical Assurance - Digital Healthcare Scotland (digihealthcare.scot) 


The National Information Governance strategic direction is delivered through a new and evolving National Information Governance Programme (NIGP) and takes a holistic, strategic approach to IG so that Health and Social Care information is a secure enabler of improvement for citizens.


We work closely with a number of different policy makers, delivery partners, experts and stakeholders from health & care across a number of different topic areas. These include external stakeholders and data protection groups, cyber security leads across the UK, information governance leads across NHS Boards, data protection leads in Local Authorities and across the care sector, advisors for the public and those involved in assurance and compliance.



The Head of Information Governance and Cyber Security Strategy is a senior leadership role with strategic and cross-cutting responsibility for four main areas:
• The Digital Health & Care National Information Governance programme of work and the provision of Information Governance ( including data protection ) expertise to policy colleagues and external stakeholders across NHS Boards and social care.
• Working in partnership with the new National Care Service to support them in achieving their aims of an integrated care record and seamless appropriate data sharing.
• Oversight and assurance of cyber security challenges and protective measures across NHS Boards through the work of the new Cyber Centre of Excellence at Dundee University, and the responsibility for carrying out the review and support duties of the National Information Security Competent Authority.
• Responsible for overseeing the Information Governance and security principles and commitments as set out in the Data Strategy and developing new strategic directions that help fulfil the Data Strategy vision by working closely with major stakeholders.
• Part of the Directorate Leadership Group which provides senior leadership to the Directorate, support and expert advice to the Director, works closely with all our Directorate teams and ensures that there is a clear focus on the reputation of ministers.

Leading Others
People Management
Analysis and Use of Evidence
Communications and Engagement

Essential Criteria & Qualifications

Essential Criteria
1. Significant information governance and assurance experience in an environment where you have had extensive responsibility for information that is used across multiple environments
2. A solid understanding of cyber security and resilience challenges including the delivery of a cyber security strategy
3. Experience in the development and delivery of an information assurance strategy and how it translates into a programme of work
4. Experience of building senior relationships with multiple and politically visible stakeholders, explaining technical challenges in no-technical language, managing their expectations, and keeping them onside

Further Information
To apply please submit a CV outlining your relevant skills and experience for the role (no more than 2 sides of A4) and a personal statement (of no more than 750 words). When considering how your experience relates to the role, please tailor your CV and personal statement to reflect the role and the essential skills/criteria as described in the job description/person specification. CV and personal statement must be one document.

For further information on this vacancy please download and review the "Further Information for Job Applicants" which you will find below.

Skills_For_Success_Competency_Framework C



To learn more about this opportunity, please contact Penni Rocks who can be reached at penni.rocks@gov.scot.

The Scottish Government is a diverse and inclusive workplace and we want to help you demonstrate your full potential whatever type of assessment is used. If you require any adjustments to our recruitment process, please let us know via ScottishGovernmentrecruitment@gov.scot

Important Information Regarding Interviews
In recognition of the Scottish Government's ongoing measures and guidance in its response to Covid-19 (Coronavirus), we would like to advise applicants that a decision has been taken that all interviews must be conducted in a virtual/remote setting.

In order to facilitate this new way of working, we are asking all applicants to ensure that they have a suitable space to complete the virtual interview as well as a personal device of choice with an account registered to either ‘Microsoft Teams’ or 'Webex' applications by which you can undertake the interview/assessment if selected. Should you be invited to interview, you will be told which platform the event will take place on. We are also asking you to ensure that your personal Wi-Fi/Broadband capacity will be sufficient to carry both audio and video feeds to undertake the interview. This will then ensure that there are no issues incurred during the interview.

If you experience any difficulties accessing our website or completing the online application form, please contact the resourcing team via ScottishGovernmentrecruitment@gov.scot


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.