Group Head of Security Strategy & Architecture

Company: Bupa UK
Apply for the Group Head of Security Strategy & Architecture
Location: London
Job Description:

Group Head of Security Strategy & Architecture – London (1-2 days in office per week). Hybrid & flexible working options. Permanent, full time 35 hours. Competitive salary + benefits. Closing date: Friday 3 July 2026.

As our Group Head of Security Strategy & Architecture, you’ll play a vital role in protecting our purpose by keeping customers, staff and services safe from cyber threats. This senior leadership position sets the direction for managing cyber risk, works closely with senior leaders across the organization, and influences decisions at the highest level – up to the Board. You’ll lead a global team, foster a secure and resilient environment, and ensure our security strategy aligns with complex, highly regulated operations.

Key Responsibilities

  • Set and lead Bupa’s global information security strategy, ensuring alignment with business goals and customer protection.
  • Develop and maintain clear, practical security policies, standards, and guidance.
  • Shape and oversee the security architecture to meet regulatory requirements and industry best practice.
  • Collaborate with teams across Bupa to help them understand and apply security standards.
  • Provide expert advice on complex or high‑risk projects, including major cyber incidents.
  • Lead and inspire a diverse, high‑performing security strategy and architecture team.
  • Build strong relationships with senior stakeholders, including executives and external partners.
  • Support governance and decision‑making by contributing to Board and executive discussions.
  • Stay current with emerging threats and technology, turning insights into practical action.

What We’re Looking For

This is a technical role where deep expertise in at least one security domain is essential, matched by proven technical knowledge across all security and technical domains, and practical, recent experience in leading the use of architectural and industry frameworks.

  • Proven ability to identify and assess complex information security risks and controls.
  • Experience and understanding of information security risks in highly regulated sectors such as Financial Services or Healthcare.
  • Experience with threat modelling or other risk identification techniques and development of mitigation frameworks and controls.
  • Experience working with Security and Technology leadership teams and senior business stakeholders to articulate risk and technical requirements.
  • Strong understanding of the secure software development lifecycle, cloud architecture, and modern engineering practices (DevSecOps, agile delivery, CI/CD pipelines, automation, IaC, containerisation, API‑led architectures), with the ability to translate these concepts into practical security requirements and architectural guidance.
  • Experience in infrastructure or application‑level security architecture and design, including detailed knowledge of system security vulnerabilities, exploits, and remediation techniques.
  • Deep understanding of security frameworks and their relevant applications (e.g., NIST CSF, SOGP, ISO).
  • Deep technical knowledge of security solutions and architecture principles, processes and external frameworks (e.g., TOGAF, SABSA, Zachman).

Desirable Knowledge And Skills

  • Current CISSP or equivalent security certification.
  • MSc in Information Security, IT or a relevant subject.
  • Experience delivering strategy, architecture solutions and improvement plans in large, complex multinational groups.
  • Experience presenting business‑aligned strategy proposals and solutions to Boards and C‑suite in a compelling and accessible manner.

Benefits

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme, covering mental, physical, financial, social and environmental wellbeing. We support flexible working and offer a range of family‑friendly benefits.

  • 25 days holiday, increasing with length of service, with the option to buy or sell.
  • Enhanced pension and life insurance.
  • Car allowance and annual bonus.
  • Private medical insurance.
  • Global wellbeing days.
  • Opportunities for career development and internal mobility.

Time Type

Full time.

Job Area

Location: Angel Court, London

Equal Opportunity

We encourage applications from people with diverse backgrounds and experiences. Bupa is a Level 2 Disability Confident Employer, offering reasonable adjustments for disabled applicants throughout the recruitment process.

#J-18808-Ljbffr…

Posted: July 7th, 2026