Job Description: IT Risk and Control Manager
Salary: £64,000 – £79,900 (dependent on experience and location)
Location status: Hybrid – about 2 days in the office
Locations: Angel Court, London; Bupa Place, Manchester; or other UK Locations
Role Type: Permanent
Shift pattern: Full-time, 37.5 hours per week
Number of Positions: 2
As an IT Risk & Control Manager, you’ll play an important part in making this happen. You’ll help make sure our technology is safe, reliable and ready to support our customers and colleagues every day. With around 400 business applications across our UK insurance business—some critical to how we operate—you’ll help us manage risk in a way that keeps services running smoothly. This is a role where you’ll work closely with senior leaders across technology and the wider business. You’ll help them understand risk, make good decisions, and put the right controls in place. It’s a great opportunity to make a real impact while working across a wide range of technologies, including cloud and digital platforms.
Key Responsibilities
- Help identify and assess technology and information security risks across the business
- Make sure risks are clearly understood and managed with strong, practical controls
- Support teams to design and improve controls that reduce risk and protect services
- Oversee control testing and make sure any gaps are addressed
- Lead and track plans to fix control issues and improve how we manage risk
- Build strong relationships with senior stakeholders, including CIOs and business leaders
- Prepare clear, simple reports on risks and controls for senior committees
- Monitor risk levels and control performance through dashboards and regular updates
- Support incident planning and help teams respond to technology or service risks
- Promote a strong risk-aware culture by offering guidance and training where needed
What We’re Looking For
- Experience managing IT risk and controls in a regulated environment (financial services experience is essential)
- A good understanding of technology risks, including cloud services and modern IT environments
- Experience designing, testing or reviewing IT controls
- Knowledge of security frameworks such as ISO 27001, NIST or similar
- Awareness of UK regulatory bodies (such as FCA, PRA, ICO or CQC)
- Strong communication skills, with the ability to explain complex ideas in a simple way
- Confidence working with senior stakeholders and influencing decisions
- Experience in IT audit, assurance or risk roles (qualifications like CISM, CISA or CISSP are helpful but not essential)
- The ability to stay organised and focused, even when working to tight deadlines
Benefits
- 25 days holiday, increasing through length of service, with option to buy or sell Bupa health insurance as a benefit in kind
- An enhanced pension plan and life insurance
- Onsite gyms or local discounts where no onsite gym available
- Various other benefits and online discounts
Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.
#J-18808-Ljbffr…