Job Description:
Head of Technology Governance, Reporting and Compliance (GRC)
London, Hybrid (UK)
Permanent
We make health happen
At Bupa, our purpose is helping people live longer, healthier, happier lives and making a better world. In Technology GRC, you’ll turn that purpose into action by strengthening how we manage technology and cyber risk across Bupa Global, India and UK (BGIUK).
This Head of GRC role is a visible, high‑impact position: you’ll set direction, drive standards and deliver board‑level materials that help leaders make confident decisions. You’ll have scope to shape a maturing function, lead meaningful transformation and collaborate across senior stakeholders. Hybrid working and global reach make this an opportunity to grow your influence while improving health outcomes at scale.
Key Responsibilities
1. Lead governance, reporting, assurance, audit coordination and policy compliance for technology and cyber risk.
2. Build clear, timely dashboards and papers for executives and board committees; track and close audit actions.
3. Maintain compliance with internal policies and external regulations; regularly review and improve standards.
4. Aggregate risk reporting from business units to create a single, trusted view of technology and cyber risk.
5. Plan agendas and content for risk committees; keep governance templates, reviews and quality checks on track.
6. Coach teams to turn regulatory updates, audit findings and incidents into actionable insights.
What We’re Looking For
7. Senior leadership in technology/cyber risk governance, reporting and assurance; strong stakeholder influence.
8. Excellent written communication for board‑level packs, dashboards and presentations.
9. Advanced analysis of risk and control metrics; ability to translate complex material into clear messages.
10. Hands‑on knowledge of frameworks and standards: ISO 27001, NIST, COBIT, ITIL, PCI DSS, CIS, OWASP
11. Experience in regulated environments (financial services, insurance or healthcare) is a plus; familiarity with FCA, PRA, ICO, CQC helpful.
12. Useful qualifications (not essential): CISSP, CISA, CISM, GRCP, CGEIT, CRISC, ISO 27001 Lead Implementer/Auditor.
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – mental, physical, financial, social and environmental. We support flexible working and have a range of family‑friendly benefits.
Joining Bupa in this role you will receive the following benefits and more:
13. 25 days holiday, increasing through length of service, with the option to buy or sell
14. Enhanced parental leave
15. Company-matched pension scheme
16. Annual performance-based bonus
17. Private medical insurance
18. Access to our health assessments and wellbeing services
19. Discounts on Bupa products and services
Why Bupa
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.