IT Risk and Control Manager
Salary: £64,000 - £79,900 (dependant on experience and location)
Location status: Hybrid – about 2 days in the office
Location options: Angel Court, London / Bupa Place, Manchester or other UK locations
Role Type: Permanent
Shift pattern: Full-time – 37.5 hours per week
Number of Positions: 2
We make health happen
At Bupa, we’re here to help people live longer, healthier, happier lives. That’s our purpose, and it shapes everything we do.
As an IT Risk & Control Manager, you’ll play an important part in ensuring our technology is safe, reliable and ready to support our customers and colleagues every day. With around 400 business applications across our UK insurance business – some critical to how we operate – you’ll help us manage risk so that services run smoothly.
This role is where you’ll work closely with senior leaders across technology and the wider business. You’ll help them understand risk, make good decisions, and put the right controls in place. It’s an opportunity to make a real impact across a wide range of technologies, including cloud and digital platforms.
Key Responsibilities
* Identify and assess technology and information security risks across the business
* Ensure risks are clearly understood and managed with strong, practical controls
* Support teams to design and improve controls that reduce risk and protect services
* Oversee control testing and ensure gaps are addressed
* Lead and track plans to fix control issues and improve risk management
* Build strong relationships with senior stakeholders, including CIOs and business leaders
* Prepare clear, simple reports on risks and controls for senior committees
* Monitor risk levels and control performance through dashboards and regular updates
* Support incident planning and help teams respond to technology or service risks
* Promote a risk‑aware culture by offering guidance and training where needed
Qualifications
* Experience managing IT risk and controls in a regulated environment (financial services experience is essential)
* Good understanding of technology risks, including cloud services and modern IT environments
* Experience designing, testing or reviewing IT controls
* Knowledge of security frameworks such as ISO 27001, NIST or similar
* Awareness of UK regulatory bodies (FCA, PRA, ICO, CQC)
* Strong communication skills, explaining complex ideas simply
* Confidence working with senior stakeholders and influencing decisions
* Experience in IT audit, assurance or risk roles (qualifications like CISM, CISA or CISSP helpful but not essential)
* Ability to stay organised and focused, even under tight deadlines
Benefits
* 25 days holiday, increasing through length of service, with option to buy or sell
* Bupa health insurance as a benefit in kind
* Enhanced pension plan and life insurance
* Onsite gyms or local discounts where no onsite gym is available
* Various other benefits and online discounts
EEO & Diversity Statement
Bupa is a Level 2 Disability Confident Employer. We aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role and will provide reasonable adjustments as needed.
Time Type: Full time
Job Area: Legal, Risk & Audit
Locations: Angel Court, London; Bupa Place, Manchester
#J-18808-Ljbffr