Job Description:
IT Risk and Control Manager
Salary: £64,000 - £79,900 (dependant on experience and location)
Location status: Hybrid - about 2 days in the office
Location: Angel Court, London/ Bupa Place, Manchester or other UK Locations
Role Type: Permanent
Shift pattern: Full -time - 37.5 hours pw
Number of Positions: 2
We make health happen
At Bupa, we’re here to help people live longer, healthier, happier lives. That’s our purpose, and it shapes everything we do.
As an IT Risk & Control Manager, you’ll play an important part in making this happen. You’ll help make sure our technology is safe, reliable and ready to support our customers and colleagues every day. With around 400 business applications across our UK insurance business—some critical to how we operate—you’ll help us manage risk in a way that keeps services running smoothly.
This is a role where you’ll work closely with senior leaders across technology and the wider business. You’ll help them understand risk, make good decisions, and put the right controls in place. It’s a great opportunity to make a real impact while working across a wide range of technologies, including cloud and digital platforms.
Key Responsibilities
As an IT Risk & Control Manager, you’ll:
1. Help identify and assess technology and information security risks across the business
2. Make sure risks are clearly understood and managed with strong, practical controls
3. Support teams to design and improve controls that reduce risk and protect services
4. Oversee control testing and make sure any gaps are addressed
5. Lead and track plans to fix control issues and improve how we manage risk
6. Build strong relationships with senior stakeholders, including CIOs and business leaders
7. Prepare clear, simple reports on risks and controls for senior committees
8. Monitor risk levels and control performance through dashboards and regular updates
9. Support incident planning and help teams respond to technology or service risks
10. Promote a strong risk-aware culture by offering guidance and training where needed
What We’re Looking For
We’re looking for someone who is confident, collaborative and ready to make a difference.
You’ll bring:
11. Experience managing IT risk and controls in a regulated environment (financial services experience is essential)
12. A good understanding of technology risks, including cloud services and modern IT environments
13. Experience designing, testing or reviewing IT controls
14. Knowledge of security frameworks such as ISO 27001, NIST or similar
15. Awareness of UK regulatory bodies (such as FCA, PRA, ICO or CQC)
16. Strong communication skills, with the ability to explain complex ideas in a simple way
17. Confidence working with senior stakeholders and influencing decisions
18. Experience in IT audit, assurance or risk roles (qualifications like CISM, CISA or CISSP are helpful but not essential)
19. The ability to stay organised and focused, even when working to tight deadlines
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.
Joining Bupa in this role you will receive the following benefits and more:
20. 25 days holiday, increasing through length of service, with option to buy or sell
21. Bupa health insurance as a benefit in kind
22. An enhanced pension plan and life insurance
23. Onsite gyms or local discounts where no onsite gym available
24. Various other benefits and online discounts
Why Bupa
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.