Group Head of IT & Information Security Risk and Governance

Job Description:

Group Head of IT & Information Security Risk and Governance

Flexible on location – attending meetings in London a couple of times a month

Hybrid & flexible working options

Permanent

Salary - £95,000 - £110,000 per annum + benefits package

Full Time – 35 hours

Closing date for applications – Monday 8th December 2025

We make health happen!

At Bupa, our purpose is simple: helping people live longer, healthier, happier lives and making a better world. With no shareholders, our customers are at the heart of everything we do.

The Group Head of IT & Information Security Risk and Governance will be responsible for developing, leading, and maintaining a comprehensive IT and information security risk management program. This role ensures that the organisation effectively identifies, assesses, manages, and mitigates IT and security risks across all information assets and systems. This role is key to ensuring the organisation remains resilient against evolving information security threats while maintaining compliance with industry standards. The Group Head of IT & Information Security Risk and Governance will lead efforts to create a robust security environment and minimise risks to critical business operations.

Key Responsibilities:

• Maintain and oversee the global IT & information security risk management strategy that aligns with the organisation’s overall business objectives and risk appetite underpinning the Enterprise Risk Management Framework.
• Define and oversee risk assessment methodologies, controls, and reporting structures.
• Active involvement in the use of security tools and technologies that support risk identification, monitoring, and mitigation to strengthen the organisation’s security posture and reduce risk.
• Conduct thematic risk assessments and evaluations to identify potential threats and vulnerabilities in the organisation’s IT infrastructure and applications.
• Collaborate with cross-functional teams to assess the impact of new technologies, regulations, and security standards on the organisation’s risk landscape.
• Develop processes for continuous monitoring of IT and security risks and the effectiveness of implemented controls.
• Lead governance frameworks, policies, and procedures across Bupa market units.
• Deliver accurate, timely reports for regulatory, board, and operational purposes.
• Champion risk awareness and training across the organisation.
• Collaborate with internal teams to enhance the understanding of IT and information security risks and promote risk-based decision-making.
• Manage and develop the IT & Information Security Risk and Governance team, fostering collaboration and innovation.
• Act as the primary point of contact for IT and security risk queries, engaging with internal and external stakeholders within Group Information Security and the Market Units.

What We’re Looking For:

• Proven track record of building teams and leading risk management in a complex, global organisation.
• Extensive experience in IT and information security risk management, cybersecurity, or a related field with demonstrated success in leadership roles.
• Deep understanding of IT and security frameworks, risk assessment methodologies, and industry regulations.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to translate complex technical risks into actionable recommendations.
• Proficiency in using risk management tools, platforms and security technologies.
• Strategic thinker with a proactive approach to problem-solving.
• A master’s degree or professional certifications such as CISSP, CISM, or CRISC are highly desirable.
• Bachelor’s degree in IT, information security, Cybersecurity, computer science, risk management, or a related field.

Benefits

Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family-friendly benefits.

Joining Bupa in this role you will receive the following benefits and more:

• 25 days holiday, increasing through length of service, with the option to buy or sell
• Enhanced pension and life insurance
• Annual Bonus
• Car Allowance
• Private medical insurance
• Global wellbeing days
• Opportunities for career development and internal mobility

Why Bupa?

We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.

We encourage all of our people to “Be you at Bupa”, we champion diversity, and we understand the importance of our people representing the communities and customers we serve.  That’s why we especially encourage applications from people with diverse backgrounds and experiences.

Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them. 

Time Type:

Full time

Job Area:

Locations:

Angel Court, London