Job Description:
Senior Controls Manager
Primary location: London (EC2R 7HJ) or Staines (TW18 3DZ)
Flexible / Hybrid working options
Permanent
£72,800 - £100,000 (Negotiable depending on experience)
10% Bonus+ fantastic benefits
Full time 37.5 hours
We make health happen
At Bupa, we’re passionate about technology. With colleagues, customers, patients and residents in mind you’ll have the opportunity to work on innovative projects and make a real impact on their lives.
Right from the start you’ll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.
As a Senior Controls Manager, you’ll help create a strong and resilient control environment across Technology, Cybersecurity and Operational Risk. You'll guide teams across Bupa to make sure our controls are effective, well-documented and aligned with regulatory expectations and industry best practice.
How you’ll help us make health happen:
Lead the ongoing evolution and improvement of our Technology and Cyber control framework.
Help control owners design, document, test and evidence their controls effectively.
Oversee first-line control testing, identifying trends, gaps and areas for improvement.
Produce clear reporting for senior leaders that highlights risks, control health and progress.
Work with Technology, Cyber and Operational teams to agree and track remediation actions.
Act as a key contact for internal audit, external audit and regulatory engagements.
Support major technology programmes by embedding the right controls from the outset.
Build control awareness through training, guidance and education across technical and non‑technical teams.
Lead deep dives into areas such as identity and access management, cloud controls, change management and more.
Partner closely with our second-line risk and compliance teams to keep our methodologies aligned.
Key Skills / Qualifications needed for this role:
We’re looking for someone who’s knowledgeable, collaborative and able to make complex topics simple. You’ll bring:
Experience designing, assessing and improving controls across Technology, Cybersecurity or Operational Risk in large organisations.
Strong written and verbal communication skills, able to turn technical detail into clear insights.
Great stakeholder management and the confidence to work with senior leaders and SMEs.
Strong understanding of control frameworks and standards such as ISO 27001, NIST CSF, COBIT, ITIL, PCI DSS, CIS and OWASP.
Experience working in regulated industries (financial services, insurance or healthcare).
Strong analytical skills to identify gaps, evaluate risks and interpret data.
Knowledge of cloud security and frameworks like CSA, CCM and cloud‑specific NIST/ISO controls.
Experience using tools such as Power BI and Excel to create clear reporting and dashboards.
A proactive mindset with a passion for continuous improvement and operational maturity uplift.
Desirable skills include:
Experience contributing to large transformation programmes (e.g., cloud, cyber uplift).
Conducting thematic reviews or deep dives into control areas.
Helping mentor or guide junior colleagues.
Supporting audit or regulatory assurance activities.
Knowledge of risk and control methodologies, including the three lines of defence.
Qualifications (desirable but not essential)
A degree in Cybersecurity, IT, Risk or a related field.
Certifications such as CISSP, CISA, CISM, GRCP, CGEIT, CRISC or ISO 27001 Lead Implementer/Lead Auditor.
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.
Joining Bupa in this role you will receive the following benefits and more:
• 25 days holiday, increasing through length of service, with option to buy or sell
• Bupa health insurance as a benefit in kind
• An enhanced pension plan and life insurance
• Annual performance-based bonus
• Onsite gyms or local discounts where no onsite gym available
• Various other benefits and online discounts
Bupa?
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.
We encourage all of our people to “Be you at Bupa”, we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That’s why we especially encourage applications from people with diverse backgrounds and experiences.
Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.
Time Type:
Full timeJob Area:
Locations:
Angel Court, London, Staines - Willow House