Head of Information Security Risk Management

2 weeks ago

Salford, Salford, United Kingdom jobs24 Full time

At Bupa, we're passionate about technology and the role it can play improving people's lives. We're undergoing an exciting digital transformation that is pivotal to our mission to help customers to live longer, happier, healthier lives. The Technology Function are at the heart of this change. The purpose of the role is to lead the strategic direction and delivery of the BGIUK Market Unit (BGIUK / MU) approach to Information Security risk, driving the reduction of security risks and improving security risk maturity. The role will maintain high visibility across the organisation's Business Units (BUs) and will provide governance and oversight to prevent risks crystallising. This is a key role supporting the delivery of the information security across all BUs within BGIUK by providing robust challenge, with focus on successful achievement of the outcomes, in line with legislative requirements and industry-accepted good practice. This requires close relationship with the CISO functions (both Group and MU), BUs Operational risk teams, and senior management to facilitate risk assessments and risk management processes. Resulting in the reduction of security risks and improving security risk maturity. The role requires extensive experience and specialist expertise in information security governance, risk, and compliance in order to lead BGIUK's approach to information security risk, and to provide strategic level direction and delivery. The role-holder will need to support both the Director of IT Governance Risk and Control and BGIUK CISO in carrying out their responsibilities.

How you'll help us make health happen:
  • Define, implement, and maintain the Information Security (including Cyber Security) part of the Risk Management Framework for BGIUK MU Technology.
  • Lead in the scoping and delivery of the Market Unit Wide Information Security Risk Assessments and facilitate risk appetite evaluations.
  • Contribute to the Cyber risk appetite definition for BGIUK.
  • Provide subject matter expertise and independent guidance to the scoping, assurance, and delivery of the Information Security transformation programmes as well as the embeddedness of security controls in the wider transformation programmes.
  • Support the upskill of GRC team in Information Security topics.
  • Provide advice and direction to the Third-Party Assurance and the Risk & Control teams on information security matters, proposing appropriate solutions and new ways of working to effectively and efficiently manage both Third-Party and internal security risks.
  • Undertake detailed reviews of proposed security controls or solutions with the Security team providing challenge and oversight to ensure such solutions contribute to effective risk mitigation for appropriate cost.
  • Establish the appropriate governance forums and reporting mechanisms for the assessment and reporting of the MU wide Information Security risks, including reporting templates, risk logs and actions tracking.
  • Establish collaborative relationships with senior managers and stakeholders across the Group and MU.
  • Attend selected key security meetings / forums and provide feedback / challenge, representing the GRC function.
  • Have oversight of InfoSec risks across the MU, providing challenge on the prioritisation and reporting (including escalation) of such risks and ensuring that risk management is an integral part of the information security governance.
  • Contribute to one of source of the truth for all MI - working closely with other GRC leadership.
  • Report on InfoSec Risks and appetite position to the BGIUK Executive committee - Including where needed, Board papers.
  • Input to and have oversight of InfoSec Management Information - reporting to Group.
  • Manage the security components of the Integrated Assurance plan - with Line 2 and Line 3 (MU and Group).
  • Have oversight over InfoSec risk remediation commitments by the CIO's direct reports and input into the integrated GRC Plan.
  • As a member of the MU GRC Leadership team, contribute as a senior leader to the wider agenda of MU and BU Technology.
  • Work in conjunction with the Security Threat team to advise the GRC Director and CIO on relevant Information Security Risk matters, notably any emerging risks, any deterioration of risk position due to increases in threat landscape.
  • Work with the BINS compliance team to understand any relevant changes in regulatory expectations then factor these into assessments.
Qualifications:
  • Extensive experience in information security and governance risk and compliance, with demonstrable ability to act as a leading authority on information security, providing guidance on the governance and management of information security risks for major IT programmes and strategic initiatives.
  • Proven track record of contributing to the strategic planning for information security in a complex environment and for developing and implementing organisation-level policies, standards, and guidance.
  • Ability to establish relationships and influence key stakeholders at all levels of the organisation to build the reputation of Information Security.
  • Demonstrable experience of managing a team of Information security risk experts and managing relationships between teams and stakeholders across an organisation (Group, MU and BU levels) in order to deliver an efficient and successful information security risk service.
  • Demonstrable experience in developing and managing information security audit and assurance programmes, including assessing the security of third parties.
  • Demonstrable experience in developing / managing information security reporting frameworks and dashboards.
  • Experience in providing guidance, council and advice on information security to a diverse range of stakeholders explaining difficult concepts in language they can understand and consume.
  • Excellent analytical skills, the ability to manage multiple IT / IS projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
  • Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences at all levels of the organisation.
  • Graduate calibre with appropriate qualifications, such as BCS Fellow, CESG, IISP, CISM, CISSP, CRISC, CDPSE, CCISO.
  • Knowledge of common information security management / governance frameworks, such as ISO / IEC 27002, NIST, CIS 18 and COBIT.
  • Knowledge of cloud technologies with a preference for MS Azure.
  • Experience of working in regulated Financial services supporting SMF roles in the distribution of their responsibilities.
Benefits:
  • 25 days holiday, increasing through length of service, with option to buy or sell.
  • Bupa health insurance for you and your family as a benefit in kind.
  • An enhanced pension plan and life insurance.
  • Annual 25% performance-based bonus.
  • Company car allowance.
  • Onsite gyms or local discounts where no onsite gym available.
  • Various other benefits and online discounts.
#J-18808-Ljbffr

  • Investment Risk Oversight Manager

    3 weeks ago

    Salford, Salford, United Kingdom AJ Bell Full time

    An exciting opportunity has arisen for an Investment Risk & Oversight Manager to join our secondline Risk Team at AJ Bell. In this key role youll provide independent oversight of AJ Bells discretionary investment management activities including the AJ Bell fund range and Model Portfolio Service (MPS).Beyond oversight youll work closely with the investments...

  • Desk Top Account Manager

    5 days ago

    Salford, Salford, United Kingdom Marlowe Fire & Security Group Recruitment Full time

    Desk Top Account Manager - Office based - SalfordMarlowe Fire & Security, a specialist business within Marlowe Fire and Security Group, is looking to grow their team with the appointment of an experienced Desk Top Account Manager based at their Head Office in Salford.Basis salary up to £28,000 subject to experienceCommission basedRoyal London PensionLife...

  • IT Risk and Assurance Analyst

    4 days ago

    Salford, Salford, United Kingdom Bupa Full time

    Job Title: IT Risk and Assurance Analyst x 2Salary: From 56,800 + Excellent BenefitsLocation: Manchester, Staines or BrightonWorking Options: Hybrid Working – able to attend office when neededHours: 37.5 hours per weekContract Type: PermanentWe make health happenAt Bupa, our purpose is to help people live longer, healthier, happier lives and make a better...

  • Risk Manager

    17 hours ago

    Salford, Salford, United Kingdom Morgan Sindall Construction Full time

    Permanent - Full TimeWould you like to work for a progressive and ambitious company which is also one of the most successful within the UK construction industry?If so, weve a fantastic opportunity within our Construction business for an ambitious and talented Risk Manager to join usAbout the RoleWe're looking for those who can be responsible for the...

  • Head of Digital Assurance

    1 week ago

    Salford, Salford, United Kingdom Transformationunitgm Full time

    Employer Greater Manchester Mental Health NHS Foundation TrustEmployer type NHSSite Prestwich TownSalary £74,290 - £85,601 per annumSalary period YearlyClosing 02/05/2025 23:59Head of Digital AssuranceBand 8cJob overviewThe Head of Digital Assurance will be the Data Protection Officer for the organisation, and experienced leader with a comprehensive...

  • Head of Digital Assurance

    1 week ago

    Salford, Salford, United Kingdom Wales Medicines Strategy Group Full time

    Employer: Greater Manchester Mental Health NHS Foundation TrustEmployer type: NHSSite: Prestwich TownSalary: £74,290 - £85,601 per annumSalary period: YearlyClosing: 02/05/2025 23:59Head of Digital AssuranceBand 8cJob overviewThe Head of Digital Assurance will be the Data Protection Officer for the organisation, and an experienced leader with a...

  • Head of Account Management

    4 days ago

    Salford, Salford, United Kingdom Systems Inc Full time

    Head of Account Management – Cross Border Solutions£80k - £90k Basic salaryAre you a strategic leader with a passion for driving customer success in a fast-paced logistics environment? Do you have a track record of managing high-performing teams and developing key client relationships? If so, we have an exciting opportunity for youAbout the RoleAs Head...

  • Operational Risk Business Partner

    2 weeks ago

    Salford, Salford, United Kingdom Bupa Full time

    Job Description:Operational Risk Business PartnerBrighton, Manchester, London, StainesPermanentFrom £56,000 (DOE) + fantastic benefitsFull time; 37.5 hours per week We consider all types of flexibility, including locations, hours and working patterns.Working in our UK support functions you'll play a key part in helping our customer facing colleagues deliver...

  • Head of IT

    1 week ago

    Salford, Salford, United Kingdom Adria Solutions Ltd. Full time

    Head of IT - ManchesterAre you passionate about harnessing the power of technology to make a difference? Our leading outsourcing firm is seeking a visionary Head of IT to guide our ambitious tech team into the future. This role is your opportunity to be at the helm of innovation, overseeing developments in Cyber Security, AI, VOIP, and call centre telephony...

  • Risk Manager

    16 hours ago

    Salford, Salford, United Kingdom Morgan Sindall Construction Full time

    Permanent - Full Time Would you like to work for a progressive and ambitious company which is also one of the most successful within the UK construction industry? If so, weve a fantastic opportunity within our Construction business for an ambitious and talented Risk Manager to join us About the Role We're looking for those who can be responsible for the...

  • Senior Cyber Security Analyst

    2 weeks ago

    Salford, Salford, United Kingdom TieTalent Full time

    We are now looking for a Senior Cyber Security Analyst to support the Security Operations Manager in responding, managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bell's systems and services. Key to this is maintaining the confidentiality, integrity and availability of the data that resides upon those...

  • Business Analyst

    3 weeks ago

    Salford, Salford, United Kingdom Marlowe Fire and Security Full time

    Business Analyst Hybrid role with a minimum of 3 days in the office (Salford Quays)Marlowe Fire & Security are the fastest growing fire & security business in the UK. From initial design supply and installation through to ongoing maintenance and monitoring we maintain the capability to help prevent detect and monitor Fire and Security risks for our...

  • Finance Apprentice

    2 weeks ago

    Salford, Salford, United Kingdom Marlowe Fire and Security Full time

    Finance Apprentice – Salford QuaysMarlowe Fire & Security is the fastest growing fire & security business in the UK. From initial design, supply and installation, through to ongoing maintenance and monitoring, we maintain the capability to help prevent, detect and monitor Fire and Security risks for our customers up and down the country. We are currently...

  • Data Protection Manager

    1 week ago

    Salford, Salford, United Kingdom Oliver James Associates Ltd. Full time

    Job Title: Data Protection and Regulatory ManagerLocation: Greater ManchesterSalary: up to £55k per annum (+ benefits)Reports to: Head of Compliance, Risk, and GovernanceJob Purpose: We are seeking an experienced and highly skilled Data Protection and Regulatory Manager to join our team. Reporting to the Head of Compliance, Risk, and Governance, this role...

  • Credit Controller

    2 weeks ago

    Salford, Salford, United Kingdom Marlowe Fire & Security Full time

    Credit Controller – Hybrid / Salford QuaysMarlowe Fire & Security are the fastest growing fire & security business in the UK. From initial design, supply and installation, through to ongoing maintenance and monitoring, we maintain the capability to help prevent, detect and monitor Fire and Security risks for our customers up and down the country. We are...

  • Credit Control Team Leader

    2 weeks ago

    Salford, Salford, United Kingdom Marlowe Fire & Security Group Recruitment Full time

    Credit Control Team Leader - Home-based with visits to our other Business locations as required.Marlowe Fire & Security is the fastest-growing fire & security business in the UK. We are currently looking to appoint a new Credit Control Team Leader on a Hybrid basis.Basis salary up to £35,000Royal London PensionLife Assurance 4x SalaryOur Credit Control Team...

  • Credit Control Team Leader

    5 days ago

    Salford, Salford, United Kingdom Marlowe Fire & Security Group Recruitment Full time

    Credit Control Team Leader - Home-based with visits to our other Business locations as required.Marlowe Fire & Security is the fastest-growing fire & security business in the UK. We are currently looking to appoint a new Credit Control Team Leader on a Hybrid basis.Basis salary up to £35,000Royal London PensionLife Assurance 4x SalaryOur Credit Control Team...

  • Systems Integration Specialist

    7 days ago

    Salford, Salford, United Kingdom Marlowe Fire and Security Full time

    Systems Integration Specialist - Salford / HybridMarlowe Fire & Security are the fastest growing fire & security business in the UK. From initial design, supply and installation, through to ongoing maintenance and monitoring, we maintain the capability to help prevent, detect and monitor Fire and Security risks for our customers up and down the country. We...

  • Systems Integration Specialist

    1 week ago

    Salford, Salford, United Kingdom Marlowe Fire & Security Group Recruitment Full time

    Systems Integration Specialist - Salford / HybridMarlowe Fire & Security are the fastest growing fire & security business in the UK. From initial design, supply and installation, through to ongoing maintenance and monitoring, we maintain the capability to help prevent, detect and monitor Fire and Security risks for our customers up and down the country. We...

  • General Manager

    3 weeks ago

    Salford, Salford, United Kingdom CRP Group Full time

    GM/Head of OperationsOne of our clients, an automotive manufacturer is looking to add a Head of Ops/GM to their team.Purpose of role: To manage key operating functions of the business, to include Manufacturing and project related activities. In addition, the management and control of the business architecture in terms of key tools, processes and meetings, in...