Operational Resilience Senior IT Risk Manager

Job Description Operational Resilience Senior IT Risk Manager London Permanent Full time & Hybrid

Salary - Competitive DOE & Attractive Benefits Package

The closing date for all applications is Tuesday 24th February 2026

At Bupa, we’re here to help people live longer, healthier, happier lives – and make a better world. As an Operational Resilience Senior IT Risk Manager, you’ll work closely with the Group Head of IT & Information Security Risk playing a vital role in protecting the technology that underpins our critical services.

• Support the ongoing implementation of robust IT resilience controls and processes, including the development and monitoring of key risk indicators (KRIs), control effectiveness reviews, and thematic insights to strengthen the organisation’s technology resilience posture.
• Partner with Market Unit technology teams to define, implement, and embed robust resilience controls and processes for data centres supporting critical services, while ensuring that resilience requirements are fully integrated into incident, problem, and change management practices to enable proactive detection, rapid response, and effective mitigation of technology disruptions.
• Work in close partnership with the Group Head of IT & Information Security Risk to maintain alignment, consistency, and maturity across enterprise risk management practices, reporting standards, and governance forums.
• Lead and facilitate targeted risk assessments, thematic deep‑dives, and ad‑hoc reviews to proactively identify emerging threats, technology vulnerabilities, resilience gaps, and systemic risks across the Group’s IT estate.
• Design and contribute to Group‑wide severe‑but‑plausible scenario exercises, ensuring the organisation is able to demonstrate and evidence its capability to remain within impact tolerances and meet service‑level commitments across critical and important business services.
• Produce high‑quality, insight‑driven risk reports and executive‑level briefings suitable for senior leadership teams, regulators, and board‑level committees, clearly articulating risk exposure, resilience posture, and required management actions.
• Champion a strong culture of IT risk awareness and operational resilience, providing targeted training, coaching, and guidance to business units, technology teams, and senior stakeholders to uplift capability and embed best practice.
• Collaborate with cross‑functional teams to assess the risk and resilience implications of new technologies, architectural changes, regulatory developments, and industry standards, ensuring proactive adjustments to the Group’s risk posture where needed.
• Support and guide Market Units in the identification, prioritisation, and sequencing for recovery of critical internal technology services, ensuring alignment with impact tolerances, business continuity requirements, and resilience strategies.

• Extensive, demonstrable expertise in IT Risk Management and Operational Resilience, with a proven track record of technology risk experience in a global organisation.
• Excellent knowledge of service management disciplines such as incident management, problem management, change management, capacity management, and backup/data recovery operations.
• Experience working with hybrid or cloud environments (AWS, Azure, GCP), including resilience considerations, cloud migration governance, and architectural assurance.
• Demonstrated ability to partner with CIOs, security teams, service owners, and operational risk stakeholders to embed consistent technology risk practices.
• Ability to interpret risk data, analyse trends, and develop insight‑led reporting for senior leadership or Board committees.
• Proven experience contributing to or maintaining technology risk policies, standards, KRIs, and risk taxonomies.
• Applied experience in assessing or recovering critical internal services, technology tiers and business service dependencies.
• Deep knowledge of IT risk and resilience frameworks, methodologies, and regulatory expectations.
• Exceptional communication, stakeholder engagement, and influencing capability, with the ability…