IT Risk and Compliance Specialist

IT Risk and Compliance Specialist

  • Location

    Surrey, England

  • Sector:

  • Job type:


  • Salary:

    £53000.00 - £70000.00 per annum

  • Contact:

    Drew Derry

  • Contact email:


  • Job ref:


  • Published:

    10 months ago

  • Expiry date:


  • Start date:


  • Consultant:


IT Risk and Compliance Specialist
Location: Staines-upon-Thames
Salary: £53,000 to £70,000 + Benefits

So, what about the role?
Our IT Risk and Compliance Specialists are there to provide specialist support with risk and compliance activities across UK IT.
This is an office-based role which requires travel to other Bupa locations in the UK and may require occasional overseas travel. Amongst other responsibilities, IT Risk and Compliance Specialist will be accountable for:
*Maintenance of an Information Security Management System (ISMS) to ensure continued accreditation to the ISO/IEC 27001 standard.
*Act as a specialist risk business partner to the Insurance and Provision business units, providing support and oversight of their risk management activities
*Manage policy exceptions and risks to the business including advising business of risks, identifying compensating controls and effectively measuring and communicating residual risks
*Managing risk assessments and threat modelling for new and existing systems and services
*Maintenance of information security policies, standards and guidelines
*Producing regular management reports
*Be the first point of call and coordinate and facilitate all audits (internal as well as external) and progress of actions
*Motivate the wider community to ensure a strong IT and Security culture, ethos and awareness is maintained

Who we're looking for?
We're looking for people that understand the importance of IT security and how it can really affect the business through great communication and influencing ability. And, we're looking for people with the skills and training to really make difference:
*Experience producing security documentation and other technical analysis reports
*5+ years professional experience in risk management & IT and/or Insurance Industry experience
*Exposure to prevalent industry regulators, standards and frameworks such as ISO27001, FCA, PRA, ICO, PCI-DSS, CIS, ITIL, NIST etc.
*Operate effectively at all levels including Senior Management and external customers

If you are interested in this role, can recommend anyone, or require further information please do not hesitate to contact Drew Derry on 01932 83 7792 or via email on