Group Head of Security Strategy & Architecture

Responsibilities

• Set and lead Bupa's global information security strategy, making sure it supports our business goals and keeps our customers safe
• Develop and maintain security policies, standards and guidance in a clear, practical way
• Shape and oversee our security architecture to meet regulatory requirements and industry good practice
• Work closely with teams across Bupa to help them understand and apply security standards
• Provide expert advice on complex or high-risk projects, including major cyber incidents
• Lead and inspire a diverse, high-performing security strategy and architecture team
• Build strong relationships with senior stakeholders, including executives and external partners
• Support governance and decision-making by contributing to Board and executive discussions
• Stay up to date with emerging threats and technology, and turn insight into practical action

Requirements

• This is a technical role, where deep expertise in at least one security domain is essential, matched by proven technical knowledge across all security and technical domains, and practical, recent experience in leading use of architectural and industry frameworks.
• A proven ability to identify and assess complex information security risks and controls
• Experience in and an understanding of the information security risks faced by Financial Services, Healthcare businesses or similarly complex, regulated sectors.
• Experience of threat modelling or other risk identification techniques and the development of frameworks and controls to mitigate subsequently identified risks.
• Experience working with Security and Technology leadership teams, and senior business stakeholders to articulate risk and technical requirements.
• Experience in infrastructure or application-level security architecture and design with detailed knowledge of system security vulnerabilities, exploits, and remediation techniques
• Deep understanding of security frameworks and their relevant applications (e.g. NIST CSF, SOGP, ISO)
• Deep technical knowledge of security solutions and architecture principles, processes and external frameworks (e.g. TOGAF, SABSA, Zachman)
• Desirable Knowledge and Skills:
• A current Certified Information Systems Security Professional (CISSP) or equivalent security certification
• MSc in Information Security, IT or relevant subject
• Experience of delivering strategy, architecture solutions and improvement plans in large, complex, multinational Group organisation
• Experience in delivering business-aligned strategy proposals and solutions to Boards and C-suite in a compelling and accessible way
• Most importantly, you'll be someone who cares about doing the right thing, works well with others, and is motivated to make a positive difference.

Benefits

Additional Information

Job Description: Group Head of Security Strategy & Architecture London - working in the office 1-2 times per week Hybrid & flexible working options Permanent Competitive salary + benefits package Full Time - 35 hours Closing date for applications - Friday 3rd July 2026 We make health happen! At Bupa, our purpose is simple - we help people live longer, healthier, happier lives. And we make a better world while we do it. As our Group Head of Security Strategy & Architecture, you'll play a vital role in protecting that purpose. You'll help keep our customers, people and services safe from cyber threats, shaping how we design and deliver secure technology across our global business. This is a senior leadership role where your work will have real impact. You'll set the direction for how we manage cyber risk, work closely with senior leaders across Bupa, and influence decisions at the highest level - right up to the Board. You'll also lead a talented global team and help create a secure, resilient environment in a complex, highly regulated organisation.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at bupa? Share your experience