IT Internal Audit Manager – Cloud and Security Assurance Specialist

Job title: IT Internal Audit Manager – Cloud and Security Assurance Specialist

Company: Bupa


Job description: Job Description:Internal IT Audit Manager – Cloud and Security Assurance SpecialistLondon or ManchesterHybrid & flexible working optionsPermanent roleCompetitive salary & benefits packageFull Time – 35 hours per weekClosing Date for applications – 10th April 2025We make health happen!The role of Bupa’s Group Internal Audit (GIA) function is to support the Board and Management achieve Bupa’s purpose of “Helping people live longer, healthier, happier lives and making a better world” by promoting “faster, more effective and sustainable improvement in internal controls”. GIA is guided by the pillars of its Strategic Framework which defines how we do this in practice.As a member of the Group Internal Audit team, you will contribute to the high-quality provision of independent and objective assurance to senior management, the Board, and the Group and UK Regulated Entities Audit Committees on the effectiveness of Bupa’s Technology / Security risk management, control and governance processes. Group Internal Audit’s remit is to assist Bupa’s Board of Directors to protect the assets, reputation and sustainability of the organisation. GIA assists Bupa in achieving its strategic goals by bringing a systematic and disciplined approach to the evaluation and improvement of these processes.How you’ll help us make health happen:Lead and deliver multiple, high quality, end-to-end Technology and Cyber Security audits in accordance with the Global Audit Methodology across the UK (Group, Group Functions, and BGIUK Market Unit), and to oversee their timely completion to ensure a ‘straight line’ delivery profile aligned to expected QA standards.Ensure the development and presentation of accurate, relevant, and timely reporting of internal audit assignments in accordance with approved templates and methodologies.Ensure management action plans are followed up to ensure timely mitigation in line with the Global Audit Methodology.Support preparation and reporting of papers to Group, Regulated Entities, and Market Unit Audit Committees as well as Risk Committees and Management forums.Build, maintain, and manage relationships with key senior internal and external stakeholders across First and Second Line, representing Internal Audit within Group, Group Functions, and BGIUK MU.Support the Head of IT Audit in the development of the annual audit plan focussed on the key Technology / Security related risks for Group, Group Functions, and the BGIUK MU and drive implementation of audit strategy through audit delivery.Lead small teams on IT audit assignments, including integrated audits and global audits, as well as planning, undertaking, and reporting on more complex audits and ad hoc requests on their own, all to a high quality and within timescales.Collaborate with, and support, Global GIA colleagues with Cloud Technology and Security assurance skills, experience, and insights to drive consistency.Demonstrate strong commercial awareness in order to foresee emerging business risks, leveraging technical knowledge and skills to report audit findings in a commercially minded way, and provide support and thought leadership as appropriate.Be a true “business partner”, objective, transparent and effective.Increase the effectiveness and efficiency of audit delivery by identifying improvements in the audit delivery approach and research and recommend continuous improvement initiatives, innovations and new projects within the functionLead the development and execution of a L&D strategy: lead and mentor the IT audit team, providing subject matter expertise on cloud technologies, cybersecurity frameworks, and technology risk management, including oversight of individual audits and line management responsibilities.Communicating with key stakeholders for audit in respect of audit planning cycles, scoping projects, and the outcomes of audit on an ongoing and timely basis.Promote the use of data analytics ensuring it is applied during risk assessment, audit planning, audit fieldwork and audit reporting within audit portfolio.Key Skills / Qualifications needed for this role:Significant IT / Information Security audit, or technology risk, experience in a regulated environment, with at least 3 years focused on assurance of cloud environments, including auditing cloud service providers (Azure, GCP, AWS) and hybrid/multi-cloud architecturesIn-depth knowledge of IT and cybersecurity risks, controls, and industry best practices, particularly Cloud-related, including Cloud Security Alliance Cloud Controls Matrix (CCM), cloud vendor ‘Well-Architected Frameworks’, COBIT, NIST, CIS, ITIL, and ISO standards. Demonstrable experience with regulatory compliance in financial, healthcare, or other highly regulated industries is advantageous.Qualified CISA, CCAK, CCSK, CISSP, CCSP, or similar.Proven management and leadership capabilities, working both independently on internal audit reviews as well as in an integrated audit team environment involving business auditors and co-source partners.Sound knowledge of risk management and audit principles and an understanding of audit philosophy, methods, and techniques.Experienced business partner within a service orientated audit function, who can easily build strong relationships with key stakeholders across at all levels within an organisation.Exceptional communication skills, adept at presenting complex information to executive stakeholders in a clear and concise manner, both verbally and through written reportsStrong influencing, decision-making; has a creative approach to problem solving.Strong commercial awareness with a solid interest and good understanding of Bupa and its various activities and businesses.Reviews and analyses complex information, identifying matters for further investigation and follow up.Perform tasks to the highest professional standards.Able to work autonomously, with a high degree of self-sufficiency, initiative and self awareness.BenefitsOur benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.Joining Bupa in this role you will receive the following benefits and more:

• 25 days holiday, increasing through length of service, with option to buy or sell

• Bupa health insurance as a benefit in kind

• An enhanced pension plan and life insurance

• Annual performance-based bonus

• Onsite gyms or local discounts where no onsite gym available

• Various other benefits and online discounts

Why Bupa?We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.We encourage all of our people to “Be you at Bupa”, we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That’s why we especially encourage applications from people with diverse backgrounds and experiences.Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs them.If you require information regarding this role in an alternative format, please email:Time Type: Full timeJob Area:Locations: Angel Court, London, Bupa Place

Expected salary:

Location: Central London

Job date: Fri, 28 Mar 2025 05:07:21 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnear.pro) you saw this job posting.Thanks&Good Luck