Apply now »

Head of IT Governance

132759

Working hours: This role is available on a part-time, job-share or full-time basis. 

 

Salary: Competitive salary package depending on experience plus an excellent benefits package  

 

Location: Swindon, London or Fareham

 

Closing date for applications: 22nd April 2026

  

 

The opportunity:   

This is a high‑impact role with real influence across the Technology organisation. As Technology Risk and Controls Lead, you will shape and strengthen the end‑to‑end technology risk and control environment, acting as the single point of first‑line accountability for technology risk.

You will define and continuously evolve how operational, cyber, resilience and change‑related risks are identified, assessed and managed, ensuring controls are effective, proportionate and aligned to regulatory expectations. Working closely with senior technology and business leaders, you will provide clear oversight of risk posture and enable confident, risk‑based decision making.

This role offers the opportunity to protect and future‑proof the technology estate while supporting innovation, delivery and a strong, proactive risk culture.

Many of our employees work flexibly in a variety of different ways, including part-time, flexible hours, job share, an element of working from home or compressed hours. This is because we want the best people for our roles, and we recognise that sometimes those people aren’t available full-time. Please talk to us at interview about the flexibility you may need.  

 

What will you be doing?   

As Technology Risk and Controls Lead, you will own and lead the technology risk management framework, ensuring strong alignment with business unit risk, internal policy and regulatory expectations. You will provide authoritative oversight of technology risk, shaping and continuously improving the Technology Control Framework to ensure risks across operational, cyber, resilience and change domains are effectively identified, assessed and managed. A core part of the role is driving uplift in control maturity through effective testing, monitoring and sustainable remediation of key risk exposures.

You will ensure ongoing compliance with technology risk requirements, including risk appetite, resilience obligations and relevant regulation, working closely with second‑line risk teams to maintain consistency and assurance. Partnering with Operational Resilience teams, you will align technology risks and controls to important business services, validating dependencies and resilience expectations with business stakeholders.

You will work closely with senior leaders across Technology, Risk, Cyber, Operations and Change to embed a strong risk culture and ensure risk considerations are central to decision making and delivery.The role also provides expert risk input into significant change initiatives, supports the proactive identification of emerging technology risks, and delivers high‑quality, data‑driven risk reporting for senior leadership, risk committees and audit. You will act as the primary point of contact for technology risk‑related audit activity, overseeing clear responses and timely, sustainable remediation.

What are we looking for?  

You bring extensive experience in technology risk, controls and assurance, with a strong track record of designing, implementing and governing effective risk and control frameworks in complex technology environments. You have a solid understanding of modern technology landscapes, including infrastructure, cloud, applications, service management and cyber operations, and are comfortable operating across both legacy and evolving platforms. Professional qualifications in risk or security, such as CIRM, CRISC, CISA, CISM or CISSP, would be advantageous, but what matters most is your practical experience and credibility in the field.

You are skilled at identifying opportunities to uplift control maturity, driving effective testing, monitoring and remediation to achieve sustainable risk reduction rather than short‑term fixes. Highly analytical, you are confident working with complex risk data and able to translate it into clear, insightful reporting that supports confident decision making at senior levels. You have a strong grasp of regulatory and policy expectations, including operational resilience, technology risk frameworks and relevant industry standards, and understand how to apply them in a pragmatic, proportionate way.

Just as important, you are an excellent collaborator who builds trusted relationships across Technology, Risk and the wider business. You communicate with clarity and influence, and are passionate about embedding a consistent, risk‑aware culture that supports both resilience and delivery.

 

What will you get in return? 

 

Everyone’s different. That’s why at Zurich, we offer a wide range of employee benefits so our people can choose what fits them and their life. Our benefits provide real flexibility so our people can make considered choices and tailor their benefits throughout the year. Our benefits include 12% defined non-contributory pension scheme, annual company bonus, private medical insurance and the option to buy up to an additional 20 days or sell some of your holiday. 

Follow the link for more information about our benefits - Employee benefits | Working at Zurich Insurance UK

As an inclusive employer we want to ensure that all candidates feel comfortable and are able to perform at their best during the interview. You’ll have the opportunity to let us know of any reasonable adjustment or practical support needed when you apply.

 

Who we are:  

 

At Zurich we aspire to be one of the most responsible and impactful businesses in the world and the best global insurer. Together we’re creating a brighter future for our customers, our people and our planet.  

With over 55,000 employees in more than 170 countries, you’ll feel the support of being part of a strong and stable company who are a long-standing player in the insurance industry. 

We’ve made a promise to each other and every employee; to focus on sustainable impact, to care about each other’s wellbeing, to use our diverse expertise to be curious and optimistic and to develop the skills needed for our future.
  

If you're interested in working in a dynamic and challenging environment for a company that recognises and rewards your creativity, initiatives and contributions - then Zurich could be just the place for you. Be part of something great. 

 

 

Our Culture: 

 

At Zurich, our sense of community is strong and we’re particularly passionate about diversity and inclusion, which we’ve won numerous awards for. We want our people to bring the whole of themselves to work and ensure everybody is made to feel welcome, regardless of their background, beliefs or culture. We want our employees to reflect the diversity of our customers, and so are committed to treating all of our applicants fairly and with respect, irrespective of their actual or assumed background, disability or any other protected characteristic.
 

We’ve an environment that places a real importance on our people’s wellbeing from a physical, mental, social and financial perspective. We work with our wellbeing partners and industry experts to provide the best advice and access to a wealth of lifestyle support. We’re also committed to continuous improvement and we offer access to a comprehensive range of training and development opportunities. 

We’re passionate about supporting employees to help others by getting involved in volunteering, charitable and community activity. Our charitable arm, Zurich Community Trust, is one of the longest-established corporate trusts in the UK. In that time, we’ve awarded grants and volunteered time to deserving causes in the UK valued at over £90 million. 

We’d love it if you could submit your application online. If you require an alternative method of applying, please send an email to recruitment@uk.zurich.com 

So make a difference. Be challenged. Be inspired. Be supported, Love what you do. Work for us.  

 

Apply now »