Information Technology Governance Manager in Warwick

We are looking for an experienced Technology Governance Manager to lead and mature our clients governance, risk, and compliance framework across their Technology function. This role plays a critical part in ensuring that technology change, cybersecurity, and risk management are delivered effectively, enabling robust service delivery and supporting business performance.

You will be responsible for defining and operating governance processes that are practical, value‑adding, and aligned with key regulatory and accreditation standards including ISO 27001 and Cyber Essentials Plus. This role requires a proactive, structured individual who can engage stakeholders, simplify complex governance requirements, and embed a strong culture of secure, risk‑aware decision‑making across the function.

• Develop, maintain, and continuously improve the technology governance framework.
• Embed a culture of “secure by design” and risk‑aware decision making.
• Own and maintain Technology policies, standards, and procedures, ensuring compliance with ISO 27001, CE+ and other regulatory requirements.
• Provide guidance and practical support on policy interpretation and governance matters.
• Lead governance input for customer bids, ensuring the strongest possible position.
• Own and maintain the Technology Disaster Recovery plan and ensure regular reviews and testing.
• Streamline governance processes to reduce unnecessary burden while maintaining compliance.

• Manage and maintain the Technology Risk Register.
• Identify, assess, and prioritise risks across systems, suppliers, and services.
• Track mitigation actions and provide clear reporting to senior leadership on the risk posture.

• Manage and oversee technology change processes across service, infrastructure, and solutions.
• Ensure effective risk‑based assessment of changes, balancing delivery velocity and risk control.

• Work closely with the Information Security Manager / Data Protection Officer to align technology and security policies.
• Ensure operational controls support ISO 27001, CE+ and broader security requirements.
• Promote best practice in access control, monitoring, configuration and data protection.

• Coordinate internal and external audits and certification activities.
• Provide structured compliance reporting for internal and external stakeholders including shareholders, insurers and customers.
• Monitor and assess vendor performance relating to technology risk and security.

We are seeking someone with strong expertise in technology governance, risk, and cybersecurity alongside excellent communication and stakeholder management skills. You will be confident working independently, influencing decision‑making, and driving continuous improvement.

• Strong communication and stakeholder management ability.
• CISSP or CISSM qualification.
• Significant experience with ISO 27001; ITIL v3 desirable.
• Demonstrable experience in security best practice and risk management.
• Strong project and change management capability.
• Experience working within enterprise IT environments (healthcare/private medical desirable).
• Ability to identify service improvements and drive operational excellence.
• Experience managing staff.
• Experience working with IT infrastructure teams.

You will be expected to champion and model our organisational values: Collaboration – working in partnership and valuing expertise. Excellence – uncompromising focus on quality, compassion, dignity and respect. Learning – continuous improvement and development. Efficiency – using resources intelligently to improve patient outcomes.

The opportunity to shape and influence an evolving governance landscape. A collaborative environment focused on improvement and quality. Professional development aligned to industry‑recognised standards.