Head of Risk Assurance and Controls - 12 Month Fixed Term Contract
We’re looking for a Head of Risk Assurance & Controls on a 12 month fixed term contract to shape how assurance works at CFC. This is a high‑impact second line role, bringing together audit, controls and external assurance to create a clear, joined‑up view of risk and control effectiveness across the business.
This role provides an independent view of control effectiveness, risk management and governance, ensuring assurance activity is well coordinated and delivered to the right stakeholders in a clear and impactful way. Working closely across the business, you’ll strengthen the control environment and support sustainable improvement. The focus is not on delivering assurance directly, but on setting direction, connecting insight across the organisation and driving follow‑through to ensure actions land and deliver real change. Department Governance Employment Type Fixed Term - Full Time Location UK - London Workplace type Hybrid
About the role
Internal Audit Oversight
1. Own the relationship with the outsourced Internal Audit provider, ensuring delivery of a risk‑aligned audit plan.
2. Review and challenge outputs to ensure reporting is clear, consistent and decision‑useful.
3. Maintain oversight of actions, including ownership, progress and remediation timelines.
4. Identify themes and systemic issues, feeding these into the broader assurance and risk view.
Controls Environment
5. Provide second line oversight of the controls framework and how it operates in practice.
6. Challenge and support the business on control design, implementation and ongoing effectiveness.
7. Oversee how controls are embedded within systems and processes, including how effectiveness is monitored.
8. Review and challenge risk and control assessments (including RCSAs) where appropriate.
9. Drive consistency, quality and continuous improvement across the control environment.
External Audit & Assurance (including Syndicate partners)
10. Coordinate and oversee all external assurance activity across the business.
11. Act as the key relationship owner for external auditors and Syndicate partners.
12. Ensure reviews, thematic assessments and deep dives are aligned, coordinated and focused on key risks.
13. Assess and challenge outputs, ensuring findings are clearly understood and translated into practical improvements.
14. Maintain a clear view across the three lines of defence, avoiding duplication and identifying gaps.
Reporting & Insight
15. Translate audit and assurance activity into clear, meaningful insight for senior stakeholders.
16. Maintain a consolidated view of risks, findings and actions, with strong oversight of tracking and data quality.
17. Use trend analysis and thematic insights to support prioritisation, decision‑making and continuous improvement.
Systems & Assurance Coordination
18. Oversee governance and reporting of assurance activity, including outputs to senior management, Risk Committee and Board.
19. Manage and maintain the EUC inventory.
20. Ensure effective tracking of audit and assurance actions, with accurate and timely data.
21. Drive effective use of risk and control systems (e.g. Decision Focus) to support monitoring, reporting and action tracking.
22. Support the development of a coordinated, risk‑based assurance plan across the three lines of defence to improve coverage and efficiency.
About you
We’re looking for someone with a strong track record in Risk, Audit or Assurance, ideally within a second line or oversight role, and a good working understanding of how risk and controls operate in practice. Experience engaging with Internal Audit or broader assurance activity would be beneficial.
Experience in insurance or financial services would be valuable, particularly within complex or regulated environments. Exposure to the Lloyd’s or MGA market is helpful, but not essential.
You’ll be comfortable operating at pace, bringing clarity to complex issues and maintaining momentum across multiple priorities. Experience in change or programme-led environments is advantageous, particularly where risk, controls or assurance activity is evolving.
Strong organisational and delivery focus is key. You’ll be someone who can think ahead, keep actions moving and drive progress through others across the business. Just as important is your ability to build trusted relationships, communicate clearly and influence effectively without relying on formal authority.
A pragmatic, commercial mindset is essential, able who can strike the right balance between challenge and partnership, and help position Risk as a function that adds real value.
Core Values
Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.
About CFC
CFC is a specialist insurance provider, pioneering emerging risk and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today's most critical business risk.
Headquartered in London with offices in New York, Melbourne, Sydney, Austin, Madrid, Brussels and Brisbane, CFC has over 1100 staff and is trusted by more than 100,000 businesses across 90 countries.
At CFC, insurance isn't just about underwriting. From data science to software development, and digital marketing design, we've got something for everyone. We're passionate about pushing boundaries, thinking differently and building the insurance company of the future.
CFC is committed to the principles of equal opportunities and creating an environment in which all individuals are always treated with dignity and respect. We encourage a diverse corporate culture of openness and appreciation to create an environment in which your talent can be developed in the best possible way. Should you require any reasonable adjustments at any stage of the recruitment process please let us know.
Our Hiring Process
Stage 1:
Applied
Stage 2:
Hired
Don't worry if you don't see any roles you want to apply for now. Register your interest so we can contact you when a suit role comes along