Department: Operations
Employment Type: Permanent - Full Time
Location: UK - London
CFC is building a formal Third‑Party Risk Management (TPRM) capability for the first time. Following the development of a new TPRM framework, this role will take ownership of embedding, operating, and continuously improving that framework across the organisation.
The TPRM Manager will work closely with Procurement, Risk, Compliance and other business teams to ensure third‑party risk activities are aligned with supplier onboarding, contract oversight and ongoing supplier governance. The role will also support CFC’s Operational Resilience programme, ensuring third‑party dependencies and critical suppliers are properly assessed and monitored.
This is a hands‑on, business‑facing 1st Line of Defence role requiring strong judgement, stakeholder engagement and the ability to make a new framework practical, scalable and embedded in day‑to‑day decision‑making.
This role puts you at the centre of how CFC manages, understands, and mitigates third‑party risk — a critical capability in a highly regulated, fast‑moving insurance business.
You’ll own and continuously improve CFC’s Third Party Risk Management (TPRM) framework, ensuring it remains robust, consistent, and aligned with evolving regulatory expectations from bodies such as the FCA and Lloyd’s Working closely with Procurement, Risk, Legal, IT and the wider business, you’ll help embed clear, practical risk processes across the full supplier lifecycle — from onboarding through to renewal and exit.
A key part of the role involves leading supplier risk assessments and due diligence, coordinating inputs across operational, information security, financial, legal and regulatory domains. You’ll bring these perspectives together into clear, actionable recommendations for contract owners and senior stakeholders, helping the business make confident, informed decisions while maintaining appropriate controls and mitigations.
You’ll also play an important role in strengthening CFC’s Operational Resilience, mapping critical third‑party dependencies, identifying key suppliers linked to important business services, and tracking remediation actions where risks are identified. Your work will directly support regulatory self‑assessments, resilience documentation, and ongoing assurance activity.
Beyond day‑to‑day delivery, you’ll act as a trusted point of contact for TPRM across the organisation, providing guidance, training, and support to help teams understand their supplier risk obligations. You’ll develop insightful dashboards and reporting for senior forums, maintain strong governance and audit trails, and help evolve how we use technology — including our newly implemented TPRM system — to improve efficiency, visibility, and control.
This is a role with real visibility, influence, and impact: combining regulatory rigour with continuous improvement, stakeholder engagement, and the opportunity to shape how supplier risk is managed across CFC.
Love what you do:
We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers.
Challenge everything:
We’re never afraid to question the way that things are done and we constantly challenge ourselves and others to makes things better.
Have fun, be good:
Insurance is a serious business, but we don’t take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.
CFC is a specialist insurance provider, pioneer in emerging risk and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today’s most critical business risks.
Headquartered in London with offices across Europe, USA and Australia, CFC has over 1000 employees and is trusted by more than 200,000 businesses in 90 countries.
