CFC

CFC is seeking a Sustainability & Governance Senior Associate in London to lead the development and delivery of its sustainability strategy. You will work across teams to embed ESG principles into daily operations and ensure compliance with sustainability regulations. The ideal candidate will have a strong background in ESG, governance, and risk, with experience in producing Board-level reports. Join a dynamic environment at a fast-growing insurance company focused on practical sustainability solutions.

Sustainability & Governance Senior Associate Department: Governance Employment Type: Permanent - Full Time Location: UK - London Reporting To: Edward Shone Description We're looking for a Sustainability & Governance Manager to play a key role in supporting and embedding CFC's approach to sustainability, governance, and risk. This isn't a typical ESG role. Alongside contributing to the development and delivery of our sustainability strategy, you'll focus on making it real in how the business operates day to day, from underwriting and risk management through to policy governance and Board reporting. Working across a fast-moving, high-growth insurance business, you'll partner closely with teams across Underwriting, Governance, Operations and Finance to ensure sustainability is practical, measurable, and embedded in decision-making. You'll also support the ongoing development of our policy governance framework, helping ensure the right level of control, consistency, and oversight as we scale. About the role Contribute to the development and lead delivery of CFC's sustainability strategy, translating high-level ambition into clear priorities, frameworks, and actions aligned to our commercial and regulatory environment. Work closely with stakeholders across the business to embed ESG principles into day-to-day activity, providing guidance where needed and building a consistent understanding of sustainability expectations. Own the production of sustainability reporting across the Group, including Board and Committee outputs, and Syndicate 1988. The role will also contribute to regulatory submissions, external disclosures, and shareholder reporting. Ensure the business remains aligned with evolving sustainability regulations across multiple jurisdictions, coordinating activity across teams and staying close to emerging requirements. Partner with Risk to ensure sustainability risks are identified, assessed, and managed in line with the broader Risk Management Framework, with clear visibility through governance forums. Work with underwriting teams to embed ESG considerations into portfolio management, supporting the definition and monitoring of ESG appetite and strengthening reporting and oversight. Take ownership of day-to-day management of the Group's policy governance framework, maintaining a robust suite of policies across jurisdictions and supporting effective governance through the appropriate forums. Contribute to wider governance initiatives, playing a hands-on role in the ongoing development of CFC's Legal, Risk and Compliance capability. Working with the Head of Risk, manage the day-to-day relationship with the Group's insurance brokers and oversee the renewal of the Group's insurances and management of the programme. About you Experience in ESG, sustainability, governance, or risk within financial services, ideally insurance or the Lloyds Market Track record of delivering ESG or sustainability initiatives in a commercial environment Experience producing or contributing to Board or Committee-level reporting Familiarity with sustainability regulation and reporting frameworks, applied in practice Exposure to cross-functional working with Risk, Compliance, Underwriting, or Finance Understanding of governance frameworks, including policy or risk processes Good knowledge of ESG principles, regulation, and reporting requirements Understanding of governance structures and risk frameworks in financial services. Ability to interpret regulation and translate into practical actions Comfortable using data to support reporting and decision-making Strong stakeholder management and ability to influence across the business Clear communicator, able to tailor messages for different audiences Pragmatic and solutions-focused, balancing regulatory and commercial needs Well organised, able to manage multiple priorities in a fast-paced environment High attention to detail, particularly in reporting and governance

Sustainability & Governance Senior Associate Department: Governance Employment Type: Permanent - Full Time Location: UK - London Reporting To: Edward Shone Description We're looking for a Sustainability & Governance Manager to play a key role in supporting and embedding CFC's approach to sustainability, governance, and risk. This isn't a typical ESG role. Alongside contributing to the development and delivery of our sustainability strategy, you'll focus on making it real in how the business operates day to day, from underwriting and risk management through to policy governance and Board reporting. Working across a fast-moving, high-growth insurance business, you'll partner closely with teams across Underwriting, Governance, Operations and Finance to ensure sustainability is practical, measurable, and embedded in decision-making. You'll also support the ongoing development of our policy governance framework, helping ensure the right level of control, consistency, and oversight as we scale. About the role Contribute to the development and lead delivery of CFC's sustainability strategy, translating high-level ambition into clear priorities, frameworks, and actions aligned to our commercial and regulatory environment. Work closely with stakeholders across the business to embed ESG principles into day-to-day activity, providing guidance where needed and building a consistent understanding of sustainability expectations. Own the production of sustainability reporting across the Group, including Board and Committee outputs, and Syndicate 1988. The role will also contribute to regulatory submissions, external disclosures, and shareholder reporting. Ensure the business remains aligned with evolving sustainability regulations across multiple jurisdictions, coordinating activity across teams and staying close to emerging requirements. Partner with Risk to ensure sustainability risks are identified, assessed, and managed in line with the broader Risk Management Framework, with clear visibility through governance forums. Work with underwriting teams to embed ESG considerations into portfolio management, supporting the definition and monitoring of ESG appetite and strengthening reporting and oversight. Take ownership of day-to-day management of the Group's policy governance framework, maintaining a robust suite of policies across jurisdictions and supporting effective governance through the appropriate forums. Contribute to wider governance initiatives, playing a hands-on role in the ongoing development of CFC's Legal, Risk and Compliance capability. Working with the Head of Risk, manage the day-to-day relationship with the Group's insurance brokers and oversee the renewal of the Group's insurances and management of the programme. About you Experience in ESG, sustainability, governance, or risk within financial services, ideally insurance or the Lloyds Market Track record of delivering ESG or sustainability initiatives in a commercial environment Experience producing or contributing to Board or Committee-level reporting Familiarity with sustainability regulation and reporting frameworks, applied in practice Exposure to cross-functional working with Risk, Compliance, Underwriting, or Finance Understanding of governance frameworks, including policy or risk processes Good knowledge of ESG principles, regulation, and reporting requirements Understanding of governance structures and risk frameworks in financial services. Ability to interpret regulation and translate into practical actions Comfortable using data to support reporting and decision-making Strong stakeholder management and ability to influence across the business Clear communicator, able to tailor messages for different audiences Pragmatic and solutions-focused, balancing regulatory and commercial needs Well organised, able to manage multiple priorities in a fast-paced environment High attention to detail, particularly in reporting and governance

CFC is seeking a Sustainability & Governance Senior Associate to support and embed its sustainability framework within the organization. You will play a key role in delivering the sustainability strategy, working closely with various teams to ensure ESG principles are integrated into day-to-day operations. The ideal candidate should have experience in ESG governance in the financial services sector and be familiar with sustainability regulations and reporting frameworks. Strong stakeholder management is essential.

CFC is seeking an experienced Security Architect in London to support a major transformation of its core security systems. This critical role requires exceptional skills in secure software development, cloud security, and API security to embed security practices across projects. Candidates should have over five years of experience in regulated environments and familiarity with regulatory frameworks such as NYDFS, GDPR, and those in Australia. Relevant certifications like CISSP or TOGAF are highly desirable. The company values passion, creativity, and teamwork.

Security Architect Department: Global Security Services Employment Type: Permanent - Full Time Location: UK - London Description CFC is embarking on a major transformation of its core platforms and systems. To ensure these changes are secure, resilient, and compliant, we are seeking an experienced Security Architect. This role is critical to embedding secure by design principles for the future, supporting our Security Maturity Programme, and aligning with the CISO strategy. About the role You will work daily with the Group CISO to ensure consistent high standards in your areas of responsibility and ensure global adherence to security practices. The ideal candidate will have good knowledge of regulatory frameworks such as NYDFS Cybersecurity Regulation, GDPR, and other European and Australian data protection laws, and will bring a proactive, risk based approach to the governance and operationalisation of security architecture. Lead the design and review of secure architecture across strategic change projects. Define and implement SDLC security standards and best practices across change projects. Develop and enforce API security standards and secure integration patterns. Conduct threat modelling and risk assessments for new technology implementations. Ensure alignment with enterprise architecture and regulatory frameworks. Support the integration of DevSecOps practices and secure CI/CD pipelines. Collaborate with engineering, architecture, and compliance teams to embed security from project inception. Provide expert guidance on privacy-by-design and operational resilience requirements. About you Exceptional understanding of secure software development, cloud security, and API security is essential, along with the ability to apply these principles in practical environments. Experience working with DevSecOps, CI/CD pipelines, and modern development practices further strengthens the capability to embed security into every stage of delivery. The role also requires strong skills in conducting threat modelling, performing risk assessments, and reviewing solution architectures, all supported by excellent communication and stakeholder engagement abilities. Candidates should have proven experience as a Security Architect, ideally with more than five years in regulated environments. Familiarity with regulatory frameworks across the US, UK, and Australia is important, as is holding relevant certifications such as CISSP, SABSA, TOGAF, or AWS/Azure Security, which are highly desirable. Core Values Love what you do: We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers. Challenge everything: We're never afraid to question the way that things are done and we constantly challenge ourselves and others to make things better. Have fun, be good: Insurance is a serious business, but we don't take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.

CFC is searching for a Senior Python Engineer to join their Global Security Services team in London. You will develop data capabilities critical to protecting policyholders from cyber threats, utilizing a modern tech stack including Python, PostgreSQL, and cloud infrastructure. The role emphasizes collaboration, mentoring, and automation, fostering a high-quality engineering culture. Candidates should have strong Python skills, experience with data at scale, and a background in relevant fields. This position offers a permanent, full-time contract with a commitment to quality and innovation.

Senior Python Engineer Department: Global Security Services Employment Type: Permanent - Full Time Location: UK - London Description Working within our Cyber Data Services team, which is at the core of our Proactive Insurance product offering and CFC's promise to protect our policyholders from existing and emerging cyber security vulnerabilities and threats. You will play a key role in developing the company's competitive advantage in aggregating, presenting, and analysing large datasets. You will contribute to the development of our proprietary data platform and work to solve problems that are key to protecting our policyholders. Your contributions will have a material impact on the business as a whole where you will be expected to play a role designing and implementing new data capabilities (ingesting large datasets, building robust & high-performance APIs, consuming high-frequency event streams), as well as improving the quality of our existing products and solutions. About the role In this role, you'll work across CFC's modern technology stack, contributing to solutions built with Python, Linux (via WSL), PostgreSQL, SQL Server, Databricks, and cloud infrastructure spanning both Azure and AWS. A core part of your work involves designing and implementing advanced data ingestion and transformation pipelines, as well as orchestrating large-scale, parallel network I/O processes. You'll collaborate closely with engineering and infrastructure teams to maintain and enhance Infrastructure as Code, helping develop new features for CFC's Engineering Platform. Working with peers and data customers, you'll model data for both operational and analytical use cases, contributing to the evolution of a data mesh architecture across the wider enterprise. Ensuring high-quality data is a key focus-supporting data quality metrics, evaluating new data sources, and improving overall data reliability throughout the estate. Quality and automation are central to the role. You'll help strengthen CI/CD processes to support efficient, bug free releases and maintain clear, accessible technical documentation. You'll also contribute to test automation, assess application security against CFC standards, and ensure APIs comply with relevant internal guidelines. Beyond technical delivery, you'll be part of a pairing first, collaborative engineering culture-sharing knowledge, learning from colleagues, and supporting less experienced team members through mentoring, design reviews, and code reviews. You'll actively participate in open, honest discussions about design decisions and help foster a safe, constructive working environment. About you This role calls for someone with strong Python expertise, ideally across PostgreSQL, SQL Server, and Databricks, and who is fully comfortable working without an ORM. You should be confident operating with data at scale and enjoy a command line-driven workflow using tools like git, bash or zsh, and optionally vim. A background-formal or practical-in Computer Science, Software Engineering, Logic, Applied Statistics, Actuarial Science, Data Science, or a related discipline will further strengthen your foundation for success. You'll bring the ability to clearly grasp and articulate technical solutions, adapting your communication style for both technical and non technical audiences. Applying agile principles intelligently will be a natural part of how you work. You should also be comfortable interrogating and presenting data, and willing to showcase analytical outcomes on behalf of your team. Finally, the role requires demonstrable experience as a senior software engineer with a strong emphasis on Python. You'll combine hands on development capability with strong analytical thinking and the communication skills needed to advocate for high quality engineering practices.

Incident Response Consultant Department: Incident Response Employment Type: Permanent - Full Time Location: UK - London Reporting To: Connor Rowden Description At CFC Response you will be part of a unique collaborative team of incident responders, business resumption engineers, and cybersecurity specialists whose sole responsibility it is to protect, recover, and mature the more than 80,000 CFC Underwriting insurance policyholders. You will be joining a group of technical experts who tackle cyber threats day-in-day-out, at scale, for a myriad of clients ranging from small businesses with minimal in-house capabilities, right through to large complex corporations with a full stack. You will never be bored, you will always be learning, and you will have fun doing it. This is a technical incident response role whose primary focus will be on data scoping and collection, investigation of the root cause, scope and data impact of a cyber incident and the verbal and written reporting of findings to respective insured/clients. As part of this undertaking, you will be joining a team of leading IR industry professionals who are responding to complex cyber incidents, at scale and across the globe. Furthermore, you will be supported by a wider team of experts. Key Responsibilities You'll lead the charge in collecting and analysing data, uncovering root causes, and identifying the scope of data exposure. Your insights will directly shape containment and eradication strategies for clients, and you'll have the opportunity to present your findings with confidence, answering technical questions and guiding stakeholders through the incident lifecycle. From authoring detailed investigation reports aligned to the MITRE ATT&CK framework to compiling Indicators of Compromise, your work will be critical in helping clients understand and recover from complex threats. Beyond technical excellence, this role is about building trust and delivering exceptional service. You'll collaborate closely with clients, policyholders, brokers, underwriters, and capacity providers-fostering strong relationships and championing the values that define CFC's culture. Whether you're analysing phishing emails and bypassed security controls or supporting the wider incident response team, your contributions will reflect integrity, accuracy, and quality. If you're passionate about cybersecurity and thrive in a fast-paced, client-focused environment, this is your chance to be part of something truly meaningful. Skills, Knowledge and Expertise Within this role, the successful candidate will have: Demonstrable understanding of common cyber-attacks. Programming experience in Python, PowerShell, BASH or similar scripting languages. Working knowledge of the Microsoft 365 platform. Laser focus on customer service and product excellence. Demonstratable investigational skills. Core Values Love what you do: We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers. Challenge everything: We're never afraid to question the way that things are done and we constantly challenge ourselves and others to make things better. Have fun, be good: Insurance is a serious business, but we don't take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.