Chief Risk Officer

Healix
Esher
1 week ago
Create job alert

Job DescriptionAbout Healix International

Healix International is a global leader in travel risk management, medical and security assistance, supporting multinational corporations, governments, NGOs, and insurers around the world. With operations across EMEA, North America, and APAC, we provide world-class medical, security, and crisis response solutions to organisations operating in high-risk and complex environments.

As we scale and evolve, we need a strategic, hands-on Chief Risk Officer (CRO) to shape our approach to risk, legal, compliance, complaints, and information security across our global operations in EMEA, North America, and APAC. This is a high-impact role, reporting directly to the Healix International CEO, and based in Esher, Surrey, with flexible working options available.

We’re open to receiving applications from ambitious Heads of Risk ready for their first CRO role, as well as seasoned leaders seeking a dynamic, high-growth environment. Experience in start-ups, scale-ups, or SMEs is highly valuable, as is expertise in cyber risk and information security governance - critical in an increasingly digital world.

Your mission? Embed risk into the DNA of our business - not as a barrier, but as a driver of smart, sustainable growth. If you’re ready to lead with influence and impact, we’d love to hear from you

Benefits include:

At Healix, our people are driven to do things in the best way, not the way they have always been done. We work hard, and our efforts are rewarded with great development opportunities and a supportive team spirit. 

We want to nurture this friendly and dynamic company culture so that we can continue to attract diverse talent with a breadth of knowledge and world-class skills. As a part of Healix, you can expect a range of excellent benefits and an environment where people really do care.

  • Competitive annual salary

  • Generous annual leave allowance  in addition to public holidays

  • Pension scheme

  • Access to private healthcare via Healix Healthcare Trust

  • Learning development and growth opportunities

 

Position overview

As Chief Risk Officer (CRO), you’ll be a key member of the Healix International Executive Team, driving the global risk strategy across our operations in EMEA, North America, and APAC. You’ll have executive oversight of Legal, Risk, Compliance, Complaints, and Information Security, ensuring resilience, regulatory alignment, and business integrity in a fast-scaling environment.

Working closely with senior leadership and external stakeholders, you’ll embed a strong risk culture that enables smart decision-making and supports our ambitious growth strategy. This role demands a commercially astute, hands-on leader who can build and implement risk frameworks that balance compliance with agility and innovation.

With cyber risk and data security becoming increasingly critical, expertise in cyber risk management, information security governance, or IT risk oversight would be a strong advantage. If you’re ready to lead risk as a strategic enabler of growth, we want to hear from you.

Skills and experience

Essential:

  • Proven experience in a senior risk leadership role, such as CRO, Head of Risk, or General Counsel, preferably in a scaling business, start-up, or SME environment.

  • Strong understanding of enterprise risk, legal compliance, governance, and operational resilience in medical assistance, security, travel risk management, or crisis response sectors.

  • Experience advising executive teams and Boards on global risk strategy and governance.

  • Background in contractual risk management, legal compliance, and complaints resolution across multiple jurisdictions.

  • Experience in embedding a risk culture across an organisation, ensuring risk awareness is integrated into business decision-making.

  • Familiarity with ISO 27001, GDPR, and international cybersecurity best practices.

  • Experience working with cyber risk, information security governance, and IT risk management is highly desirable.

  • Exceptional leadership, stakeholder management, and communication skills, with the ability to influence at the highest levels.

  • Strong commercial acumen, with the ability to balance risk oversight with business agility and growth priorities.

 

Desirable:

  • Experience working in travel risk management, medical assistance, security, or crisis response industries.

  • Legal qualifications (LLB, LPC, or equivalent) or risk management certifications (IRM, CISM, CISSP, etc.).

  • Experience managing risk and compliance across EMEA, North America, and APAC, with an understanding of international regulatory landscapes.

About The Role

Key responsibilities

Executive Leadership & Governance

  • Serve as a key member of the Executive Team, influencing business strategy and embedding risk management in decision-making.

  • Act as a trusted advisor to the CEO and Board, providing expert insight into global risk, compliance, and governance issues.

  • Develop and implement a scalable risk management framework aligned with the company’s rapid growth and evolving operational landscape.

  • Foster and embed a proactive risk culture across the organisation, ensuring teams understand, own, and manage risks as part of their day-to-day activities.

  • Represent Healix International externally, engaging with clients, regulators, and industry bodies on risk-related matters.

 

Building & Embedding a Risk Culture

  • Drive a cultural shift where risk awareness is embedded at all levels of the business, from frontline operations to senior leadership.

  • Ensure risk management is seen as a value driver rather than a compliance burden, supporting innovation, commercial success, and operational resilience.

  • Develop training and engagement programmes to empower employees in understanding and managing risks within their roles.

  • Champion collaboration between risk, legal, compliance, IT security, and commercial teams, ensuring risk considerations are integrated into business decisions.

  • Promote openness and transparency in risk reporting, ensuring teams feel empowered to raise concerns and contribute to continuous improvement.

 

Enterprise Risk Management & Compliance

  • Oversee the enterprise risk management strategy, ensuring key risks are identified, assessed, and mitigated across global operations.

  • Ensure compliance with contractual obligations, industry standards, and best practices, navigating complex regulatory environments across multiple jurisdictions.

  • Monitor emerging risks in travel risk management, medical assistance, security operations, and crisis response, ensuring proactive mitigation strategies from a global perspective.

  • Lead business continuity and crisis management planning, ensuring operational resilience across EMEA, North America, and APAC.

  • Design pragmatic risk and compliance processes that support business growth without unnecessary bureaucracy.

 

Legal & Contractual Risk Management

  • Oversee the global legal function, ensuring effective contractual risk management on commercial agreements, disputes, and regulatory matters.

  • Develop global legal and compliance frameworks that align with Healix International’s operations.

 

Cyber Risk, Information Security & ISMS

  • Oversee the compliance function that ensure compliance with global Information Security Management System (ISMS), alignment with ISO 27001 standards and regional data protection regulations.

  • Provide expert advice on cyber risk management and information security best practices.

  • Define Business Continuity policy and work with business departments and IT to ensure this provides protections commensurate with the agreed risk appetite.

  • Define and maintain cyber resilience strategies, including incident response planning.

  • Provide IT with information security and cyber security risk assessments of solutions and technologies.

  • Perform information security and cyber security risk assessments of third-party suppliers from both technical and contractual perspectives.

  • Support promotion of security awareness and best practices across the business, ensuring employees are trained in recognising and mitigating cyber threats.

Complaints Management & Customer Trust

  • Establish a global complaints management framework, ensuring a consistent, high-quality approach to handling client concerns across all regions.

  • Analyse complaints data to identify trends, root causes, and areas for service improvement, enhancing client trust and operational performance.

  • Collaborate with operational teams worldwide to drive continuous improvement and increased client confidence and satisfaction.

Skills Needed

About The Company

We offer UK employee healthcare benefits, and travel, medical and security assistance in every corner of the globe. Our purpose is to help people in difficult situations – whether that’s a cancer diagnosis, a need for medical assistance when they’re far from home, or being caught up in conflict or natural disaster. We talk to them, support them, and make sure they get the help they need. If necessary, we’ll pull them out and bring them home.

We’re co-ordinators and problem-solvers: experts at navigating the global health and security landscape. Our teams of doctors, nurses, travel and medical co-ordinators and security experts make sure that your people will be looked after, whatever happens supported by technology designed help individuals, not slot them into a predetermined solution.

We work with governments, broadcasters, NGOs, international corporations, major insurers and more. No two clients are the same: we adapt our services to their needs.

More importantly, we adapt to the practical and human needs of the individuals we protect. Most of us are on the front line; we keep our back office lean. We don’t use scripts, and we don’t time calls. We never lose sight of the fact that we’re dealing with real people.

Company Culture

Instead, we focus on ensuring our highly trained specialists have the space and time they need to be effective. We let them use their initiative to get the job done, because the situations they face often throw up unexpected challenges – and no protocol survives contact with the real world.

Our clients have thousands of employees and customers, at home and abroad, so they need a business big enough to handle any situation. But they chose Healix because they also need an organisation that’s personal enough to care.

Our people are driven to do things in the best way, not the way they have always been done. We work hard, and our efforts are rewarded with great development opportunities and a supportive team spirit. 

We want to nurture this friendly and dynamic company culture so that we can continue to attract diverse talent with a breadth of knowledge and world-class skills. As a part of Healix, you can expect a range of excellent benefits and an environment where people really do care.

Desired Criteria

  • Legal qualifications (LLB, LPC, or equivalent) or risk management certifications (IRM, CISM, CISSP, etc.).
  • Experience working in travel risk management, medical assistance, security, or crisis response industries.
  • Experience managing risk and compliance across EMEA, North America, and APAC, with an understanding of international regulatory landscapes.

Required Criteria

  • Proven experience in a senior risk leadership role, such as CRO, Head of Risk, or General Counsel, preferably in a scaling business, start-up, or SME environment.
  • Strong understanding of enterprise risk, legal compliance, governance, and operational resilience in medical assistance, security, travel risk management, or crisis response sectors.
  • Experience advising executive teams and Boards on global risk strategy and governance.

Closing DateFriday 25th April, 2025

Related Jobs

View all jobs

Chief Information Security Officer

Virtual Chief Information Security Officer (vCISO)

Virtual Chief Information Security Officer (vCISO)

Virtual Chief Information Security Officer (vCISO)

Virtual Chief Information Security Officer (vCISO)

Security Engineer, Senior, London, Bank 75k

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

Tips for Staying Inspired: How Cyber Security Pros Fuel Creativity and Innovation

Cyber security professionals face a rapidly changing digital landscape, where new threats emerge almost daily and the stakes—protecting critical data, safeguarding personal privacy, and defending entire infrastructures—could not be higher. It’s easy to be consumed by vulnerability scans, incident response workflows, and endless compliance checks. Yet, thriving in this high-pressure environment demands more than just technical know-how. It also requires creativity and innovation, which enable you to stay one step ahead of potential attackers. So how do cyber security experts remain inspired and agile, even when the challenges can feel relentless? Below, we’ll explore ten actionable strategies to help security analysts, threat hunters, penetration testers, and security engineers maintain fresh perspectives and keep innovating. If you’re looking to sharpen your problem-solving skills and rediscover the spark that drew you to cyber security in the first place, these tips can guide you toward a more fulfilling and impactful career.

Careers

Top 10 Cyber Security Career Myths Debunked: Key Facts for Aspiring Professionals

In a hyper-connected world, cyber security is no longer an afterthought—it’s a core component of modern business, government, and everyday life. From stopping ransomware attacks to safeguarding personal data, cyber security professionals shoulder a vital responsibility: keeping digital systems, networks, and data safe. Unsurprisingly, the demand for skilled cyber security talent continues to surge, offering robust and often lucrative career paths. Yet, despite the industry’s prominence, myths and misconceptions about cyber security careers abound. Is it really just about hacking? Do you need to be a superhuman coder with years of experience? Or is cyber security just a niche field, reserved for tech giants? At CyberSecurityJobs.tech, we see firsthand how these myths deter capable individuals from entering or advancing in one of the most dynamic fields in tech. This article aims to bust the top 10 cyber security career myths—providing clear, evidence-based insights into what it really takes to thrive in this ever-evolving domain. Whether you’re a recent graduate exploring the field, a mid-career professional seeking a pivot, or simply curious about the prospects, read on to discover the true breadth and promise of cyber security careers.

Careers

Global vs. Local: Comparing the UK Cyber Security Job Market to International Landscapes

Understanding opportunities, salaries, and work culture in cyber security across the UK, the US, Europe, and Asia Cyber security has rapidly ascended from a back-office concern to a strategic priority for every industry. As data breaches, ransomware, and nation-state attacks increase in frequency and sophistication, organisations worldwide are racing to fortify their digital defences. This ongoing surge in cyber threats fuels an unprecedented demand for skilled security professionals—ranging from penetration testers and threat intelligence analysts to cloud security architects and CISOs. In this article, we’ll explore how the UK cyber security job market compares to major international hubs in the United States, Europe, and Asia. We’ll discuss job opportunities, salary bands, work culture, and provide guidance for those who might be contemplating remote or overseas positions. By understanding the nuances of each region’s cyber security ecosystem, you can make a more informed decision about where and how to advance your career in this high-impact, fast-evolving sector. Whether you’re a seasoned expert with years of experience or a career-changer eager to break into cyber security, this overview will help you navigate the global landscape. By the end, you’ll have a clearer perspective on each region’s advantages and challenges—along with practical insights for seizing the best opportunities in a field that has become mission-critical for every modern organisation.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.