Head of Risk

At On, we move fast and build things that last. Our Group Risk & Internal Controls (GRIC) function protects what we’ve built and enables confident decision-making as we scale globally. We’re looking for a Head of Risk to architect an integrated risk ecosystem. In this role, you will harmonize our Enterprise Risk Management (ERM) Business Continuity Management (BCM) and Double Materiality Assessment (DMA) frameworks, ensuring our business strategy, operational resilience and our environmental and social impacts are not just compliance requirements, but strategic drivers. Your goal is to take these frameworks into the trenches, making them capabilities that evolve at the pace of one of the fastest-growing premium sportswear brands in the world. You will have a seat at the table where risk meets strategy, acting as a trusted advisor to ensure our boldest moves are grounded in intelligent, risk-informed insights. We don’t just want a maintainer; we want an entrepreneurial builder who thrives in the detail and drives our mission forward through partnership and preparedness.

Enterprise Risk Management

• Own and continuously improve the enterprise risk management framework, as the primary governance structure, ensuring alignment with On’s strategy, regulatory obligations, and industry best practices.
• Facilitate the integrated risk cycle, including the identification, assessment, facilitate risk response and reporting cycle, including acting as the central hub where BCM operational risks and DMA materiality findings are synthesized into the Group risk register.
• Prepare unified risk reporting for senior leadership, translating risk data from all three frameworks into actionable recommendations for the Board and Executive Team.
• Monitor the external risk landscape – including regulatory shifts, geopolitical developments, and emerging threats to proactively advise the business.
• Partner with Internal Controls and Internal Audit to ensure risk identified via ERM, BCM, and DMA inform control design and assessment priorities.Drive a proactive risk culture across the organization, making risk management a strategic tool for growth rather than a compliance exercise.

Business Continuity Management

• Own the BCM framework, crisis management and business continuity plans (BCPs), driving their expansion across all critical functions, entities, and geographies.
• Design and implement BCPs for critical business processes, working directly with process owners to scale operational resilience globally.
• Lead a structured assessment programme of tabletop exercises and simulation drills, feeding lessons learned back into plan improvements and into the ERM framework to refine risk appetite.
• Coordinate with Tech on disaster recovery (DR) alignment, ensuring business continuity and tech resilience are assessed as a unified front.

Double Materiality Assessment (DMA)

• Support the DMA process to identify and assess On’s environmental and social impacts, as well as the financial risks and opportunities they present.
• Ensure DMA outcomes are integrated into the ERM cycle, bridging the gap between sustainability impact and financial risk management.
• Collaborate with the relevant stakeholders (e.g. Non-Financial Reporting teams, Sustainability, Legal, etc.) to ensure materiality assessments meet evolving regulatory standards while remaining grounded in business reality.

Cross-Cutting

• Act as a subject matter expert to senior business leaders on operational resilience, ESG-related risks, and risk-informed decision-making.
• Collaborate across functions, including Legal, Compliance, Tech Security, Operations and Sustainability, to embed risk considerations into enterprise-wide initiatives.