IT Audit and Risk Lead
Posted 24 days 23 hours ago by Finova Technologies Private Limited
Audit & Risk Lead - London
About finova
finova is the UK's largest cloud-based mortgages and savings software provider, supporting over 60 leading lenders, 3000 mortgage brokers and 200 financial institutions. Our suite of award-winning software includes a Core Banking Platform, Broker Platform and finova Connect, a range of solutions that connect lenders, intermediaries and consumers. We specialise in offering cutting-edge fintech software to empower our clients with advanced tools and capabilities to stay competitive.
Role Overview:
This role is accountable to the Head of Risk & Compliance, and ultimately the COO. As the Audit & Risk Lead within the R&C function, you will play a crucial role in ensuring the delivery of compliance, security, and governance within our solutions offered to clients in Azure & AWS cloud-hosted estates.
Responsibilities:
- Assess and implement compliance measures in line with the R&C control framework.
- Audit and review control sets internally of the product in line with our control framework and ISO certification.
- Manage client audits on the products as part of the wider Client Governance Schedule.
- Interlink with the wider R&C framework for control remediations as a result of audit findings or risk events.
- Work alongside the wider risk team to implement and further embed risk management.
About you:
- Extensive recent experience in auditing is essential as well as managing compliance and governance (preferably for fintech software companies in the financial services sector).
- Bachelor's degree in computer science, Information Security, Business Management, or a related field.
- Knowledge of DevOps development cycles and secure development is an advantage.
- In-depth knowledge of SS2/21 material outsourcing, FCA & PRA regulations, NIST, and ISO.
- Experience with Azure/AWS cloud services and Azure DevOps Boards and security practices related to cloud-hosted estates is greatly desired.
What will you be doing?
Auditing:
- Pre-audit ISO27001 control cycle before the certification.
- Plan and perform internal auditing on products and key risk areas.
- Manage Client Audit Schedule planned in advance annually partnering with the account managers.
- Engage with clients to perform their audits, identify gaps and work with stakeholders to provide management responses.
- Develop internal auditing reporting to cover ISO framework as well as wider internal audit requirements.
Client engagement:
- Work with the Senior Risk Analyst on the overall Client Governance schedule.
- Develop a relationship with the customer as a trusted advisor and contact point.
Governance, Reporting & Collaboration:
- Support monthly & quarterly reporting on risk and implementation plans.
- Collaborate with other senior leaders within finova to integrate compliance and security measures.
What will you get from joining the finova family?
- Flexible Working: 25 days holiday in each calendar year plus bank holidays.
- Looking After You: Life Assurance, Group Income Protection and Private Medical Insurance.
- Family Friendly policy: Enhanced maternity and paternity pay.
- Extra Perks: Cycle to Work Scheme, access to benefits & discounts.
Equal Opportunity Statement
Diverse teams really are the best teams. We promote a working environment in which diversity is recognised, valued and encouraged.