IT Audit and Risk Lead

Posted 24 days 23 hours ago by Finova Technologies Private Limited

Permanent
Not Specified
Other
London, United Kingdom
Job Description

Audit & Risk Lead - London

About finova

finova is the UK's largest cloud-based mortgages and savings software provider, supporting over 60 leading lenders, 3000 mortgage brokers and 200 financial institutions. Our suite of award-winning software includes a Core Banking Platform, Broker Platform and finova Connect, a range of solutions that connect lenders, intermediaries and consumers. We specialise in offering cutting-edge fintech software to empower our clients with advanced tools and capabilities to stay competitive.

Role Overview:

This role is accountable to the Head of Risk & Compliance, and ultimately the COO. As the Audit & Risk Lead within the R&C function, you will play a crucial role in ensuring the delivery of compliance, security, and governance within our solutions offered to clients in Azure & AWS cloud-hosted estates.

Responsibilities:

  1. Assess and implement compliance measures in line with the R&C control framework.
  2. Audit and review control sets internally of the product in line with our control framework and ISO certification.
  3. Manage client audits on the products as part of the wider Client Governance Schedule.
  4. Interlink with the wider R&C framework for control remediations as a result of audit findings or risk events.
  5. Work alongside the wider risk team to implement and further embed risk management.

About you:

  • Extensive recent experience in auditing is essential as well as managing compliance and governance (preferably for fintech software companies in the financial services sector).
  • Bachelor's degree in computer science, Information Security, Business Management, or a related field.
  • Knowledge of DevOps development cycles and secure development is an advantage.
  • In-depth knowledge of SS2/21 material outsourcing, FCA & PRA regulations, NIST, and ISO.
  • Experience with Azure/AWS cloud services and Azure DevOps Boards and security practices related to cloud-hosted estates is greatly desired.

What will you be doing?

Auditing:

  • Pre-audit ISO27001 control cycle before the certification.
  • Plan and perform internal auditing on products and key risk areas.
  • Manage Client Audit Schedule planned in advance annually partnering with the account managers.
  • Engage with clients to perform their audits, identify gaps and work with stakeholders to provide management responses.
  • Develop internal auditing reporting to cover ISO framework as well as wider internal audit requirements.

Client engagement:

  • Work with the Senior Risk Analyst on the overall Client Governance schedule.
  • Develop a relationship with the customer as a trusted advisor and contact point.

Governance, Reporting & Collaboration:

  • Support monthly & quarterly reporting on risk and implementation plans.
  • Collaborate with other senior leaders within finova to integrate compliance and security measures.

What will you get from joining the finova family?

  • Flexible Working: 25 days holiday in each calendar year plus bank holidays.
  • Looking After You: Life Assurance, Group Income Protection and Private Medical Insurance.
  • Family Friendly policy: Enhanced maternity and paternity pay.
  • Extra Perks: Cycle to Work Scheme, access to benefits & discounts.

Equal Opportunity Statement

Diverse teams really are the best teams. We promote a working environment in which diversity is recognised, valued and encouraged.