Audit & Risk Lead – London About finova finova is the UK's largest cloud-based mortgages and savings software provider, supporting over 60 leading lenders, 3000 mortgage brokers and 200 financial institutions. Our suite of award-winning software includes a Core Banking Platform, Broker Platform and finova Connect, a range of solutions that connect lenders, intermediaries and consumers. Fast implementation and open architecture are at the centre of our technology, giving our customers the flexibility to integrate into their existing systems or configure solutions to meet the needs of their business.
Role Overview: This role is accountable to the Head of Risk & Compliance, and ultimately the COO. As the Audit & Risk Lead within the R&C function, you will play a crucial role in ensuring the delivery of compliance, security, and governance within our solutions offered to clients' in Azure & AWS cloud-hosted estates.
Responsibilities: Assessing and implementing compliance measures in line with the R&C control framework.Auditing and reviewing control sets internally of the product in line with our control framework and ISO certification.Managing client audits on the products as part of the wider Client Governance Schedule.Linking audit findings into the wider Risk management framework and remediation schedule.Working alongside the wider risk team to implement and further embed risk management.About you: • Extensive recent experience in auditing is essential as well as managing compliance and governance (preferably for fintech software companies in the financial services sector)
• Bachelor's degree in computer science, Information Security, Business Management, or a related field
• Knowledge of DevOps development cycles and secure development, an advantage
• In-depth knowledge of SS2/21 material outsourcing, FCA & PRA regulations, NIST, and ISO, with a proven track record of implementing and maintaining compliance & control frameworks
• Experience with Azure/AWS cloud services and Azure DevOps Boards and security practices related to cloud-hosted estates is greatly desired
• The ability to work with multiple different L1 departments both in software development and servicing, and partnering with the wider risk team is essential
What will you be doing? Auditing: Pre-audit ISO27001 control cycle before the certification.Plan and perform internal auditing on products and key risk areas.Manage Client Audit Schedule planned in advance annually partnering with the account managers.Link any findings of audits into the wider Risk management framework and remediation schedule.Client engagement: Work with the Senior Risk Analyst on the overall Client Governance schedule.Develop a relationship with the customer as a trusted advisor and contact point.Governance, Reporting & Collaboration: Support monthly & quarterly reporting on risk and implementation plans.Collaborate with other senior leaders within finova to integrate compliance and security measures.What will you get from joining the finova family? Flexible Working: 25 days holiday in each calendar year plus bank holidays.
Looking After You: Life Assurance, Group Income Protection and Private Medical Insurance.
Equal Opportunity Statement: Diverse teams really are the best teams, we promote a working environment in which diversity is recognised, valued and encouraged.
#J-18808-Ljbffr