Governance, Risk & Assurance Specialist

Security & Infrastructure London, United Kingdom


Who are we?

We want to help small businesses win. That’s why we’re here. 

We connect small business owners to investors – to create jobs, support local communities and power economies – because we believe that people are made to do more. And we want to help realise their goals. 

So, we created the leading online marketplace for small business loans. Our investors have lent £15.2 billion to 135,000 small business owners. In 2022, lending through Funding Circle’s UK platform helped generate £6.9 billion in GDP while creating and sustaining 106,000 jobs. There’s never been a better time to join!

Be part of the team that changes everything. Let’s build the place where small businesses can get the funding they need to win and leave a legacy behind, forever. 

This role sits within the Tech teams. The drivers behind our platform – brilliant people working together to create, code, and build the next game changers.

What will you be doing?

As a Governance, Risk & Assurance Specialist in Information Security, you’ll be one of our most important support points, helping to identify, assess and manage risk, whilst ensuring appropriate controls are embedded. Your work will make a huge difference in ensuring we have secure and stable systems, applications and services to support small business owners.

  • Engage with business stakeholders to identify risks and control deficiencies.
  • Maintain the information security risk assessment framework, and risk register, in line with standards such as ISO27001 and CIS Framework.
  • Manage the User Access Review process for critical systems and applications.
  • Validate the effectiveness of people, process and technology control.
  • Manage external and investor audits such as ISAE3402, PCI DSS, SOC 1 and Swift.
  • Review, update and maintain the Information Security Policy & Standard Suite.
  • Perform Supplier Assurance Reviews as part of due diligence activities.

Are you?

  • Engaging with technical and non-technical stakeholders and translating technical risks into clear business language
  • Knowledgeable of risk concepts and terminology. 
  • Exposed to risk assessments and involvement in managing remediation efforts. 
  • Competent with technology and supporting processes with knowledge of industry-recognised frameworks e.g. ISO27001, NIST, CIS.
  • Exposed to audits and due diligence requests as well as the management of security policies and standards. 
  • Supplier engagement and understanding supplier-provided service risks.
  • Working with and producing metrics and presentation packs for risk forums and committees.
  • Keen to learn and develop your skills within Information Security.

Did you know?

Research shows that some people are less likely to apply to jobs unless they meet every single criteria. At Funding Circle we are committed to building diverse teams so please apply even if your past experience doesn’t align perfectly with the requirements. You might just be the perfect fit. 

Why join us?

Talk to our recruiters about our workplace, culture and benefits covering. We have designed our offering around;  Health, Wealth, Lifestyle & Development! 

A few highlights are: 

  • Hybrid working environment (2 days a week in office), flexible working options with an amazing office and we will help support your home working set up.
  • Private Medical Insurance and Dental Insurance.
  • Learning allowances AND other perks such as Gympass, Spill, Just Eat allowance, Electric Car Scheme and more! 
  • Access to Octopus Money Coach, Free Mortgage advisor partnership, Discounts at other retailers through perks at work. 

Want to Build The Incredible? We’d love to hear from you.