Funding Circle UK Careers

Description

The role 

• Lead and continue to evolve our third-party risk management (TPRM) programme, performing security risk assessments for new and existing vendors to identify and mitigate potential risks.
• Manage and enhance our company-wide security awareness programme, delivering engaging training and identifying new ways to foster a strong security-conscious culture.
• Act as a key contributor during internal and external security audits, helping to gather evidence and formulate clear, concise responses for auditor and regulator inquiries.
• Analyse and report on key security metrics and risk indicators (KRIs), identifying trends to measure the effectiveness of our security programme and inform strategic decisions.
• Provide hands-on support on Security Operations, assisting with tasks such as incident triage, analysis, and other operational security duties.
• Support the incident response process by providing crucial risk context and ensuring activities align with our overall risk posture.
• Stay current with the evolving threat landscape, industry trends, and new regulations to proactively manage and mitigate emerging cyber risks.

What we’re looking for

• Significant (4+ years) hands-on experience in a Cyber Risk, GRC, or Information Security role with a demonstrable focus on risk management and compliance.
• Deep, demonstrable expertise in operating within an Information Security Management System (ISMS) and applying security frameworks (e.g., ISO 27001, NIST CSF, SOC 2) to practical scenarios.
• Proven, hands-on experience conducting comprehensive risk assessments using established methodologies and managing risks throughout their lifecycle.
• Experience applying and advising on security policies and standards to ensure effective control implementation across the organisation.
• Experience managing or significantly contributing to a third-party risk management (TPRM) program.
• Proven experience managing and responding to internal and external audits.
• Excellent communication and influencing skills, with the ability to articulate complex security and risk concepts clearly to both technical and non-technical audiences.
• Ability to work collaboratively across multiple teams and build strong relationships with stakeholders in Procurement,, Legal, and Compliance.
• A pragmatic and business-focused approach to risk management.

Nice to have

• Relevant industry certifications (e.g., CISM, CRISC, CISA, CISSP).
• Experience with GRC and TPRM tooling.
• Familiarity with security operations tools, such as a SIEM and Endpoint Detection & Response (EDR) platforms.
• Experience in automating compliance evidence collection and reporting.
• Experience working in FinTech or other highly regulated environments.

• We have a huge impact on the businesses that borrow through our platform, the communities they serve and the overall economy (last year £6.9bn of GDP generated). You can read our full Impact Report here: https://www.fundingcircle.com/uk/impact 
• To see what our customers think, visit our Trustpilot page: https://uk.trustpilot.com/review/fundingcircle.com 
• And we’re still evolving! Our award-winning multi-product platform is solving more SME finance challenges than ever before. We think big, rally together and meet the needs of SME customers like no other.

• Health: Private Medical Insurance through Aviva, Dental Insurance through Bupa, MediCash, access to free online therapy sessions and exclusive discounts with Hertility for reproductive health support.
• Wealth: Octopus Money Coach, free mortgage advisor partnership and discounts across numerous retailers through Perks at Work. 
• Development: Dedicated annual learning allowance and full access to internal learning platform.
• Lifestyle: Wellhub (for fitness discounts), Electric Car Scheme and more! 

Ready to make a difference? We’d love to hear from you.