Governance, Risk & Assurance Analyst

---

Job description

Who are we?
We want to help small businesses win. That's why we're here.
We connect small business owners to investors - to create jobs, support local communities and power economies - because we believe that people are made to do more. And we want to help realise their goals.
So, we created the leading small business loan platform. Investors have lent £9.8 billion in 130,000 loans to 90,000 small business owners. In a single year, this lending unlocked 115,000 jobs and contributed £6.5 billion to the global economy. There's never been a better time to join!
Be part of the team that changes everything. Let's build the place where small businesses can get the funding they need to win and leave a legacy behind, forever.
This role sits within the Tech teams. The drivers behind our platform - brilliant people working together to create, code, and build the next game changers.
What will you be doing?
As a Governance, Risk & Assurance Analyst in Information Security you'll be one of our most important support points, helping to identify, assess and manage risk. Your work will make a huge difference in ensuring we have secure and stable systems, applications and services to support small business owners.

• Engaging with business stakeholders to identify risks and control deficiencies.
• Improving our Risk Management processes and Control Framework
• Supporting the Access Review process for critical systems and applications.
• Validating the effectiveness of people, process and technology controls.
• Assisting in evidence gathering to support external and investor audits.
• Reviewing, updating and maintaining the Information Security Policy & Standard Suite
• Performing Supplier Assurance Reviews as part of due diligence activities.

Are you?

• Engaging with technical and non-technical stakeholders and translate technical risks into clear business language
• Knowledgeable of risk concepts and terminology.
• Exposed to risk assessments and involvement in managing remediation efforts.
• Competent with technology and supporting processes with knowledge of industry recognised frameworks e.g. ISO27001, NIST, CIS.
• Exposed to audits and due diligence requests as well as the management of security policies and standards.
• Supplier engagement and understanding supplier provided service risks.
• Working with and producing metrics and presentation packs for risk forums and committees.
• Keen to learn and develop your skills within Information Security

Why should you join us?
We're gearing up for our biggest chapter yet - and it's being driven by tech.
That means full steam ahead working on our global platform and real challenges for you to noodle and solve - as we build new things, reimagine the stack and go after the greenfield.
We believe that great ideas come from everywhere. So, there are no pigeonholes here. We keep it agile and open. Think big remits and huge ownership in a continuous learning environment. Close knit teams, with mentorships and global career opportunities. Everyone working together to make a genuine difference to small business owners.
Join the team making it happen. Help us define long-term commitments and launch the next game changers - let's build the incredible.
It's in our differences that we find our strengths.
At Funding Circle, we celebrate and support the differences that make you, you. We're proud to be an equal opportunity workplace and affirmative action employer. We truly believe that diversity makes us better. We particularly encourage applications from applicants from underrepresented backgrounds. We welcome applicants who may want to work flexibly.
Want to Build the Incredible? We'd love to hear from you.
#LI-CW1 TECH01