IT Audit and Risk Analyst (Hybrid -Cheltenham / London)

About Finova

Finova is the UK''s largest mortgage and savings technology provider, powering one in every five mortgages across the country. Our agile, cloud-native solutions help over 60 banks, building societies, specialist lenders and equity release providers - plus a network of 2,400+ brokers - stay ahead of the market.

We offer a flexible, proven suite of software that covers the full customer journey - from mortgage and savings origination to servicing and CRM. Backed by an open architecture and a team with deep industry expertise, our platform is built to scale. Today, we process over £50 billion in loans each year, manage nearly £50 billion in savings, and support the digital servicing of more than 650,000 UK borrower accounts.

The Risk and Compliance Team

The RandC Team provides support to all 450+ colleagues across Finova playing a vital role in ensuring client solutions hosted within Azure and AWS environments adhere to stringent security, governance, and regulatory standards. Their remit includes supporting external audits aligned with the Client Governance Schedule and contributing to the continuous development of the organisation''s Risk Management Framework. The team works closely with project leads and engages proactively with both internal stakeholders and clients to uphold best practices in risk mitigation and compliance oversight.

What will you be doing?

Auditing - under the direction of the Audit LeadAssist in the Client Audit Schedule throughout the year covering client audits and due diligencesAttend meetings to prep for audits with key stakeholders, take minutes and follow up on actionsEngage with clients to perform their audits, identify gaps and work with stakeholders to provide management responsesValidation of audit evidence before submissionLink any findings of audits into the wider Risk management framework and remediation scheduleWork with key internal stakeholders to develop in house SoPs to improve consistency and robust control improvements, as well as automation where possibleAttend audit debriefs after closure, take minutes and actions as necessary and track through to completionRisk Framework:Work alongside the RandC function to embed risk and compliance frameworks within product servicing to ensure regulatory and contractual compliance using our Risk system HyperproofCompletion of client and annual Due diligence framework in Risk Ledger, confirming accuracy and documentationWork in line with the overall control framework, which is aligned to ISO27001, ISO27017, ISO9001, FSQS audit and NISTManage the admin around the Policy framework, ensuring accuracy and timeliness of updatesManage the timely collection of documentation around ICO registrations and insurancesManage the Client CRM and TP Matrix with accuracy and timelinessManage the collection of TP documentation for our Material TPs from key stakeholdersAssist in any further admin tasks covering both Risk and Audit, as necessaryAbout You:

In terms of your experience, your attitude is everything, but we''d particularly love to see your:

Bachelor''s degree in computer science, Information Security, Business Management, or a related field.Some tech/IT risk experience, or theoretical knowledgeHighly analytical, self-learning and amazing attention to detailSome knowledge of Cloud Azure/ AWS is advantageousGeneric understanding of regulatory requirements in financial firmsThe ability to work with multiple stakeholders and run different projects at any one timePunctual and timely delivery of all tasksCan be self-sufficient as well as have a collaborative working style when necessaryAbility to research and understand regulatory or industry standard obligations and support their adherenceWhat We Offer:

Flexible Working : 25 days holiday plus bank holidays, bank holiday trading and holiday purchase options, the opportunity to work from anywhere in the world for up to 4 weeks per year, and a flexible hybrid working policy.

Looking After You : Life Assurance, Group Income Protection, Private Medical Insurance, a pension scheme via Salary Exchange, an Employee Assistance Programme, and access to a Virtual GP.

Family-Friendly Policies : Enhanced maternity and paternity pay, as well as paid time off for fertility treatments and pregnancy loss.

Extra Perks : Cycle to Work Scheme, discounts on shops, restaurants, and gym memberships, free fresh fruit daily, and opportunities to join colleague networks and social groups.

Giving Back : One paid volunteering day annually and the Give-As-You-Earn scheme to support your favourite charities.

Equal Opportunity Statement

We value diversity and are committed to creating an inclusive environment for all employees. If you''re passionate about this role but don''t meet all the criteria, please reach out-we''d love to discuss how your skills and experiences align with our needs.

#J-18808-Ljbffr