Senior Risk & Operational Resilience Manager

About Finova 

Finova is the UK’s largest financial services technology provider, supporting one in every five mortgages nationwide. Our agile, cloud-native solutions enable over 60 banks, building societies, specialist lenders, equity release providers and a network of 2,400+ brokers to stay ahead in a competitive market.

Built on open architecture and backed by deep industry expertise, our platform is designed to scale. Each year, we process over £50 billion in loans, manage nearly £50 billion in savings, and support the digital servicing of more than 650,000 UK borrower accounts.

Be part of a team that’s driving innovation, enabling growth and shaping the future of UK lending.

For Lenders 

Finova offers a flexible, modular technology suite designed to help lenders move faster, scale efficiently and deliver standout digital experiences.

Financial Institutions use Finova to launch products faster, process applications up to 50% more efficiently and reduce operational costs — all while staying fully compliant in a fast-moving market. 

About the Role:

What will you be doing?

We’re looking for a Risk & Compliance Officer to provide essential support to the Risk & Compliance function. This role will help maintain key frameworks, ensure accurate documentation, and assist with governance processes. It’s an ideal position for someone looking to build a career in risk management and compliance within a dynamic fintech environment.

Risk & Compliance

• Maintain and update risk registers under guidance from senior team members.
• Complete routine controls and assurance activities to support compliance and risk oversight, ensuring evidence is documented and gaps are escalated
• Act as the key contact for the Governance, Risk & Compliance (GRC) tool, providing user support and ensuring all data is accurate, up-to-date, and aligned with reporting requirements.
• Support the coordination of governance meetings, including preparing agendas, collating materials, and recording actions.
• Assist with tracking risk events and remediation activities, ensuring timely updates in relevant systems.
• Help maintain risk-related policies, procedures, and Standard Operating Procedures (SOPs).
• Provide administrative support for internal and external audits, including ISO accreditation processes.
• ISO Control Framework Support
• Assist with evidence collection for ISO audits and policy refresh cycles.
• Help maintain documentation for ISO27001 controls and processes.
• Coordinate with internal stakeholders to gather audit evidence and ensure consistency in SOPs.

Third-Party Risk Management

• Maintain the third-party register and support onboarding due diligence processes.
• Assist with scheduling and tracking supplier risk assessments and annual reviews.
• Carry out oversight assurance activities on third party performance and management

Operational Resilience Support

• Help maintain documentation for Disaster Recovery (DR) and Business Continuity Planning (BCP).
• Support the collection and organization of Business Impact Assessments (BIAs) and resilience testing evidence.

Reporting & Data Management

• Assist in preparing risk and compliance reports for senior leadership.
• Support the development of dashboards and reporting tools (e.g., PowerBI) by providing accurate data inputs.

About You:

In terms of your experience, your attitude is everything, but we'd particularly love to see your:

• Minimum 8 years in risk management, with at least 5 years in a management role.
• Proven experience designing and implementing risk and compliance frameworks in low-maturity environments.
• Strong knowledge of IT control standards (ISO 27001/17, NIST, ITGCs, COBIT).
• Experience in SaaS or software development environments preferred.
• Ability to partner with senior stakeholders and influence risk culture across the organization.
• Excellent analytical, communication, and governance reporting skills.
• Degree in a relevant field (BA or Masters preferred).
• Familiarity with operational resilience and third-party risk management frameworks.
• Self-starter with a proactive mindset and ability to work independently.

What We Offer:

Hybrid working: At Finova, we believe the best outcomes come from working together - and having the flexibility to work in a way that suits both our people and our business. We operate a hybrid working model, with most teams spending around three days a week in the office and with our customers. This time together helps us stay connected, collaborate more effectively, and solve complex challenges as a team. We also know that flexibility matters. Our approach is designed to support a healthy balance, combining in-person collaboration with the freedom to work remotely where it makes sense.

Holiday: 25 days holiday plus bank holidays, bank holiday trading and holiday purchase options, the opportunity to work from anywhere in the world for up to 4 weeks per year.

Looking After You: Life Assurance, Group Income Protection, Private Medical Insurance, a pension scheme via Salary Exchange, an Employee Assistance Programme, and access to a Virtual GP.

Family-Friendly Policies: Enhanced maternity and paternity pay, as well as paid time off for fertility treatments and pregnancy loss.

Extra Perks: Cycle to Work Scheme, discounts on shops, restaurants, and gym memberships, free fresh fruit daily, and opportunities to join colleague networks and social groups.

Giving Back: One paid volunteering day annually and the Give-As-You-Earn scheme to support your favourite charities.

Equal Opportunity Statement

We value diversity and are committed to creating an inclusive environment for all employees. If you’re passionate about this role but don’t meet all the criteria, please reach out—we’d love to discuss how your skills and experiences align with our needs.