CrawlJobs Logo

Standards and Risk Auditor

United Kingdom, Derby 35000.00 - 40000.00 GBP / Year · Job Posted March 14, 2026
Apply Position
Job Link Share

Job Description

Stonebridge is one of the UK’s leading mortgage and protection networks, supporting more than 1,300 advisers nationwide. We’re looking for a motivated and detail‑driven Standards & Risk Auditor to join our Risk & Audit Team. If you have experience in second‑line compliance monitoring, quality assurance, or oversight—ideally within a mortgage network or intermediary environment—this role offers the chance to make a meaningful impact. We also welcome strong second‑line experience from wider financial services. This role plays a key part in maintaining Stonebridge’s high standards and helping advisers deliver consistently great outcomes for their clients.

Job Responsibility

  • Lead risk‑based second‑line compliance monitoring reviews
  • Contribute to the design and implementation of the compliance monitoring plan
  • Assess first‑line systems, controls, customer journeys, and QA processes
  • Produce clear audit reports and track remediation to completion
  • Review and close Suspicious Activity Reports (SARs)
  • Coordinate lender reviews and manage stakeholder communication
  • Prepare MI and reports for governance committees

Requirements

  • Experience in second‑line compliance, QA, or oversight (mortgage networks preferred
  • wider Financial Services considered)
  • Strong understanding of FCA frameworks (MCOB, ICOBS, SYSC,SUP)
  • Awareness of AML/CTF obligations and SAR handling
  • Strong analytical, written, and verbal communication skills
  • Ability to manage multiple audits and deadlines
  • CeMAP (desirable) or willingness to work towards it
  • Ability to meet all pre‑employment screening requirements (code of conduct, right to work, referencing, AML, credit, sanctions, DBS)

Nice to have

CeMAP (desirable) or willingness to work towards it

What we offer

  • Supportive, open, and collaborative culture
  • (non-contractual) performance‑related bonus
  • 22 days’ holiday + birthday off + extra days for length of service
  • Company pension with optional matched contributions
  • Hybrid working from our Derby office + some home‑working flexibility
  • Free breakfast, lunch, snacks, and drinks in the office
  • Volunteering days, wellbeing “me time”, and employee recognition schemes
  • Retail discounts and salary‑sacrifice benefits (home tech, cycle to work, pension)
  • Gym subsidy, company sick pay, EAP support
  • Option to buy additional holiday
  • £500 referral scheme
  • Death in service and critical illness cover

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Standards and Risk Auditor

8 matching positions

Senior Auditor Risk and Models

The Senior Auditor is an intermediate level role responsible for performing mode...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Effective verbal and written communication and negotiation skills
  • Subject matter expertise regarding audit technology's application
  • Effective project management skills
  • Effective influencing and relationship management skills
  • Demonstrated ability to remain unbiased in a diverse working environment
  • Bachelor's/University degree or equivalent experience
  • Licenciatura en Actuaría, Economía, Finanzas y/o afín
  • Indispensable Experiencia en Auditoría Interna y/o Control Interno (tercera o segunda línea de defensa)
  • Experiencia en el sector financiero
Job Responsibility
Job Responsibility
  • Perform moderately complex audits including drafting audit reports, presenting issues to the business, and discussing practical solutions
  • Draft audit reports and present issues to the business while discussing practical cross-functional solutions
  • Complete assigned audits within budgeted timeframes, and budgeted costs
  • Monitor, assess, and recommend solutions to emerging risks
  • Contribute to the development of audit processes improvements, including the development of automated routines
  • Apply internal audit standards, policies, and regulations to provide timely audit assurance and influence audit scope
  • Develop effective line management relationships to ensure strong understanding of the business
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and /or other team members
  • Fulltime
Read More
Arrow Right

Compliance and Risk Manager

Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 04, 2026
Flip Icon
Requirements
Requirements
  • 15 years of experience
Job Responsibility
Job Responsibility
  • Develop, implement, and maintain compliance programs aligned with Indian regulatory requirements, international best practices and Companys global compliance framework
  • Monitor evolving applicable laws, regulations, and regulatory obligations relevant to the GCC, assessing impact and driving timely updates to policies, procedures, and controls
  • Oversee local regulatory registrations, licenses, filings, and statutory obligations, ensuring accuracy, timeliness, and ongoing compliance
  • Act as the primary compliance liaison for India‑based regulators, auditors, and external advisors, in coordination with global Legal and Compliance teams
  • Drive compliance awareness and training initiatives across all levels of the organization
  • Support the maintenance of global regulatory registries, legal entity records, and compliance attestations related to operations
  • Review, assess, and advise on policy exception requests, ensuring appropriate documentation, risk awareness, and governance approvals
  • Ensure compliance policies and standards are clearly communicated, accessible, and understood across the GCC
  • Keep employees informed of compliance‑related changes through targeted communications and updates
  • Compliance‑related and operational risks impacting Companys & GCC activities, including regulatory, third‑party, and reputational risks
  • Fulltime
!
Read More
Arrow Right

Global Head of Cyber Risk and Compliance

The Technology & Cyber Compliance and Operational Risk Office (TCCORO) at Citi i...
Location
Location
United States , Irving, Texas, United States, New York, New York, United States
Salary
Salary:
250000.00 - 500000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years' experience in technology risk and/or cyber risk management in the banking/financial services industry, or related field, with at least 5+ years in 2nd or 3rd line senior leadership positions
  • Subject matter expert in technology risk and/or cyber risk management principles and practices across various information system architecture and engineering domains
  • Proven experience in managing complex risk portfolios and developing strategic risk management frameworks for large organizations
  • Robust understanding of operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices
  • Experience managing and overseeing large remediation and transformation programs to achieve intended results
  • Extensive experience in effective written and verbal communication with executive audiences including Boards
  • Experienced risk challenger who balances risks vs. rewards aligned with corporate risk culture
  • Understanding of Citi products and services and downstream impacts of technology risk and/or cyber risk strategy
  • Professional certifications in either technology risk and/or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI
  • In-depth, working knowledge of banking technologies, fraud, cybercrime detection and countermeasures, encryption, data retention, as well as information security support for segregation of duties, application development, network and systems operation, testing and vendor management
Job Responsibility
Job Responsibility
  • Oversight and challenge of the cybersecurity incident response programs
  • Oversight of the security operations center (SOC) and cybersecurity fusion center (CSFC)
  • Oversight of cybersecurity penetration testing and red-team operations
  • Oversight of the Chief Information Security Office (CISO), including the review of the effectiveness of the controls, standards and programs across the enterprise
  • Implementation of guidance for overseeing Emerging Technology and Operational Risks, in compliance with OCC Heightened Standards
  • Able to present and lead discussions with key Regulators, internal and external auditors, as well the Board of Directors and the Risk and Audit sub-committees
  • Governance and Oversight of security risks impacting the business and technology
  • Support in the development of Cyber Policy and Standards
  • Oversight of Key Operational Risks and related indicators and thresholds
  • Challenge of Cyber Risk Self Assessments
What we offer
What we offer
  • Discretionary and formulaic incentive and retention awards
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Audit Quality - Audit Stream Risk and Reporting Senior Manager

Providing Audit assistance and expertise that makes an impact. An opportunity fo...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
bdo.co.uk Logo
BDO UK LLP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • ACA or similar professional accountancy qualification
  • Recent audit experience working on PIE and listed audit engagements or performed an internal role advising on PIE and listed entities
  • Excellent practical and technical audit risk and reporting experience
  • Ability to be objective and sceptical and to have confidence to challenge more senior members of an audit team
  • Ability to work both independently and collaboratively as part of a small team and able to use own initiative
  • Ability to think innovatively and creatively to identify ways to improve processes and guidance
  • Attention to detail
  • Excellent communication skills, both written and verbal, including an ability to communicate difficult messages
  • Takes personal responsibility and accountability for own work
Job Responsibility
Job Responsibility
  • Triaging and handling queries on form and content of audit report, engagement letters and other reporting matters
  • Review and approval of non-standard engagement letters, amendments to terms of business, hold harmless letters and NDAs
  • Advise on audit stream risk issues that emerge ensuring that the correct support is provided to the audit team and review of audit working papers when required
  • Approval of modified audit reports and non-standard audit reports including component auditor reporting
  • Take responsibility for ad hoc projects and ensure that all processes and controls related to audit stream risk and reporting are correctly implemented to support a System of Quality Management, ensuring that any remediation points are addressed
  • Proactively identify wider risk and reporting issues and implement policies and guidance to assist the audit teams
  • Write and maintain templates, manuals, guidance and articles for use by the audit teams
  • Contribute to audit quality initiatives led by the wider Audit Quality Department
What we offer
What we offer
  • Health and wellness programmes
  • Pension Plan
  • Private Medical
  • Income Protection Plan
  • Holidays
  • Bike to Work Scheme
Read More
Arrow Right

Information Security Auditor & Standards Lead

We are seeking a highly experienced Information Security Auditor & Standards Lea...
Location
Location
India
Salary
Salary:
Not provided
bridgesoft.com Logo
Bridge Soft Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8 years of experience in Information Security Auditing / GRC
  • Strong hands-on experience with ISO 27001 and SOC 1 / SOC 2 audits
  • Strong understanding of security principles and control frameworks
  • Excellent communication and documentation skills
Job Responsibility
Job Responsibility
  • Act as Subject Matter Expert (SME) for ISO 27001, SOC 1 / SOC 2, NIST, and CIS frameworks
  • Interpret security standards and translate requirements into auditable controls
  • Ensure controls are designed, implemented, and maintained effectively
  • Provide guidance on mandatory requirements versus best practices
  • Plan and manage ISO 27001 and SOC audits end-to-end
  • Conduct internal audits and ongoing compliance assessments
  • Serve as primary point of contact for auditors and certification bodies
  • Track audit findings, non-conformities, and corrective actions to closure
  • Own and maintain the Information Security Management System (ISMS)
  • Maintain risk assessments, risk treatment plans, and Statement of Applicability (SoA)
  • Fulltime
Read More
Arrow Right

Risk & Compliance Auditor

J. J. Keller is seeking a Risk & Compliance Auditor to help strengthen and maint...
Location
Location
United States , Neenah
Salary
Salary:
Not provided
themuse.com Logo
The Muse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Business or related field required
  • Minimum of 3 years of related auditing experience required, including exposure to information security controls
  • Experience addressing security and compliance terms in commercial contracts
  • Experience with ISO 27001 and privacy frameworks, and auditing to those frameworks
  • Experience completing security questionnaires and evaluating vendors
  • Experience with Governance, Risk and Compliance tools
  • Strong interpersonal, written, and verbal communication and presentation skills
  • Strong analytical, problem-solving, and conflict management skills
  • A curious and practical mindset that can balance compliance with ethical and business needs
  • Ability to work cross-functionally, with many teams, including sales, infrastructure, security, and product teams
Job Responsibility
Job Responsibility
  • Coordinates and conducts internal and external audits for SOC 2 Type II, ISO 27001, PCI-DSS, Professional Background Screening Association standards (FCRA) and other standards
  • Evaluates audit results, recommends improvements, and issues deficiency notices as needed
  • Evaluates, monitors and consults on resulting corrective action plans and remediation efforts
  • Coordinates and manages the completion of penetration tests with external consultants and internal resources, and the development, implementation, and monitoring of related corrective action plans, and distribution of resulting reports to interested parties
  • Reviews policies, guidance and training for information security, and provides consulting services promoting overall achievement of corporate security objectives and compliance with regulatory and customer requirements
  • Maintains security incident response plans and metrics
  • Leads evaluation of security incident reports, and execution of incident response efforts, including task management, resource coordination, after action reviews, and incident documentation
  • Participates in business continuity efforts by assisting with annual security incident tabletop exercises and generating a post-exercise review
  • Manages the Optro Governance, Risk & Compliance software platform, including creating audits, deploying audit questions, entering corrective actions, generating reports and monitoring completion status
  • Triages security policy exceptions
What we offer
What we offer
  • Health Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short-Term Disability
  • Long-Term Disability
  • FSA
  • On-Site Gym
  • Mental Health Benefits
  • Virtual Fitness Classes
  • Fulltime
Read More
Arrow Right