Security Engineer in London

We are seeking an experienced Security Engineer who thrives at the intersection of cyber risk and security operations. In this key role, you will be a major contributor to our security posture by leading and enhancing core risk programmes like Third-Party Risk Management and Security Awareness, while also providing crucial hands‐on support to our operational security functions.

Who are we? We are Funding Circle. We back small businesses to succeed. At Funding Circle, we believe the world needs small businesses. That’s why we’ve made it our mission to help them get the finance they need to grow. With more than a decade of expertise under our belt, we’ve built a game‐changer of a platform with cutting‐edge data and technology that’s reshaping the landscape of SME lending.

The role:

• Lead and continue to evolve our third‐party risk management (TPRM) programme, performing security risk assessments for new and existing vendors to identify and mitigate potential risks.
• Manage and enhance our company‐wide security awareness programme, delivering engaging training and identifying new ways to foster a strong security‐conscious culture.
• Act as a key contributor during internal and external security audits, helping to gather evidence and formulate clear, concise responses for auditor and regulator inquiries.
• Analyse and report on key security metrics and risk indicators (KRIs), identifying trends to measure the effectiveness of our security programme and inform strategic decisions.
• Provide hands‐on support on Security Operations, assisting with tasks such as incident triage, analysis, and other operational security duties.
• Support the incident response process by providing crucial risk context and ensuring activities align with our overall risk posture.
• Stay current with the evolving threat landscape, industry trends, and new regulations to proactively manage and mitigate emerging cyber risks.

What we’re looking for:

• Significant (4+ years) hands‐on experience in a Cyber Risk, GRC, or Information Security role with a demonstrable focus on risk management and compliance.
• Deep, demonstrable expertise in operating within an Information Security Management System (ISMS) and applying security frameworks (e.g., ISO 27001, NIST CSF, SOC 2) to practical scenarios.
• Proven, hands‐on experience conducting comprehensive risk assessments using established methodologies and managing risks throughout their lifecycle.
• Experience applying and advising on security policies and standards to ensure effective control implementation across the organisation.
• Experience managing or significantly contributing to a third‐party risk management (TPRM) program.
• Proven experience managing and responding to internal and external audits.
• Excellent communication and influencing skills, with the ability to articulate complex security and risk concepts clearly to both technical and non‐technical audiences.
• Ability to work collaboratively across multiple teams and build strong relationships with stakeholders in Procurement, Legal, and Compliance.
• A pragmatic and business‐focused approach to risk management.

Nice to have:

• Relevant industry certifications (e.g., CISM, CRISC, CISA, CISSP).
• Experience with GRC and TPRM tooling.
• Familiarity with security operations tools, such as a SIEM and Endpoint Detection & Response (EDR) platforms.
• Experience in automating compliance evidence collection and reporting.
• Experience working in FinTech or other highly regulated environments.

At Funding Circle we are committed to building diverse teams so please apply even if your past experience doesn’t align perfectly with the requirements.

Why join us? At Funding Circle, we celebrate and support the differences that make you, you. We’re proud to be an equal‐opportunity workplace and affirmative‐action employer. We truly believe that diversity makes us better.

As a flexible‐first employer we offer hybrid working at Funding Circle, and we’ve long believed in a 'best of both' approach to in‐office collaboration and non‐office days. We expect our teams to be in our London office two times a week, where you can take advantage of our newly refurbished hybrid working space, barista made coffee and subsidised lunches every day!

We back our Circlers to build their own incredible career, making a difference to small businesses every day. Our Circler proposition is designed to support employees both in and out of work, and it is anchored around four pillars: Health, Wealth, Development & Lifestyle.

Health: Private Medical Insurance through Aviva, Dental Insurance through Bupa, MediCash, access to free online therapy sessions and exclusive discounts with Hertility for reproductive health support.

Wealth: Octopus Money Coach, free mortgage advisor partnership and discounts across numerous retailers through Perks at Work.

Development: Dedicated annual learning allowance and full access to internal learning platform.

Lifestyle: Wellhub (for fitness discounts), Electric Car Scheme and more!

And finally, we have award‐winning parental leave policies supporting parents through enhanced maternity, partner and adoption leave, as well as additional leave for parental bereavement and for fertility treatments.

Ready to make a difference? We’d love to hear from you.