IT Risk Specialist

Brazil, Sao Paulo

Applications have closed

Nubank

Você finalmente no controle do seu dinheiro. Controle total do cartão de crédito e da conta 100% digital

View all jobs at Nubank

About Us

Nu was born in 2013 with the mission to fight complexity to empower people in their daily lives by reinventing financial services. We are one of the world’s largest digital banking platforms, serving millions of customers across Brazil, Mexico, and Colombia. For more information, visit our institutional page https://international.nubank.com.br/careers/ 

 

About the role

As an IT Risk Specialist, you will play a pivotal role in safeguarding the security, compliance, and risk management of Nubank's technology systems, including microservices and key processes. You will also serve as a subject matter expert in the technology and cybersecurity landscape, guiding the organization through complex challenges and eventually presenting them in Foruns and Risk Committees. Additionally, you will lead critical risk assessment initiatives, propose effective mitigation strategies, collaborate with cross-functional teams to maintain a strong and resilient IT risk management framework, assist the team in complex situations and decision-making, and structure key risk indicators to be followed by risk areas.

 

You'll be responsible for

  • Conduct comprehensive risk assessments across various IT domains, identifying potential vulnerabilities, threats, and impacts. Analyze risks to determine their significance and develop insights for senior management.

  • Monitor regulatory changes and industry best practices to ensure the organization's IT risk management practices remain compliant. Assist in the development and enforcement of IT risk management policies and procedures.

  • Collaborate with incident response teams to develop plans for handling and recovering from IT security incidents. Participate in post-incident analysis and recommend improvements to prevent future occurrences.

  • Communicate complex IT risk issues and solutions to both technical and non-technical stakeholders. Prepare metrics, reports, and updates for senior management and executive leadership.

  • Drive continuous improvement in IT risk management processes. Identify opportunities to enhance existing procedures, tools, and methodologies to adapt to evolving risk landscapes.

  • Provide guidance and mentorship to junior members of the IT risk team. Assist in their professional development by sharing expertise and knowledge.

 

We are looking for a person who has

  • +5 years of experience in Technology and cybersecurity with a focus on risk assessment, analysis, and mitigation.
  • Strong knowledge of technology environments, including information security, identity and access management, cloud-born environments (e.g., AWS and GCP), container and serverless security (e.g.: EKS, GKE, Lambdas), and microservices messaging communication (e.g.: Kafka).

  • Strong ability to translate technical terms into business and executive language, adapting communication for various audiences. 

  • Advanced English communication skills, both written and verbal, are essential.

     

  • Bachelor's degree in Information Security, Computer Science, or a related field.

  • Master's degrees or relevant certifications (e.g., Security Plus, CISA, CISSP, CRISC, and/or other) are pluses.

  • In-depth understanding of information security principles, risk frameworks, and regulatory compliance (e.g., NIST, LGPD, ISO 27001).

 

Our Benefits

  • Chance of earning equity at Nubank
  • Food/ Meal Card (Vale-Refeição and/or Vale Alimentação)
  • Public Transportation Commuting Benefit (Vale-Transporte)
  • NuCare – Psychological, Financial and Legal Assistance Program
  • Life Insurance
  • Medical Plan
  • Dental Plan
  • NuLanguage – Language Course Program
  • Nucleo - Our learning platform of courses
  • Extended Parental Leave
  • Daycare Allowance
  • Parental Consultancy
  • Work-from-home Allowance
  • Gym Partnerships
  • 30 days of paid vacation

 

Our Nu Way of Working 

Our work model is hybrid and has cycles that can be from two to three months according to the business of ​​expertise. For every eight or twelve weeks of remote work, one will be at the office.

 

Links to support:

- English

- Portuguese

- Spanish (Mexico and Colombia)

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0
Category: Compliance Jobs

Tags: AWS Banking CISA CISSP Cloud Compliance Computer Science CRISC GCP IAM Incident response ISO 27001 Kafka Microservices NIST Risk assessment Risk management RMF Vulnerabilities

Perks/benefits: Career development Health care Medical leave Parental leave

Region: South America
Country: Brazil

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.