Nu was born in 2013 with the mission to fight complexity to empower people in their daily lives by reinventing financial services. We are one of the world’s largest digital banking platforms, serving millions of customers across Brazil, Mexico, and Colombia.About the RoleThe IT Risk Team is part of the Risk Management Tribe at Nubank and is responsible for identifying and managing technology and information security risks across information technology systems, including microservices, and processes. IT Risk Management consists of helping the business identify threats and vulnerabilities in order to mitigate information technology risks that could materialize and negatively impact data confidentiality, integrity, and availability.About the role:As an IT Risk Specialist, you will play a pivotal role in safeguarding the security, compliance, and risk management of Nubank's technology systems, including microservices and key processes. You will also serve as a subject matter expert in the technology and cybersecurity landscape, guiding the organization through complex challenges and eventually presenting them in Foruns and Risk Committees. Additionally, you will lead critical risk assessment initiatives, propose effective mitigation strategies, collaborate with cross-functional teams to maintain a strong and resilient IT risk management framework, assist the team in complex situations and decision-making, and structure key risk indicators to be followed by risk areas.You will be responsible forConduct comprehensive risk assessments across various IT domains, identifying potential vulnerabilities, threats, and impacts. Analyze risks to determine their significance and develop insights for senior management.Monitor regulatory changes and industry best practices to ensure the organization's IT risk management practices remain compliant. Assist in the development and enforcement of IT risk management policies and procedures.Collaborate with incident response teams to develop plans for handling and recovering from IT security incidents. Participate in post-incident analysis and recommend improvements to prevent future occurrences.Communicate complex IT risk issues and solutions to both technical and non-technical stakeholders. Prepare metrics, reports, and updates for senior management and executive leadership.Drive continuous improvement in IT risk management processes. Identify opportunities to enhance existing procedures, tools, and methodologies to adapt to evolving risk landscapes.Provide guidance and mentorship to junior members of the IT risk team. Assist in their professional development by sharing expertise and knowledge.We are looking for a person who has+5 years of experience in Technology and cybersecurity with a focus on risk assessment, analysis, and mitigation;Strong knowledge of technology environments, including information security, identity and access management, cloud-born environments (e.g., AWS and GCP), container and serverless security (e.g.: EKS, GKE, Lambdas), and microservices messaging communication (e.g.: Kafka);Strong ability to translate technical terms into business and executive language, adapting communication for various audiences;Advanced English communication skills, both written and verbal, are essential;Bachelor's degree in Information Security, Computer Science, or a related field. Master's degrees or relevant certifications (e.g. CISA, CISSP, CISM, CRISC, and/or other) are pluses;In-depth understanding of information security principles, risk frameworks, and regulatory compliance (e.g., NIST, LGPD, ISO 27001).BenefitsChance of earning equity at NubankPublic Transportation Commuting Benefit (Vale-Transporte)NuCare – Psychological, Financial and Legal Assistance ProgramLife InsuranceMedical PlanNuLanguage – Language Course ProgramNucleo - Our learning platform of coursesExtended Parental LeaveDaycare AllowanceParental ConsultancyWork-from-home Allowance30 days of paid vacationOur Nu Way of WorkingOur work model is hybrid and has cycles that can be from two to three months according to the business of expertise. For every eleven weeks of remote work, one will be at the office.Apply for this job* indicates a required fieldFirst Name *Last Name *Email *PhoneResume/CV *Enter manuallyAccepted file types: pdf, doc, docx, txt, rtfLinkedIn ProfileWebsiteWhat is your english proficiency? * Select...Do you have previous experience working with cloud-born environments (e.g., AWS and GCP)? * Select...Do you have previous experience working with Technology and cybersecurity with a focus on risk assessment, analysis, and mitigation? * Select...
#J-18808-Ljbffr