IT Risk Sr. Analyst

About Us

Nu was born in 2013 with the mission to fight complexity to empower people in their daily lives by reinventing financial services. We are one of the world’s largest digital banking platforms, serving millions of customers across Brazil, Mexico, and Colombia. For more information, visit our institutional page https://international.nubank.com.br/careers/ 

 

About the team

The IT SOx team is responsible to carry out the development of strategies, methodologies, and processes to enable compliance to all Nu Holdings and its companies, designing and overseeing IT control implementations, periodically testing its effectiveness, and recommending proper redesigns or remediations in order to improve maturity. We conduct root cause and severity analyses determining from an overall perspective the level of priority the business areas must have in order to pursue and achieve the right and most frictionless IT control environment in order to sustain our business.

 

About the role

• The SOx IT Sr. Analyst role is about overseeing and reviewing all SOx IT risk initiatives related to long and short-term projects and operations (Brazil, Mexico, and Colombia). This role includes supporting 1LoD to design ITGCs, planning and executing walkthroughs, a test of design (ToD) and test of effectiveness (ToE), identifying improvements in existing operations and processes, and aligning our recommendations to the best-in-breed industry-specific frameworks with key SOx risk objectives. 
• Additionally, drive new analytical initiatives and projects to improve the efficiency of SOx control testing and direct the development and implementation of methodologies and techniques to ensure that practices remain responsive to all relevant customers and stakeholders.

 

You'll be responsible for

• Identify new IT Components in the SOx scope;
• Mapping IT processes and risks and recommending improvements in accordance with best practices;
• Support 1LoD to identify IT key controls and compensatory controls to mitigate the risks
• Execute walkthroughs, tests of design, and tests of effectiveness;
• Analyze the severity of deficiencies;
• Validate the action plans to remediate deficiencies;
• Monitor the action plans and deadlines to remediate the deficiencies identified;
• Use ETL processes for database analysis, datasets, and connections with other services to the continuous assessment of internal controls;
• Participate in internal initiatives focused on the improvement SOx process (e.g. Methodology Update, Risk Management Tool Implementation, Test Automatization, etc.);
• Work closely with the risk management business units to develop and coordinate tailored and integrated initiatives;
• Design from the ground up policies, procedure manuals, technical manuals, methodologies, requirements, and any other risk management-related documentation;
• Track key objectives, indicators, and action plans with the appropriate involved parties, reporting results and proposition of adjustments prior reach the objective target;
• Create relevant materials to enable forums and committees to be informed, discuss, take decisions, and communicate to the proper public.

We are looking for a person who has

• Experience with SOx control testing campaigns, design, and oversight of control implementation;
• Ability to deal with SOx root cause, substantive, and severity analysis definition, conduction, review, and presentation;
• Experience in ETL/ELT in a Cloud Environment
• Knowledge of SQL, Scala, or other data manipulation language
• Knowledge of programming languages
• Experience with internal controls documentation, such as risk matrices, audit working papers, tests of operating effectiveness library, and generally in result reports;
• Ability to align action plan with other areas focused on SLAs and efficiency;
• Ability to support the BU on the new control's creation;
• Expertise in identifying risks and recommending controls;
• Identifying new technologies components and scopes and bringing them to discussion;
• Autonomy and ownership with the need for some level of guidance;
• Previous experience working in Big 4 companies;
• Influencing skills to deal and speak with different levels of stakeholders;
• Clear and concise communication skills;
• Hands-on experience and approach;
• Knowledge in Google Docs, Big Query, Data Bricks, Jira, Confluence;
• Knowledge of blockchain and crypto products
• Advanced level of English.

 

Our Benefits

• Chance of earning equity at Nubank
• Food/ Meal Card (Vale-Refeição and/or Vale Alimentação)
• Public Transportation Commuting Benefit (Vale-Transporte)
• NuCare – Psychological, Financial and Legal Assistance Program
• Life Insurance
• Medical Plan
• Dental Plan
• NuLanguage – Language Course Program
• Nucleo - Our learning platform of courses
• Extended Parental Leave
• Daycare Allowance

 

Our Nu Way of Working 

Our work model is hybrid and has cycles that can be from two to three months according to the business of ​​expertise. For every eight or twelve weeks of remote work, one will be at the office.

https://blog.nu.com.mx/nu-anuncia-modelo-hibrido-de-trabajo/