IT & Cyber Risk Management Specialist

About Us

Nu was born in 2013 with the mission to fight complexity to empower people in their daily lives by reinventing financial services. We are one of the world’s largest digital banking platforms, serving millions of customers across Brazil, Mexico, and Colombia. For more information, visit our institutional page https://international.nubank.com.br/careers/

About the Role

The IT & Cyber Risk Management Specialist is an expert from the second line of defense, tasked with managing IT risk for a regulated fintech. Responsibilities include implementing the IT Risk strategy for Nu Colombia, conducting risk assessments on IT and cybersecurity elements, automating IT risk control tests, monitoring incidents, and ensuring compliance with SFC regulations while enhancing operational efficiency. This role involves working with advanced technologies and collaborating closely with Infosec and Engineering teams, aligning with business needs.

An important aspect of your role will be leading strategic initiatives for both current and emerging IT risks. Your strategic mindset will be key in aligning risk management initiatives with business growth, enabling global and local synergies. You'll need a blend of strategic thinking, adaptability, and strong stakeholder engagement skills to excel in this influential role, that demands effective communication and collaboration with diverse stakeholders throughout the organization.

If you are flexible and adaptable, capable of managing risks, prioritizing and ensuring compliance without hindering the growth of our expanding business, we want to hear from you!

As a Risk Management Specialist - IT & Cyber Risk you'll be expected to:

• Implement the IT Risk strategy for Nu Colombia complying with local regulation but following global standards, from a second line of defense perspective.
• Gain insight into the functioning of global teams related to the function (cloud management and operation, data governance, data privacy, infosec, IT engineering, etc.) and align their efforts with local needs.
• Conduct regular risk assessments on IT systems, applications, and telecom infrastructure to verify control effectiveness, identify potential risks, and define mitigation plans.
• Assess risks in new products and features from an IT and cybersecurity perspective.
• Assess security of external APIs and their infrastructure, ensuring proper risk mitigation controls.
• Provide expertise in IT and cybersecurity risk for implementing new systems, infrastructure, and third-party services, and for changes to existing technology.
• Monitor IT and cybersecurity incidents to spot systematic flaws, analyze incident data to propose mitigations, and align action plans with risk governance.
• Automate IT risk control tests to ensure effective risk control and mitigation.
• Lead strategic initiatives targeted at managing both current and emerging IT risks in Nu Colombia
• Develop executive reports and deliver presentations at technical forums and relevant committees according to the company’s risk management governance framework.

We are looking for a Risk Management Specialist - IT & Cyber Risk who has:

• Bachelor's in Computer Science, MIS, or equivalent experience.
• Proven experience in cybersecurity operations or non-financial risk management.
• Advanced degree (e.g., MS in information systems) preferred.
• Fluency in English and Spanish.
• In-depth knowledge of IT and cybersecurity risk management and frameworks (e.g., MITRE, NIST).
• Understanding of cloud models (IaaS, PaaS, SaaS) and cloud security concepts.
• Familiarity with cybersecurity concepts, DevOps practices, and tools (e.g., CI/CD, containerization).
• Knowledge of risk management frameworks for IT risk assessment and management.
• Information security or IT risk management certifications (e.g., CISSP, CEH) are a plus.
• Previous risk management experience at a Financial company or Fintech (nice to have)
• Good communications skills (having the habit of presenting projects to stakeholders of different backgrounds, knowledge and organizational levels will be considered an advantage)
• Time-management and prioritization skills.

The position is based in Bogotá, Colombia.

Core Benefits:

• Equity at Nubank
• Health insurance
• Vacations of 15 workdays
• Nu Language - Language learning program
• Parental leaves

Diversity and Inclusion at Nu

We want to build products and experiences for everyone who wants to take back control over their finances, that’s why we build strong and diverse teams that rise up to the challenge. We are a team of the most creative people in technology, and we hire under equal opportunity, irrespective of gender, ethnicity, religion, sexual orientation or background. We are proud to say that 30% of our team recognize themselves as part of the LGBTQ+ community, and 40% of our team identify as women, in all positions and seniority levels. We are a very process-light organization that values human interactions, and that is a very important part of our culture. At nu, everyone has the opportunity to speak up and participate, grow and share ideas.

Nubank continues to hire for all open roles, all interviewing and onboarding is done virtually. Everyone new to the team and our current staff will be working from home for 7-8 weeks and 1 at the office (Bogotá).