Senior IT/Cybersecurity Auditor
Nu was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationship with money across Latin America. With operations in Brazil, Mexico and Colombia, Nu is today one of the world's largest digital banking platforms, reinventing over 48 million customers' financial lives.
Nu achieved this by offering a no-fee credit card, entirely managed by a mobile app. Throughout the years, Nu raised around US$2 billion with some of the best-known growth and technology investors in the world, such as Berkshire Hathaway, Sequoia, DST, Tencent, Tiger, Kaszek, Founders Fund, Dragoneer, TCV, Redpoint, Ribbit, GIC, Whale Rock, Invesco, QED, and Capital Group.Today, Nu is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States) and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.mx.
About the team
At Nu Mexico, our Internal Auditors protect Nu while challenging traditional audit by embracing technology. It’s the auditors' job to assess the internal controls of Nu main risks and provide assurance, advisory, and insights about them, helping our company grow healthy.
Truly great Internal Auditors at Nu will go beyond the traditional audit, pursuing innovation with freedom. Will always work hard to add value, taking no shortcuts and not being picky with small issues. Following this path will be recognized in the market as a pioneer in technology-based audit techniques.
About the role
You will be part of the Mexican Audit team and will be responsible to cover IT and cybersecurity risks. Your role will include:
- Participation and conduction of audit fieldwork, through test execution including data analysis as well as production of the final report together with the team;
- Identification of issues and discussion with relevant stakeholders;
- Follow-up of action plans to ensure their correct implementation;
- Participation in continuous assessment of risks through data and risk analysis and preparation of annual audit plan;
You will be an Internal Audit reference in IT/information security for auditors and other areas of Nubank, interacting with stakeholders from the first and second lines of defense. You will also act as a knowledge multiplier, sharing your experience and training other auditors to elevate the team's technical skills, while actively participating in Internal Audit's strategic projects.
And you'll be doing all this in an environment full of new technologies and tools, having to continually study and understand the environment as Nubank evolves and changes, with the freedom and incentive to create new and more efficient ways of assessing the company's risks .
- A bachelor’s or master’s degree in information technology/computer information systems or related;
- At least 5 years of work experience in Information Security or IT risk, or as an external IT auditor within a big 4 company, or an IT internal auditor;
- Ability to apply technology and information security frameworks in environments that use agile methodologies;
- A thorough understanding of principles and controls of technology and information security governance;
- Basic to intermediate knowledge of SQL, Scala or other data exploration/manipulation language. Plus: Have knowledge in Python, PySpark, Databricks, Apache AirFlow, knowledge in MS Power BI, BI, ETL, Data Warehouse, Big Data/Data Lake/Lake House concepts, some knowledge in SAP platforms, Kafka, Oracle Database, or Oracle ODI;
- Solid analytical background. Must be comfortable manipulating data to perform audits;
- Experience with SPEI audits and with CNBV information security requirements for Financial Institutions;
- Advanced English skills;
- Great team player, communication (written and verbal) and listening skills;
- Hands-on and willing to get hands dirty on execution;
- Strong prioritization and organization skills;
- Self-starter and ability to work independently.
- Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
- Vacations equal to 17 days
- Year end bonus (“aguinaldo”) equal to 1 month
- Equity at Nu
- Vales de despensa
- Health insurance
- Dental and Vision Insurance
- NuCare - Our mental health and wellness assistance program
- NuLanguage - Our language learning program