About Nubank

Nu was born in 2013 with the mission to fight complexity to empower people in their daily lives by reinventing financial services. We are one of the world’s largest digital banking platforms, serving millions of customers across Brazil, Mexico, and Colombia.

About the Role

The IT Risk Team is part of the Risk Management Tribe at Nubank and is responsible for identifying and managing technology and information security risks across information technology systems, including microservices, and processes. IT Risk Management consists of helping the business identify threats and vulnerabilities in order to mitigate information technology risks that could materialize and negatively impact data confidentiality, integrity, and availability.

About the role:
As an IT Risk Specialist, you will play a pivotal role in safeguarding the security, compliance, and risk management of Nubank's technology systems, including microservices and key processes. You will also serve as a subject matter expert in the technology and cybersecurity landscape, guiding the organization through complex challenges and eventually presenting them in Foruns and Risk Committees. Additionally, you will lead critical risk assessment initiatives, propose effective mitigation strategies, collaborate with cross-functional teams to maintain a strong and resilient IT risk management framework, assist the team in complex situations and decision-making, and structure key risk indicators to be followed by risk areas.

You will be responsible for

• Conduct comprehensive risk assessments across various IT domains, identifying potential vulnerabilities, threats, and impacts. Analyze risks to determine their significance and develop insights for senior management.
• Monitor regulatory changes and industry best practices to ensure the organization's IT risk management practices remain compliant. Assist in the development and enforcement of IT risk management policies and procedures.
• Collaborate with incident response teams to develop plans for handling and recovering from IT security incidents. Participate in post-incident analysis and recommend improvements to prevent future occurrences.
• Communicate complex IT risk issues and solutions to both technical and non-technical stakeholders. Prepare metrics, reports, and updates for senior management and executive leadership.
• Drive continuous improvement in IT risk management processes. Identify opportunities to enhance existing procedures, tools, and methodologies to adapt to evolving risk landscapes.
• Provide guidance and mentorship to junior members of the IT risk team. Assist in their professional development by sharing expertise and knowledge.

We are looking for a person who has

• +5 years of experience in Technology and cybersecurity with a focus on risk assessment, analysis, and mitigation;
• Strong knowledge of technology environments, including information security, identity and access management, cloud-born environments (e.g., AWS and GCP), container and serverless security (e.g.: EKS, GKE, Lambdas), and microservices messaging communication (e.g.: Kafka);
• Strong ability to translate technical terms into business and executive language, adapting communication for various audiences;
• Advanced English communication skills, both written and verbal, are essential;
• Bachelor's degree in Information Security, Computer Science, or a related field. Master's degrees or relevant certifications (e.g. CISA, CISSP, CISM, CRISC, and/or other) are pluses;
• In-depth understanding of information security principles, risk frameworks, and regulatory compliance (e.g., NIST, LGPD, ISO 27001).
  
  

Our Benefits

• Chance of earning equity at Nubank
• Food/ Meal Card (Vale-Refeição and/or Vale Alimentação)
• Public Transportation Commuting Benefit (Vale-Transporte)
• NuCare – Psychological, Financial and Legal Assistance Program
• Life Insurance
• Medical Plan
• Dental Plan
• NuLanguage – Language Course Program
• Nucleo - Our learning platform of courses
• Extended Parental Leave
• Daycare Allowance
• Parental Consultancy
• Work-from-home Allowance
• Gym Partnerships
• 30 days of paid vacation

Our Nu Way of Working

Our work model is hybrid and has cycles that can be from two to three months according to the business of ​​expertise. For every eleven weeks of remote work, one will be at the office.