dLocal

Risk and Internal Controls Analyst

dLocal

full-time

Posted on:

Location Type: Hybrid

Location: Valletta • 🇲🇹 Malta

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

About the role

  • Reporting to the Malta Risk Manager, This professional will follow dlocal global Risk and Internal Controls standards to evolve the Malta internal control framework, embedding clear control objectives, risk/control matrices, control ownership, and design/operating effectiveness testing across financial, operational, compliance, and technology-related processes.
  • Drive periodic risk and control assessment and entity/process-level scoping; maintain process documentation and narratives, RCMs, flowcharts, and risk-based control testing plans.
  • Lead the annual control testing cycle (design/operating effectiveness), including walkthroughs, sample-based testing, deficiency evaluation, remediation plans, and control re‑testing; produce management reporting and attestations.
  • Champion operational resilience and control reliability: business continuity planning, incident management, and third-party/outsourcing control expectations (in coordination with Risk, IT, Security, and Operations)
  • Ensure the Malta entity’s internal controls and governance practices are consistent with MFSA expectations for internal control, governance, and board oversight; support local regulatory inquiries and inspections as needed.
  • Partner with Technology/InfoSec to strengthen ICT and security risk control requirements (e.g., change management, logical access, backups, monitoring, cyber incident response), aligned to EU guidance for financial entities.
  • Contribute to group initiatives on DORA-readiness where applicable (ICT risk management framework, incident classification/reporting, testing, third-party oversight, and register-of-information inputs), coordinating Malta-specific deliverables and evidence.
  • Support external and internal audit engagements and any regulatory reviews (planning, PBC requests, walkthroughs, issue management and remediation).
  • Where applicable to the Group, support Internal Controls initiatives, specially in regulated countries.
  • Build control culture: develop training, control-owner playbooks, and pragmatic advisory to first/second-line teams; facilitate issue closure and sustainable remediation.
  • Track and report KPIs/KRIs for control health (e.g., testing progress, exception rates, remediation timeliness, incident learnings, third‑party control posture); present to leadership/governance forums.

Requirements

  • Based in Malta (mandatory).
  • Bachelor’s degree in Accounting, Finance, Business, Engineering, Information Systems, or related field.
  • 4+ years in internal controls, internal audit, risk management, or related governance roles within financial services, payments/fintech, or regulated environments.
  • Demonstrable expertise applying the COSO Internal Control–Integrated Framework in designing/testing controls across processes and systems.
  • Working knowledge of operational resilience and operational risk practices aligned with BIS principles (governance, BCP/testing, third‑party/outsourcing, ICT/cyber resilience).
  • Familiarity with MFSA expectations for governance/internal controls for authorised entities operating in/from Malta (proportionality, board oversight, internal control, compliance, and business continuity).
  • Practical understanding of ICT and security risk controls lifecycle (access, change, backup/restore, monitoring, incident/problem) aligned to EBA guidance and, where applicable, DORA requirements for financial entities.
  • Strong test execution and documentation skills (walkthroughs, sampling, testing, root cause analysis, deficiency aggregation/assessment, remediation tracking).
  • Excellent stakeholder management, clear written/oral communication, and the ability to coach process/control owners.
Benefits
  • - Remote work: work from anywhere or one of our offices around the globe!*
  • - Flexibility: we have flexible schedules and we are driven by performance.
  • - Fintech industry: work in a dynamic and ever-evolving environment, with plenty to build and boost your creativity.
  • - Referral bonus program: our internal talents are the best recruiters - refer someone ideal for a role and get rewarded.
  • - Learning & development: get access to a Premium Coursera subscription.
  • - Language classes: we provide free English, Spanish, or Portuguese classes.
  • - Social budget: you'll get a monthly budget to chill out with your team (in person or remotely) and deepen your connections!
  • - dLocal Houses: want to rent a house to spend one week anywhere in the world coworking with your team? We’ve got your back!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
internal controlsinternal auditrisk managementCOSO Internal Control–Integrated Frameworkoperational resilienceoperational risk practicesICT risk controlstest executiondocumentation skillsroot cause analysis
Soft skills
stakeholder managementwritten communicationoral communicationcoachingissue closure facilitationadvisory skillscontrol culture developmentremediation trackingpresentation skillsteam collaboration