Sicredi

IT Internal Auditor – Information Security Focus

Sicredi

full-time

Posted on:

Location Type: Hybrid

Location: Porto AlegreBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Linux

About the role

  • Plan and execute independent, risk- and control-based assessments focused on Information Security and Cybersecurity processes in accordance with the internal methodology;
  • Prepare and present reports that reflect the results of internal audits, including weaknesses and recommendations identified during the audit process;
  • Perform independent assessments of risk management, internal controls and corporate governance processes established at Sicredi;
  • Support the evaluation of Internal Audit strategic drivers and priorities to act as a facilitator in identifying risks and risk factors that may materially impact the achievement of strategic objectives;
  • Assess whether the organization is in compliance with applicable official regulations;
  • Contribute to Sicredi's sustainable development through preventive and educational actions;
  • Promote the development of a systemic risk management culture.

Requirements

  • Proven experience in auditing and/or consultancy firms or in audit roles, with solid knowledge of Information Security and Cybersecurity;
  • Bachelor's degree in Information Technology (IT), Information Security (IS) or related fields;
  • Knowledge of Information Security Management Systems (ISMS) such as ISO/IEC 27001, ISO/IEC 27002, and frameworks like NIST and CIS Controls;
  • Knowledge of information security process risks and controls;
  • Keep up to date on cyber threats and trends, adapting strategies as necessary;
  • Knowledge of operating systems (Windows, Linux);
  • Knowledge of network security, identity and access management, and secure development lifecycle;
  • Collaborate with other IT/IS teams to improve the company’s security posture;
  • Data-driven: ability to collect, analyze and interpret large volumes of data to identify trends, anomalies and assess potential risks, grounding audits in concrete evidence;
  • Postgraduate degree in Audit or Information/Cybersecurity is a plus;
  • Certifications in information security/cybersecurity are a plus;
  • Knowledge of Audit Management Tools (SE Suite, TeamMate+ Audit, etc.) is a plus;
  • Knowledge of Risk Management (ISO 31000);
  • Intermediate English.
Benefits
  • 14th and 15th fixed salaries;
  • Profit-sharing (according to seniority);
  • Health and dental plans with no co-payment;
  • Wellbeing programs with Wellhub (formerly Gympass), nutrition, psychology, occupational health, massage, running group and local gym;
  • Meal and Food Vouchers – flexible allocation percentage between meal and food cards, no co-payment;
  • Extended maternity and paternity leave;
  • Childcare or babysitter assistance for children up to 6 years and 11 months;
  • Assistance for children with disabilities, no age limit;
  • Life insurance;
  • Private pension up to 8% of salary;
  • Training platform – Sicredi Aprende, offering a variety of courses;
  • 40-hour workweek – using a time bank system;
  • Home office allowance (except for positions requiring 100% on-site presence).
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityCybersecurityInformation Security Management SystemsISO/IEC 27001ISO/IEC 27002NISTCIS Controlsnetwork securityidentity and access managementsecure development lifecycle
Soft Skills
risk managementdata analysiscommunicationcollaborationstrategic thinkingproblem-solvingpresentation skillseducational actionsfacilitationadaptability
Certifications
information security certificationcybersecurity certificationpostgraduate degree in Auditpostgraduate degree in Information/Cybersecurity