Sicredi

Internal IT Auditor – Focus on Information Security

Sicredi

full-time

Posted on:

Location Type: Hybrid

Location: Porto AlegreBrazil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Linux

About the role

  • Plan and execute independent, risk- and control-based assessments focused on Information Security and Cybersecurity processes in accordance with internal methodology;
  • Prepare and present reports that reflect internal audit results as well as weaknesses and recommendations identified during the audit process;
  • Perform independent assessments of risk management, internal controls, and corporate governance processes established at Sicredi;
  • Support the assessment of Internal Audit’s strategic drivers and priorities to act as a facilitator in identifying risks and risk factors that could materially impact the achievement of strategic objectives;
  • Assess whether the organization complies with applicable official regulations;
  • Contribute to Sicredi’s sustainable development through preventive and educational actions;
  • Promote the development of a systemic risk management culture.

Requirements

  • Proven experience in auditing and/or consulting firms or roles, with solid knowledge of Information Security and Cybersecurity;
  • Bachelor's degree in Information Technology (IT), Information Security (IS), or a related field;
  • Knowledge of Information Security Management Systems (ISMS) such as ISO/IEC 27001, ISO/IEC 27002, and frameworks like NIST and CIS Controls;
  • Knowledge of information security process risks and controls;
  • Stay up to date on cyber threats and trends, adapting strategies as necessary;
  • Knowledge of operating systems (Windows, Linux);
  • Knowledge of network security, identity and access management, and secure development lifecycle;
  • Collaborate with other IT/IS teams to improve the company's security posture;
  • Data-driven: Ability to collect, analyze and interpret large volumes of data to identify trends, anomalies, and assess potential risks, supporting audits with concrete evidence;
  • Postgraduate degree in Audit or Information/Cyber Security is a plus;
  • Certifications in information/cyber security are a plus;
  • Knowledge of Audit Project Management tools (SE Suite, TeamMate+ Audit, etc.) is a plus;
  • Knowledge of Risk Management (ISO 31000);
  • Intermediate English.
Benefits
  • Fixed 14th and 15th salaries;
  • Profit-sharing / Performance-based bonuses (according to seniority);
  • Health and Dental plan with no co-pay;
  • Wellness programs with Wellhub (formerly Gympass): Nutrition, Psychology, Occupational Health, Massage, running groups, and local gym access;
  • Meal Allowance and Food Voucher – flexible percentage allocation between cards (VA/VR), without co-pay;
  • Extended maternity and paternity leave;
  • Childcare or nanny assistance for children up to 6 years and 11 months;
  • Assistance for children with disabilities, with no age limit;
  • Life insurance;
  • Private pension plan up to 8% of salary;
  • Training platform – Sicredi Aprende, offering a wide range of courses;
  • 40-hour workweek – using a time bank system;
  • Remote work allowance (except for positions that are 100% on-site).
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityCybersecurityInformation Security Management Systems (ISMS)ISO/IEC 27001ISO/IEC 27002NISTCIS Controlsnetwork securityidentity and access managementsecure development lifecycle
Soft Skills
risk managementdata analysiscommunicationcollaborationstrategic thinkingproblem-solvingpresentation skillseducational actionsfacilitationorganizational skills
Certifications
Postgraduate degree in AuditPostgraduate degree in Information SecurityCertifications in information securityCertifications in cyber security