Risk Model Development Intern supporting quantitative model development for AIRB and IFRS 9 at Equitable Bank, a leading FinTech. Streamlining and automating model development processes.
IS
Hybrid Senior Governance and Awareness Analyst
Posted 4 months ago
About the role
- Analista de Governança e Conscientização Sênior at IBLISS supporting information security governance and compliance initiatives.
Responsibilities
- Support the planning and execution of projects focused on governance, compliance and continuity management;
- Implement standards, policies and procedures that support the information security and risk management framework;
- Lead internal and external audits, ensuring compliance with regulatory standards and best practices;
- Conduct supplier assessments, evaluating cyber risks, contractual compliance and adherence to technical and security requirements;
- Support business continuity management (BCP/DRP), participating in the definition of policies and procedures, training (e.g., table-top exercises) and plan testing;
- Monitor and ensure adherence to laws, frameworks and standards such as ISO 27001/27701, ISO 27005, ISO 31000, ISO 22301, LGPD, NIST CSF and NIST SP 800-53, among others;
- Act in a consultative capacity as a reference for the Governance and Awareness area, advising internal teams and clients;
- Map and review policies, standards and processes;
- Support clients in technical and strategic projects (onsite or remote);
- Participate in committees, meetings and forums with business areas, technology teams and executive leadership when required;
- Assess and respond to privacy incidents when they occur, ensuring appropriate handling and response in accordance with policies and legislation;
- Contribute to the continuous improvement of data protection and privacy practices;
- Support the structuring of processes based on Privacy by Design and Privacy by Default principles;
- Lead educational campaigns and information security culture initiatives, both internally and with clients;
- Plan and execute educational campaigns with accessible, creative content aligned to the target audience;
- Produce materials such as scripts, presentations, remote and in-person activities, trainings, workshops, videos and interactive events;
- Deliver talks, trainings and workshops on security, privacy and digital ethics;
- Develop content for social media, internal communications and institutional materials;
- Conduct social and engagement activities with partners and clients to reinforce the organization’s purpose;
- Conduct risk assessments (current and potential), identifying impacts to compliance and operations;
- Develop, monitor and validate corrective and preventive action plans;
- Monitor risks using indicators and targets;
- Prepare management and executive reports with status and trend analysis.
Requirements
- Proven experience in Governance, Risk, Compliance and Awareness;
- Bachelor’s degree or postgraduate degree in Technology and Security;
- ISO 27001 Lead Auditor certification or equivalent;
- Experience with information security awareness campaigns, including remote and in-person presentations;
- Practical experience in audits and interactions with regulatory bodies;
- Knowledge of standards, laws and frameworks such as: LGPD, GDPR, NIST CSF, NIST SP 800-53, CIS Controls, PCI DSS, COBIT, ITIL, the ISO 27000 family, among others;
- Experience with supplier risk assessments and continuity management (BCM/DRP);
- Analytical profile with the ability to structure action plans;
- Excellent communication, creativity and command of playful and educational language for trainings, activities and presentations;
- Ability to provide consultative support across different areas and hierarchical levels;
- English desirable.
Benefits
- Referral bonus
- Day off on your birthday
- Annual profit-sharing (PLR) proportional and aligned with revenue targets
- Knowledge sharing sessions
- Discounts at educational institutions
- Wellhub
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Financial Risk Analyst ensuring compliance with regulatory limits and analyzing risk indicators at Unicred. Contributing to capital management processes and database operations.
Join Avla as a Junior Risk Management Analyst focusing on operational risks and controls. Ideal for candidates pursuing degrees in relevant fields like Economics or Engineering.
Internal Risk Manager developing and enhancing central Risk Management for Engel & Völkers. Collaborating closely with stakeholders to identify and report risks while promoting an active risk culture.
Supplier Risk Manager overseeing supplier risk management and compliance at Lloyds Banking Group. Building relationships with internal teams and external partners while providing critical risk oversight.
ICT Risk & Third Party Manager collaborating with compliance team on risk management. Driving regulatory compliance and ensuring robust risk reporting for digital asset custody services.
Business Unit Risk Specialist advising on risk management in Corporate Technology & Operations. Engaging with stakeholders and providing expertise on operational risks and compliance.
Manager, Model Risk Management focusing on model validation at Synchrony. Ensuring compliance with regulatory standards in risk management and model governance.
Metadata Governance Lead at Huntington Bank shaping technology and metadata operational standards. Driving consistent governance and enabling high - quality data delivery across the enterprise.
Principal Technology Risk Manager at BECU enhancing technology risk management across a diverse tech ecosystem. Collaborating with teams to mitigate risks and influence executive decisions.