Senior Cyber & It Risk (Fintech)

TL;DR

Senior Cyber & IT Risk (Fintech): Designing and strengthening the Technology Risk framework and overseeing its implementation, ensuring comprehensive management aligned with regulation and company strategy. Focus on managing risks arising from systems, data, infrastructure, and technology third parties, and acting as the main point of contact with governing bodies and regulators on IT Risk matters.

Location: Mexico City, Mexico. Hybrid work model requires being in the office at least twice a week.

Company

Nu is one of the largest digital financial platforms in the world, with more than 127 million customers across Brazil, Mexico, and Colombia.

What you will do

• Define, update, and oversee the Technology Risk framework, including policies, standards, methodologies, and assessment and reporting criteria.
• Establish, update, and monitor technology risk metrics, consolidating the view of exposure and trends for governing bodies.
• Lead the preparation of regulatory reports and presentations to committees and governing bodies on Technology and Cybersecurity Risk.
• Oversee the management of high-materiality technology and cybersecurity incidents, including proper classification, root-cause analysis, and definition of corrective actions.
• Provide guidance and challenge technology risk assessments for new products, features, and architectures, ensuring consistency and completeness.
• Act as a key advisor to the leadership of Risk, Engineering, Security, Data, and other areas, fostering a strong culture of Technology Risk management.

Requirements

• Minimum of 5 years of experience in cybersecurity or IT Risk Management.
• Bachelors’ degree in Engineering, Computer Science, Information Technology, a Risk Management related field, or equivalent experience.
• In-depth knowledge of IT and cybersecurity risk management concepts, practices and methods.
• Understanding of cloud computing models and cybersecurity concepts.
• Knowledge of risk management frameworks and methodologies to identify, assess and manage risks.
• Fluent in English and Spanish, with exceptional communication skills to articulate complex risk scenarios and strategies effectively.

Nice to have

• Proven experience in risk management within the fintech sector.
• An advanced degree (e.g., MS with concentration in information systems).
• Certificates in information security or IT risk management (CISSP, CEH, OSCP, CISA, CISM, CRISC, ISO27001 and/or other).
• Proficiency in using risk management software, tools, and agile methodologies.

Culture & Benefits

• Chance of earning equity at hirify.global.
• Comprehensive benefits package including food/meal card, transportation benefit, psychological, financial and legal assistance program, life insurance, medical and dental plans.
• Learning and development opportunities through NuLanguage and Nucleo platforms.
• Generous time off with 30 days of paid vacation.
• Support for parents with extended parental leave, daycare allowance, and parental consultancy.
• Work-from-home allowance and gym partnerships.