25 Empregos para Certified Information Systems Auditor - Brasil

Oportunidade em Segurança da Informação

Estamos contratando
Auditor/Compliance de Segurança de TI Sênior
para atuar no
Tribunal de Justiça de Mato Grosso

Modalidade: Híbrido

Remuneração:
R$ 17.586,08

O que você vai fazer

• Liderar políticas, processos e auditorias de Segurança da Informação;
• Avaliar riscos, maturidade de segurança e propor melhorias;
• Coordenar equipes e projetos de compliance e proteção de dados;
• Garantir aderência a normas como LGPD, ISO, COBIT e NIST.

O que buscamos

• +12 anos de experiência em TI, sendo +6 em Segurança da Informação;
• Vivência em gestão de equipes e projetos;
• Formação em TI ou qualquer área + MBA/Especialização em Segurança da Informação;
• Certificação (mínimo 1): CISSP, CISM, CEH, CISA, CySA+, Security+, LGPD, entre outras.

Se você é apaixonado(a) por
Segurança, Compliance e Governança
, essa vaga é para você

Candidate-se enviando seu currículo atualizado.

Marque alguém da sua rede que tenha o perfil

Transformar vidas com saúde é o que nos move

Atuamos em todo o Brasil por meio de duas unidades de negócios, Amil e Rede Total Care, com mais de 1.500 hospitais credenciados e uma rede própria de hospitais, clínicas, centros de tratamento, home care e transporte médico.

Com uma missão clara e valores sólidos, fortalecemos nossa cultura com compromisso de servir sempre melhor. Cuidamos das nossas pessoas colaboradoras para que esse cuidado se reflita na população que atendemos.

Principais Responsabilidades:

• Conduzir e apoiar investigações corporativas de média complexidade, garantindo a correta apuração dos fatos, a preservação da integridade e o cumprimento das políticas internas e externas aplicadas ao caso;
• Realizar atividades inerentes a área de Compliance em seus diversos aspectos: Elaboração de atas, coletar, organizar e analisar evidências, confeccionar sumário executivo, relatórios e realizar o follow-up das recomendações;
• Disseminar conhecimento e apoio para o analista júnior e assistentes / analistas / auxiliares e estagiários.

Qualificações Necessárias:

• Ensino Superior completo;
• Experiência em Investigações Corporativas e Compliance;
• Experiência na condução de entrevistas investigativas;
• Experiência em confecção de relatórios e apresentações referentes às investigações;
• Conhecimento no Pacote Office;
• Disponibilidade para atuar no modelo de trabalho presencial (Morumbi, São Paulo).

Palavras-Chave: Amil, Auditor, Auditora, Compliance, Investigações Corporativas, Diversidade, Inclusão, Equidade, PcD, Pessoa com Deficiência, São Paulo, Morumbi, SP.

Promovemos uma cultura inovadora, diversa, equitativa e inclusiva. Todas as candidaturas qualificadas são bem-vindas, sem distinção de etnia, raça, deficiência, orientação sexual, identidade ou expressão de gênero, idade, nacionalidade, religião ou qualquer outro marcador social.

Reforçamos que não solicitamos pagamentos, taxas ou códigos SMS em nossos processos seletivos. Todas as oportunidades estão disponíveis em nossos canais oficiais e no nosso site de carreira. Qualquer situação diferente deve ser denunciada.

Our Client is one of the United States' largest insurers, providing a wide range of insurance and financial services products with gross written premium well over US$25 Billion (P&C). They proudly serve more than 10 million U.S. households with more than 19 million individual policies across all 50 states through the efforts of over 48,000 exclusive and independent agents and nearly 18,500 employees. Finally, our Client is part of one the largest Insurance Groups in the world.

What to expect on your journey with us:

• A solid and innovative company with a strong market presence

• A dynamic, diverse, and collaborative work environment

• Leaders with deep market knowledge and strategic vision

We will count on you for:

• Executes SOX/MAR compliance IT engagements to cover key risks and contribute to production of meaningful audit reports that clearly articulate the position on risks and related issues.
• Understands company's Information Technology control environment to assess and evaluate the design, effectiveness and efficiency of internal controls and operating practices across all functions.
• Assess design and operating effectiveness of IT controls under ICFR framework and performs deficiency assessments, with minimal supervision. Interacts with clients to gain agreement on identified deficiencies.
• Prepares documentation including workpapers and reports.
• Assist in the development of agendas, audit objectives and scope, test procedures, and requests lists.
• Ensures all workpapers, periodic status reports, and compilation of related artifacts are completed timely and accurately to meet QA testing standards.
• Performs assessments of technology processes, tools, and technologies new to the company.
• Clearly and timely communicate potential issues and evaluate corrective action plans.
• Actively seeks out industry best practices to develop and implement improvements to ICFR IT audit methodology, client service and administrative processes, including enhancements to audit programs and approach.
• Practices a continuous learning approach to maintain and expand technical breadth and depth knowledge.
• Acts as a mentor and coach to the junior members and contractors of the team and lead by example.
• Takes ownership of tasks and collaborating with the team on delivery of multiple engagements.
• Assist with various internal team and department initiatives.

• Bachelor's degree required in accounting, finance, information systems, or related business field.
• Experience in IT audit/risk management role.
• Experience working in an audit firm or internal audit function is preferred.
• CISA, CISSP, CISM, CPA, CIA or other comparable designation is required.
• Working knowledge or prior experience with information systems and operations used in the insurance industry and financial services industry is preferred.
• Strong technical knowledge and experience with risk-based IT auditing methodologies and testing of IT General and Application Controls in a regulated environment preferred.
• Working knowledge or prior experience with information systems and operations used in the insurance industry and financial services industry is preferred.

This position comes with competitive compensation and benefits package:

1. Competitive salary and performance-based bonuses
2. Comprehensive benefits package
3. Career development and training opportunities
4. Flexible work arrangements (remote and/or office-based)
5. Dynamic and inclusive work culture within a globally renowned group
6. Private Health Insurance
7. Pension Plan
8. Paid Time Off
9. Training & Development

Requisition ID:
66101

About Whirlpool Corporation
Whirlpool Corporation (NYSE: WHR) is a leading kitchen and laundry appliance company, in constant pursuit of improving life at home and inspiring generations with our brands. The company is driving meaningful innovation to meet the evolving needs of consumers through its iconic brand portfolio, including Whirlpool, KitchenAid, JennAir, Maytag, Amana, Brastemp, Consul, and InSinkErator. In 2023, the company reported approximately $19 billion in annual sales, 59,000 employees, and 55 manufacturing and technology research centers. Additional information about the company can be found at

The team you will be a part of
The Audit team develops, plans, and evaluates internal audit programs for the organization's accounting and statistical records and the activities of various departments to ensure compliance with the organization's policies, procedures and standards. Prepares reports for management on the results of audits, providing recommendations on improvements.

This Role In Summary
As a Senior IT Auditor within the IT Internal Audit organization you will lead and perform risk-based IT audits, integrated audits working with the finance/operational audit team and also performing SOX work. You will be directly reporting to an assigned IT Audit Manager. The role will be working in a collaborative environment to deliver results where knowledge, experiences and internal/external networks can be leveraged to achieve results. In addition, this unique insight will place you in a position to become a valued business partner to key management stakeholders. Today you might be executing an audit on cybersecurity and presenting the results to Senior and/or Executive Management. The next day you may be involved in a global project that assists the company in ensuring security compliance. The following week you might be executing SOX control work.

Your Responsibilities Will Include

• Lead and execute technology and SOX audit global assignments successfully from planning to reporting phase by coordinating internal resources to deliver on time and budget;
• Based on enterprise policies, NIST cybersecurity framework standards and data privacy regulations such as CCPA, CPPA, LGPD and GDPR;
• Support management to perform effective risk assessment as part of the pre-planning work for audits;
• Plan and develop audit programs to assess key organization risks, including the clear documentation of Test of Design (TOD) and Test of Effectiveness (TOE) for the IT controls/ processes in the scope of audit;
• Draft audit reports, summarizing audit results following department methodology;
• Ensure audit conclusions are fact-based on a complete understanding of the process, controls, risk and root cause;
• Effectively communicate audit results and partner with management to develop remediation plans;
• Assist team members by providing relevant technical support and coaching during different audit phases as well as providing timely feedback to them;
• Support management to perform effective risk assessment for following year IT IA audit plan;
• Lead or support consulting projects to assist management in assessing or addressing an identified emerging risk;
• Abilities collaborating with systems integrators in developing business controls in SAP and other key technical platforms;
• Help develop team and drive followership through strong interpersonal and leadership skills;
• Strong time management and organization to meet critical audit and project timelines;
• Prioritize and effectively manage multiple tasks/deadlines while dealing with ambiguity;
• 15-25% travel is required.

Minimum Requirements

• Bachelor Degree;
• 4+ years experience performing risk-based information technology audits; specific Audit industry experience;
• Audit or operational experience within the IT process areas such as cybersecurity, internet of things, vendor management, data governance and privacy such as GDPR, CCPA and LGPD, operational technology, etc;
• 4+ years experience performing IT General Controls;
• Relevant certification (CISA) earned or in progress and achieved within the first year in this role;
• Excellent written and verbal English communication skills. Communication across the enterprise will be important as this person will often be tasked with participating in cross-functional teams.

Preferred Skills And Experiences

• Degree in Computer Science, Information Systems or Electrical and Computer Engineering;
• Previous experience working within one of the Big Four Audit Companies;
• Additional relevant certifications (i.e. CISSP, CRISC, CISM, CISO, CCAK);
• 2+ experience as a supervisor or lead position with organizational and leadership abilities;
• In-depth understanding of auditing and control practices;
• Proficient in Google Suite (Google sheet, Google docs, AODocs, Google slides) and SAP system;
• Abilities and/or a proven record of identifying key risks and controls, knowledge of Sarbanes-Oxley readiness, controls optimization, including the configuration of controls around security, business process and within SAP;
• Abilities collaborating with systems integrators in developing business controls in SAP;
• Abilities as a team member by creating a positive environment, monitoring workloads of the team while meeting client expectation;
• Abilities to identify and address client needs, including developing and sustaining meaningful client relationships and an understanding of the client's business.

Connect with us and learn more about Whirlpool Corporation

See what it's like to work at Whirlpool by visiting Whirlpool Careers. Additional information about the company can be found on Facebook, Twitter, LinkedIn, Instagram and YouTube.

At Whirlpool Corporation, we value and celebrate diversity. Whirlpool Corporation is committed to equal employment opportunity and prohibits any discrimination on the basis of race or ethnicity, religion, sex, pregnancy, gender expression or identity, sexual orientation, age, physical or mental disability, veteran status, or any other category protected by applicable law.

Requisition ID: 66101

ABOUT WHIRLPOOL CORPORATION

Whirlpool Corporation (NYSE: WHR) is a leading kitchen and laundry appliance company, in constant pursuit of improving life at home and inspiring generations with our brands. The company is driving meaningful innovation to meet the evolving needs of consumers through its iconic brand portfolio, including Whirlpool, KitchenAid, JennAir, Maytag, Amana, Brastemp, Consul, and InSinkErator. In 2023, the company reported approximately $19 billion in annual sales, 59,000 employees, and 55 manufacturing and technology research centers. Additional information about the company can be found at

The Audit team develops, plans, and evaluates internal audit programs for the organization's accounting and statistical records and the activities of various departments to ensure compliance with the organization's policies, procedures and standards. Prepares reports for management on the results of audits, providing recommendations on improvements.

As a Senior IT Auditor within the IT Internal Audit organization you will lead and perform risk-based IT audits, integrated audits working with the finance/operational audit team and also performing SOX work. You will be directly reporting to an assigned IT Audit Manager. The role will be working in a collaborative environment to deliver results where knowledge, experiences and internal/external networks can be leveraged to achieve results. In addition, this unique insight will place you in a position to become a valued business partner to key management stakeholders. Today you might be executing an audit on cybersecurity and presenting the results to Senior and/or Executive Management. The next day you may be involved in a global project that assists the company in ensuring security compliance. The following week you might be executing SOX control work.

• Lead and execute technology and SOX audit global assignments successfully from planning to reporting phase by coordinating internal resources to deliver on time and budget;
• Based on enterprise policies, NIST cybersecurity framework standards and data privacy regulations such as CCPA, CPPA, LGPD and GDPR;
• Support management to perform effective risk assessment as part of the pre-planning work for audits;
• Plan and develop audit programs to assess key organization risks, including the clear documentation of Test of Design (TOD) and Test of Effectiveness (TOE) for the IT controls/ processes in the scope of audit;
• Draft audit reports, summarizing audit results following department methodology;
• Ensure audit conclusions are fact-based on a complete understanding of the process, controls, risk and root cause;
• Effectively communicate audit results and partner with management to develop remediation plans;
• Assist team members by providing relevant technical support and coaching during different audit phases as well as providing timely feedback to them;
• Support management to perform effective risk assessment for following year IT IA audit plan;
• Lead or support consulting projects to assist management in assessing or addressing an identified emerging risk;
• Abilities collaborating with systems integrators in developing business controls in SAP and other key technical platforms;
• Help develop team and drive followership through strong interpersonal and leadership skills;
• Strong time management and organization to meet critical audit and project timelines;
• Prioritize and effectively manage multiple tasks/deadlines while dealing with ambiguity;
• 15-25% travel is required.

• Bachelor Degree;
• 4+ years experience performing risk-based information technology audits; specific Audit industry experience;
• Audit or operational experience within the IT process areas such as cybersecurity, internet of things, vendor management, data governance and privacy such as GDPR, CCPA and LGPD, operational technology, etc;
• 4+ years experience performing IT General Controls;
• Relevant certification (CISA) earned or in progress and achieved within the first year in this role;
• Excellent written and verbal English communication skills. Communication across the enterprise will be important as this person will often be tasked with participating in cross-functional teams.

• Degree in Computer Science, Information Systems or Electrical and Computer Engineering;
• Previous experience working within one of the Big Four Audit Companies;
• Additional relevant certifications (i.e. CISSP, CRISC, CISM, CISO, CCAK);
• 2+ experience as a supervisor or lead position with organizational and leadership abilities;
• In-depth understanding of auditing and control practices;
• Proficient in Google Suite (Google sheet, Google docs, AODocs, Google slides) and SAP system;
• Abilities and/or a proven record of identifying key risks and controls, knowledge of Sarbanes-Oxley readiness, controls optimization, including the configuration of controls around security, business process and within SAP;
• Abilities collaborating with systems integrators in developing business controls in SAP;
• Abilities as a team member by creating a positive environment, monitoring workloads of the team while meeting client expectation;
  Abilities to identify and address client needs, including developing and sustaining meaningful client relationships and an understanding of the client's business.

Connect with us and learn more about Whirlpool Corporation

See what it's like to work at Whirlpool by visiting Whirlpool Careers . Additional information about the company can be found on Facebook , Twitter , LinkedIn , Instagram and YouTube .

At Whirlpool Corporation, we value and celebrate diversity. Whirlpool Corporation is committed to equal employment opportunity and prohibits any discrimination on the basis of race or ethnicity, religion, sex, pregnancy, gender expression or identity, sexual orientation, age, physical or mental disability, veteran status, or any other category protected by applicable law.

We are groing and looking for resources in Brazil

IT / SOC Audit Associate OR Senior Audit Associate (Dependent on Experience)

Job Summary:

The IT/SOC Audit Senior Associate is responsible for delivering a full range of attest services to our clients, as well as all phases of assigned projects and engagement management for multiple clients. Responsibilities include the overall completion of system and organization controls SOC 1 and 2, Type I and II, HIPAA, GDPR, NIST, readiness and examination engagements.

Essential Duties and Responsibilities:

•Excellent verbal and written English communication skills: clear, concise, professional

•Strong analytical and basic research skills

•Solid understanding of AICPA standards and reporting requirements

•Knowledge of internal controls, security, privacy, audit, and control frameworks (e.g., SOC 2, SOC 1, NIST / 171, HIPAA, etc.), and relevant professional standards and regulations

•Solid organizational skills, especially the ability to meet project deadlines with afocus on details

•Ability to successfully multi-task while working independently or within a remote group environment

•Proven ability to work in a deadline-driven environment and manage multiple projects simultaneously

•Execute assigned client engagements from start to completion with minimal supervision

•Manage the day-to-day aspects of assigned engagements, including managing multiple work streams simultaneously and re-prioritizing tasks when unanticipated issues arise

•Evaluate and test client-related business processes and information technology controls and understand areas of risk for each

•Apply current knowledge of information technology trends and systems processes to identify security and risk management issues, as well as other opportunities for overall process improvement

•Work well with internal team members and client personnel to successfully execute each engagement

•Maintain professionalism and rapport with the client. Proactively interact with key client management to manage expectations, help ensure client satisfaction, meet client deadlines, and resolve any problems

•Proactively interact with key client management to gather information, resolve problems, and make recommendations risk reducing control improvements

•Exercise judgment and discretion related to conducting audit work

•Promote an ethical and risk-aware culture at the company

Experience:

•Minimum of two (2) years of SOC 2 auditing experience (Required)

•Experience working within a public accounting or internal auditing environment

•Experience performing IT general controls and application control reviews

•Experience working with an offshore audit team (desired, but not required)

•Experience working with GRC Platforms such as Vanta, Drata, Secureframe, etc. (desired, but not required)Other Knowledge, Skills & Abilities:

•Knowledge of internal controls, security, privacy, audit, and control frameworks (e.g., SOC 2, SOC 1, NIST 800-53, HIPAA, GDPR, etc.), and relevant professional standards and regulations

•Knowledge of cloud infrastructure management, DevOps and CI/CD, system accessmanagement, vulnerability management, and encryption systems management desired

•In process or interest in pursuing a CISA, CISSP, or similar professional designation

•Exceptional client service and communication skills with a demonstrated ability todevelop and maintain outstanding client relationships

•Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based environment

•Strong time management and self-motivational skills, coupled with excellent verbal, written, and presentation skills

•Excellent analytical, organizational and project management skills

•Strong computer skills including proficiency in Microsoft Office, Salesforce, another cloud-based applications

•Ability to work additional hours as needed to meet project deadlines

•Ability to work independently (100% Remote Position)

•Team player and can-do attitude

Education:

•Bachelor's degree in accounting, computer science, information systems or other related discipline

License/Certifications:

•CPA, CISA, CISM, CRISC, CGEIT, CISSP or other relevant certification

Software:

•Proficient in the use of Microsoft Office Suite, Google Suite, Salesforce, and other mainstream cloud based applications and tools

•Exposure to various operating systems and databases

•Familiarity with DevOps, CI/CD, SaaS, PaaS, IaaS environments, major ERP platforms

Language:

•Proficient in English