Description: * Solid experience in risk management, internal controls, or auditing; * Proficiency in process and risk mapping techniques and tools (BowTie, Walkthrough, and SIPOC); * Experience in discussing, monitoring, and managing action plans with involved areas; * Ability to communicate effectively with diverse teams and professionals at all levels (operational, tactical, and executive); * Knowledge/previous experience with technology controls and information security; * Map business processes, especially technological and information security processes; * Identify and document risks and internal controls; * Integrate technology and information security knowledge into mappings to ensure deliverables align with best practices in these areas; * Proactively identify risks in daily operations based on security events, incidents, materialized losses, and issues reported by departments; * Serve as the focal point for awareness initiatives regarding cyber and technology risks; * Conduct supplier risk assessments; 2512180202551924920