···
Log in / Register

INTERNAL AUDITOR IV (IT) - SENIOR

Indeed
Full-time
Onsite
No experience limit
No degree limit
Fairy Lake - Estr. Dom Pedro Augusto - Alto da Boa Vista, Rio de Janeiro - RJ, 20531-000, Brazil
Favourites
Share
Some content was automatically translatedView Original

Description

Job Summary: Senior IT Internal Auditor to provide independent assessments and recommendations on governance, risk, and controls. Key Highlights: 1. Conduct IT and cybersecurity audits with a focus on IT governance. 2. Assess the effectiveness of internal controls and IT risks. 3. Promote the use of technology-assisted auditing. Job Title INTERNAL AUDITOR IV (IT) \- SENIOR Work Location Rio de Janeiro Job Description The professional will be responsible for providing independent, objective, and timely assessments, advisory services, and recommendations regarding: corporate governance; the effectiveness of risk management; and the adequacy of controls — aiming to improve operations, add business value, and ensure alignment of processes with ONS guidelines and strategies, with emphasis on Information Technology General Controls (ITGC), including Cybersecurity. Our mission is grounded in the mandatory elements of The Institute of Internal Auditors (The Institute of Internal Auditors) \- Global IIA. Academic Qualifications Bachelor's degree in Humanities or Exact Sciences; Information Technology, Computer Science, Computer Engineering, Information Systems, or related fields. Postgraduate Degree, MBA, or Specialization \- Focused on IT (IT Audit and Cybersecurity). 1st Level Knowledge IT governance and market frameworks, with proficiency in ISACA COBIT, ISO/IEC 27001, and NIST Cybersecurity Framework; Internal audit standards and practices, including guidance from The Institute of Internal Auditors; Information Technology General Controls (ITGC); **Information security and cybersecurity, including:** * vulnerability management; * penetration testing and ethical hacking (conceptual); * identity and access management (IAM); * cryptography and data protection; * incident response and security monitoring (SOC/SIEM); IT infrastructure, including networks, operating systems, virtualization, and cloud environments (AWS, Azure, or similar); System architecture and application integration; Auditing in regulated environments and/or critical infrastructure; Security in industrial environments or control systems (ICS/SCADA); Knowledge of Microsoft solutions; Data privacy and protection, including familiarity with LGPD and best practices in data governance and Data Loss Prevention (DLP); Experience with security tools such as SIEM and EDR; Corporate and IT risk management based on recognized methodologies; Business continuity and disaster recovery (BCP and DRP); Data analytics applied to auditing, including use of data analytics tools and continuous auditing; Advanced knowledge of Artificial Intelligence (Generative AI and Agents); Auditing and GRC (Governance, Risk, and Compliance) tools; Reading and interpreting logs, audit trails, and technical evidence; and Preparation of clear executive reports focused on risks, root causes, and actionable recommendations. 2nd Level Knowledge **Desirable/Differentiating Certifications:** Certifications in auditing and controls: CIA (Certified Internal Auditor) \- The Institute of Internal Auditors; CISA (Certified Information Systems Auditor) \- ISACA. Certifications in information security: CISSP (Certified Information Systems Security Professional) \- (ISC)²; CISM (Certified Information Security Manager) \- ISACA. Certifications in IT governance and management: COBIT (Foundation or higher) \- ISACA; ISO/IEC 27001 Lead Auditor or Lead Implementer \- ISO. 3rd Level Knowledge Brazilian Electric Sector and its regulations; Regulatory Auditing. 4th Level Knowledge English \- Intermediate level (desirable). Job Responsibilities 1\. Plan, coordinate, and execute IT and cybersecurity audits in accordance with the Annual Internal Audit Plan; 2\. Evaluate the effectiveness of internal controls related to IT governance, information security, data privacy, and business continuity; 3\. Perform IT and cybersecurity risk assessments, identifying vulnerabilities, threats, and business impacts; 4\. Conduct audits across diverse technological environments, including corporate systems, infrastructure, cloud, networks, and critical applications — including systems related to the Operation and Planning of the National Interconnected System (SIN); 5\. Evaluate IT General Controls (ITGC), including access management, change management, operations, and segregation of duties; 6\. Assess compliance with applicable standards, frameworks, and regulations, such as The Institute of Internal Auditors, ISACA, ISO (e.g., ISO 27001\), NIST, COBIT, and LGPD; 7\. Prepare clear and objective audit reports identifying root causes, risks, and practical, prioritized recommendations; 8\. Monitor implementation of agreed-upon action plans with audited areas; 9\. Act consultatively with business and technology areas to support process and control improvements; 10\. Coordinate third-party audit engagements where applicable; 11\. Support the internal audit function’s technology-related activities, including methodology definition, tool selection, and analytics usage; 12\. Promote and implement technology-assisted auditing techniques (data analytics, automation, and continuous testing); 13\. Stay updated on trends, threats, and best practices in cybersecurity and information technology; 14\. Exercise independence, professional skepticism, and confidentiality when handling information; 15\. Support preparation of executive reports for senior management, the audit committee, and the board. Behavioral Competencies Collaboration Results Orientation Trust Organizational Understanding Innovation Process Optimization

Source:  indeed View original post
João Silva
Indeed · HR

Company

Indeed
João Silva
Indeed · HR

Similar jobs

Cookie
Cookie Settings
Our Apps
Download
Download on the
APP Store
Download
Get it on
Google Play
© 2025 Servanan International Pte. Ltd.