About Patria Patria is, essentially, a long-lasting and resilient entrepreneurial Partnership, that continually observes reality, anticipates trends and adapts to capture them. Here we are home to professionals who carry this entrepreneurial spirit, who know how to transform ideas into real business opportunities, and who are engaged in the development and perpetuation of the Partnership. This position will be based in our Office in São Paulo in a full on-site working model. About the role: The IT Governance Process & Quality associate brings experience, knowledge, and regulation vision to adjust and enhance IT processes & controls to ensure internal IT polices across the company using Cobit framework. This role contributes to orchestrate, develops, maintains, and monitor technology policy, standards, processes, and procedures to assess, monitor, report, escalate and remediate IT risk matrix and compliance according to regulatory agencies such as SOX (Sarbanes Oxley), SEC (Security Exchange Comission), Brazilian LGPD (Lei Geral Proteção de Dados) and GPDR (General Protection Data Regulation). As key member of IT Governance, this role works collaboratively with IT department, internal audit and business areas in the design and implementation of IT processes & controls, risk assessment and regulatory compliance practices for IT. Main Responsibilities: Coordinates the IT process management of both internal and external audits, acting as facilitator between IT team and Audit´s team for all requests for examinations. Proactively promotes enhancement of technology-related governance IT processes and training across all IT resources. Ensure that changes submitted to IT CAB (Change Advisory Board) comitée respects internal procedures to go to production . Ensures follow up, monitoring and testing of business continuance procedures, ensures follow-up response to system failures , and is proactive in building processes / automations to minimize/eliminate downtime. Leads cross-functional teams in performing IT reviews and tests of IT controls to ensure that existing IT systems are operating as designed and that they contain adequate controls. Mesure & ensure the IT security standards and systems to ensure information system security across the enterprise. Conducts studies within and outside the organization to ensure best IT governance process & quality according to Cobit norms. Makes recommendations and assists in the implementation of changes to work methods and procedures to make them more effective or to strengthen IT quality processes. Requirements: Education: Bachelor's Degree in Computer Science, Information Systems, or other related field. Or equivalent work experience.IT risk management, process re-engineering or improvement Breadth: Middle level management. Works under IT Governance Manager; Works on multiple, complex projects as a project leader and a subject matter expert. English is mandatory Spanish is appreciated. Familiarity with SOX - Sarbanes-Oxley controls mandatory Appreciated, not mandatory - understanding of various risk and security certifications and attestations: NIST (national Instutute of Standards and Technology); ISO 27001 (Information Security Management Systems); GDPR (General Data Protection Regulation) and Brazilian LGPD (Lei Geral de Proteção de Dados); Chilian CMF (Comission para El Mercado Financeiro); Brazilian ANBIMA (Associacao Nacional dos Bancos de Investimento) Required Knowledge and Skill Strong collaborative and interpersonal aptitude with good communication skills Experience with compliance and security audits, and risk mitigation plans Ability to understand and manage the implications and impacts of technical issues and processes in the context of information security and risk management Strong dispute resolution and mediation skills directed toward driving positive outcomes for involved parties Strong knowledge of IT, operational, security and legal risk concepts Familiarity with IT Risk management and governance concepts including risks mitigation Strong dispute resolution and mediation skills directed toward driving positive outcomes for involved parties Experience influencing third parties and managing vendor relationships Understanding of asset management concepts and range of technologies and tools that will aid in evaluation of the financial and operational risk associated with incumbent and potential suppliers Industry certifications relating to security and risk management are desired (for example, CRMA, CISA, CISSP) Work Environment: It isn't just the performance that matters. We also care about the way we achieve our targets. And we see our way of working as a differentiator, which contributes to retain the best team, to establish long-term relationships with clients, to expand to other countries, and to attract investors and partners who allow us to generate superior returns. How we do it: 1. Ethical 2. Aligned to Our Clients' Objectives 3. Associative and Complementary 4. United by a Purpose 5. Disciplined, Criteria-driven and Hands-on 6. Environment that Fosters High-Performance Diversity: At Patria we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class. Our employment policies strictly prohibit all forms of discrimination on any of the grounds in relevant laws. All our employment practices are solely based on individual merit and our organization's needs at the time.
