AI Summary
Contribute to continuous improvements in IT General Controls (ITGC) at Nubank. Lead the assessment of the company's SOx IT control environment and drive scoping and risk assessment of IT components. Perform and review walkthroughs and design assessments for ITGCs.
Key Highlights
Lead SOx IT control environment assessment
Drive scoping and risk assessment of IT components
Perform and review walkthroughs and design assessments for ITGCs
Key Responsibilities
Own and lead the assessment of the company's SOx IT control environment
Drive scoping and risk assessment of IT components
Perform and review walkthroughs and design assessments for ITGCs
Plan and execute Tests of Design (ToD) and Tests of Effectiveness (ToE) for IT controls
Coordinate remediation and action plans with Engineering, InfoSec, IAM, and business teams
Act as primary counterpart for external auditors and Internal Audit on SOx IT topics
Technical Skills Required
Benefits & Perks
Chance of earning equity at Nubank
Food/ Meal Card
Public Transportation Commuting Benefit
NuCare – Psychological, Financial and Legal Assistance Program
Life Insurance
Medical Plan
Dental Plan
NuLanguage – Language Course Program
Nucleo - Our learning platform of courses
Extended Parental Leave
Daycare Allowance
Parental Consultancy
Work-from-home Allowance
Gym Partnerships
30 days of paid vacation
Relocation Assistance Package
Nice to Have
Experience working in multicultural teams across different countries and time zones
Previous experience in digital bank, fintech, or technology-driven environments
Hands-on experience with identity and access management tools
Cloud platforms
Version control/CI-CD tools
Job Description
About Us
Nu is one of the largest digital financial platforms in the world, with more than 122 million customers across Brazil, Mexico, and Colombia. Guided by our mission to fight complexity and empower people, we are redefining financial services in Latin America and this is still just the beginning of the purple future we're building.
Listed on the New York Stock Exchange (NYSE: NU), we combine proprietary technology, data intelligence, and an efficient operating model to deliver financial products that are simple, accessible, and human.
Our impact has been recognized by global rankings such as Time 100 Companies, Fast Company’s Most Innovative Companies, and Forbes World’s Best Bank. Visit our institutional page https://international.nubank.com.br/careers/
About The Team
Be part of the SOx Team, contributing to continuous improvements in the IT General Controls (ITGC), Automated and IT-dependent controls environment at Nubank. The team ensures compliance with SOx requirements and international frameworks (e.g., COSO, COBIT, PCAOB standards), partnering with Engineering, Information Security, IAM, Platform, Data, Controllership, Finance, and Product squads to guarantee that technology processes and components supporting financial reporting are properly designed, operated, and evidenced.
We act as 2nd Line of Defense for SOx, challenging and supporting 1LoD teams in the correct and efficient execution of internal controls in line with Nubank’s Internal Controls and SOx IT Methodology.
About The Role
As a SOx IT Specialist, you will be a senior individual contributor and subject-matter expert for IT controls over financial reporting, with strong autonomy and influence across multiple domains and countries.You will:
- Own and lead the assessment of the company’s SOx IT control environment, focusing on Logical access management, Change management, IT operations, automated controls, IT-dependent manual controls, and cybersecurity.
- Drive scoping and risk assessment of IT components (third‑party applications, internal services/microservices, automations, infrastructure, datasets, notebooks, etc.) that are relevant to ICFR, applying Nubank’s SOx IT scope methodology.
- Perform and review walkthroughs and design assessments for ITGCs, IT-dependent controls, automatic controls, challenging control design, coverage of risks, and evidence quality.
- Plan and execute Tests of Design (ToD) and Tests of Effectiveness (ToE) for IT controls.
- Coordinate remediation and action plans with Engineering, InfoSec, IAM, and business teams, ensuring robust root-cause analysis, sustainable fixes, and timely closure of IT control deficiencies and audit findings.
- Act as primary counterpart for external auditors and Internal Audit on SOx IT topics (scope, methodology, sampling, exceptions, deficiencies), supporting walkthroughs, evidence requests, and technical discussions.
- Contribute to the continuous improvement of SOx IT methodology, templates, and guidelines (e.g., sampling, population completeness, IPE standards, quality review checklists).
- Help design and challenge IT control automation and monitoring (e.g., control bots/Controlinhos, dashboards, alerts) to increase coverage and reduce manual effort and error risk.
- Mentor and support junior analysts on ITGC concepts, testing techniques, documentation standards, and interaction with tech squads, raising the overall quality bar of the team.
- Promote synergy and governance between SOx, Engineering, InfoSec, IAM, Controllership, and other stakeholders through routines, trainings, workshops, and forums focused on IT controls.
- 6+ years of experience in IT Audit, IT Risk, IT Compliance, or SOx IT (e.g., Big 4, internal audit, financial institutions, fintechs, or tech companies).
- Solid knowledge of SOx 404, PCAOB standards, COSO, and main IT control frameworks (e.g., COBIT, NIST), especially as they relate to ICFR.
- Proven hands-on experience with IT General Controls over:
- Logical access (IAM, SSO/IdP, SoD, privileged access, user lifecycle);
- Change management (code review, approvals, segregation of duties, emergency changes);
- IT operations (job processing, interfaces, monitoring, incident/problem management).
- Experience assessing IT controls in cloud and modern architectures (e.g., AWS, microservices, APIs, data platforms, CI/CD pipelines).
- Experience with enterprise/SaaS applications relevant to financial reporting (e.g., ERP such as SAP/Oracle, HR/Payroll, Treasury, core banking/ledger, reconciliation tools).
- Experience evaluating SOC 1 Type 2 reports, complementary user entity controls, and their impact on SOx.
- Strong ability to analyze technical evidence (logs, configurations, scripts, SQL/queries, access listings) and connect it to control objectives and financial risks.
- Excellent skills in structuring and documenting workpapers (narratives, flowcharts, RCMs, ToD/ToE, conclusions) in English.
- Fluent English (written and spoken), able to lead discussions and defend positions with external auditors and global stakeholders.
- Strong communication and organizational skills, and the ability to work independently.
Looking to advance your IT & Network Engineering career with relocation support? Explore IT & Network Engineering Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.
- Experience working in multicultural teams across different countries and time zones.
- Previous experience in digital bank, fintech, or technology‑driven environments, with exposure to microservices, event‑driven architectures, and DevOps practices.
- Hands-on experience with identity and access management tools (e.g., Okta or similar), cloud platforms (e.g., AWS), and version control/CI-CD tools (e.g., GitHub, pipelines).
- Experience with process and control improvement, including automation, use of data/analytics for testing, or control monitoring solutions.
- Comfort in reading, interpreting, and analyzing data (e.g., SQL, notebooks, dashboards) to support control testing and investigations.
- Previous experience in Big 4 and/or regulated financial institutions.
- Knowledge of business operational processes.
Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.
- Chance of earning equity at Nubank
- Food/ Meal Card (Vale-Refeição and/or Vale Alimentação)
- Public Transportation Commuting Benefit (Vale-Transporte)
- NuCare – Psychological, Financial and Legal Assistance Program
- Life Insurance
- Medical Plan
- Dental Plan
- NuLanguage – Language Course Program
- Nucleo - Our learning platform of courses
- Extended Parental Leave
- Daycare Allowance
- Parental Consultancy
- Work-from-home Allowance
- Gym Partnerships
- 30 days of paid vacation
- Relocation Assistance Package, if applicable
Hybrid 2-3 times/week: Our hybrid work model brings us to the office at least twice a week, on strategic days designed to maximize team connection and collaboration. For more details, visit https://building.nubank.com/nu-hybrid-work-model/
Similar Jobs
Explore other opportunities that match your interests
Systems Engineering Technical Lead for NASAMS Product Line
••••••
••••••
••••••
Job Type
••••••
Experience Level
••••••
Raytheon
United State
Safety Relief Process Engineer
••••••
••••••
••••••
Job Type
••••••
Experience Level
••••••
ADM
United State
Section Manager, Circuit Avionics Design IPT
••••••
••••••
••••••
Job Type
••••••
Experience Level
••••••
Northrop Grumman
United State