Open to opportunities

Ana Carolina Pelosini

@anacarolinapelosini

Message

Experienced IT auditor with expertise in cybersecurity and compliance.

Netherlands

Message

What I'm looking for

I am looking for a job that offers challenging projects in the field of cybersecurity and compliance. I am particularly interested in roles that allow me to utilize my expertise in IT audit, data protection, and risk assessment. I value a company culture that promotes continuous learning and professional growth. I am eager to contribute my skills and experience to a dynamic organization.

I am an experienced IT auditor with a strong background in cybersecurity and compliance. I have a Bachelor's degree in Information Systems from Senac University Center and a Graduate degree in Cyber Security from FIAP University. I am also certified in COBIT Foundation and Information Security Foundation based on ISO/IEC 27001.

During my time at XP Inc, I served as a Senior Internal Technology Auditor, where I conducted technology process audits within an investment banking context. I focused on projects such as Azure Cloud Pipelines, GDPR-related tasks, and reviewing the organization's cybersecurity measures. I also have experience with internal business-related audits, including Onboarding, AML, KYC, Order Execution Flow, Internal/External Fraud, and Intra-day Operations. I am well-versed in the regulations set by the Brazilian Securities and Exchange (CVM) and have successfully completed end-to-end internal audit projects.

Prior to XP Inc, I worked at Cielo as an IT Internal Auditor III. In this role, I executed Technology Audit projects with a focus on PCIDSS for payment card security compliance. I assessed compliance with data protection regulations such as GDPR and internal security policies. I also identified and evaluated IT-related risks that could impact the organization's operations, data integrity, or confidentiality. Additionally, I have experience in conducting internal audit projects related to IT assets, provider management, security vulnerabilities, penetration tests, DLP, and secure software development.

Before joining Cielo, I worked at Ernst & Young as an External Auditor, where I executed external audit projects across various sectors and industries. I focused on compliance with the Securities and Exchange Commission (SEC) / Sarbanes & Oxley (SOX) Act. I also provided ISAE 3402 and CertiSign audit reports and delivered IT Risk Technology audits to support the Assurance EY Team.

Throughout my career, I have gained experience in systems audit procedures, change management, and SAP support. I am a detail-oriented professional with a strong commitment to delivering high-quality work. I am now seeking new opportunities to further develop my skills and contribute to a dynamic organization.

Experience

Senior Internal Technology Auditor

XP Inc

Conducted technology process audit projects within an investment banking context, including IT internal projects focused on Azure Cloud Pipelines, GDPR-related tasks, and cybersecurity measures. Also responsible for internal business-related audit projects with a focus on Onboarding, AML, KYC, Order Execution Flow, Internal/External Fraud, and Intra-day Operations. Experience with regulations from

IT Audit Investment Banking Azure Pipelines GDPR Cybersecurity AML KYC Internal Audit Risk Mitigation

Junior Process Analyst

Stefanini

Responsible for providing support in change management processes, conducting risk assessments, engaging stakeholders, maintaining documentation, and overseeing the change process at Nestlé Company in the Change Management department.

Change Management Risk Assessment Stakeholder Engagement Documentation Management Continuous Improvement

Intern

Schneider Electric Brazil

Provided support in handling service requests, creating system access, adjusting access profiles, and offering assistance to all departments within the company.

Services Access Profiles Customer Support

Intern

Avelor Tecnologia da Informação

Monitored and provided support for the SAP system utilized by clients, resolving any issues within the environment, and implementing necessary SAP notes and updates as required.

SAP Systems

IT Internal Auditor III

Cielo

Executed Technology Audit projects with a focus on PCIDSS for payment card security compliance and NIST framework. Identified and evaluated IT-related risks, assessed cybersecurity threats, data breaches, system failures, and other potential disruptions. Responsible for conducting internal audit projects focused on IT assets, provider management, security vulnerabilities, penetration tests, DLP, a

IT Audit PCI DSS NIST Data Protection Cybersecurity Penetration Testing Software Development

External Audit

Ernst & Young

Executed external audit projects across various sectors and industries, with a primary focus on compliance with the Securities and Exchange Commission in the United States of America (SEC) / Sarbanes & Oxley (SOX) Act. Provided ISAE 3402 and CertiSign audit reports. Delivered IT Risk Technology audits to support the Assurance EY Team. Conducted thorough assessments of client’s IT systems, infrastr

Audit Compliance SEC SOX IT Systems

Trainee

Ernst & Young

Documented the execution of systems audit procedures for various clients as defined by job objectives, client work history, and planned audit methodology.

Audit Documentation