Henrique Costa
@henriquecosta
Internal Auditor and risk/compliance specialist with 5+ years in ISO audits.
BrazilWhat I'm looking for
I’m a Systems Analysis and Professional with over 5 years of experience in Risk Management, Development - Compliance, and Internal Audit, built in global corporate environments. I focus on practical controls, clear evidence, and audit readiness that keeps organizations secure and aligned.
I implement and maintain internal policies and frameworks such as ISO 27001 and SOC 1 Type II, and I conduct audits in Cloud and SaaS environments. My work spans Multi-Framework Auditing across areas like Data Privacy, AI Frameworks, and legal/contractual compliance.
I lead end-to-end audits through a structured, 10-pillar framework and generate actionable recommendations for senior stakeholders. I’ve also handled security incident investigations and produced intelligence reports that strengthen preventive decision-making.
As a focal point between technical, operational, and external audit teams, I drive coordination during certification processes and evidence validation. From ERM responsibilities at Renault Experience to fraud audits and counterintelligence work, I bring an analytical, results-driven risk vision to every engagement.
Experience
Work history, roles, and key accomplishments
Conducted internal audits for projects developing and managing cloud-based solutions, using a 10-pillar framework to ensure operational and security excellence. Performed multi-framework auditing across ISO 27001, data privacy, AI governance, and legal/contract compliance, and delivered actionable control-gap recommendations for senior stakeholders.
Owned the Enterprise Risk Management (ERM) framework, aligning BPS operations with global standards. Led end-to-end audits for ISO 27001 and SOC 1 Type II, served as a focal point for external certification audits, and managed security incident investigations and preventive intelligence/reporting for leadership.
Fraud Auditor and Investigator
Oi
Feb 2018 - Mar 2021 (3 years 1 month)
Mapped and mitigated fraud risks by conducting fraud audits and field investigations, identifying suspicious activities and implementing preventive measures. Conducted interviews to gather information and produced detailed intelligence reports based on data analysis and forensic investigation.
Manual Tester
BCPrime
Dec 2016 - Nov 2017 (11 months)
Executed manual and exploratory functional testing for customized ERP and POS systems, validating data integrity using SQL. Provided user support and training and partnered with developers to translate requirements into expected software behaviors.
Education
Degrees, certifications, and relevant coursework
Estácio
Systems Analysis and Development, Systems Analysis and Development
2024 -
Studying Systems Analysis and Professional Development at Estácio (2024–2027, in progress).
Federal University of Paraná
Industrial Engineering, Industrial Engineering
2009 - 2015
Completed an Industrial Engineering qualification (Type II) at the Federal University of Paraná (2009–2015).
Federal University of Paraná
ISO 31000 Risk Management Certification, Risk Management
Certified training in ISO 31000 Risk Management and Fraud Risk Management at the Federal University of Paraná.
Availability
Location
BrazilAuthorized to work in
Salary expectations
Job categories
Skills
Interested in hiring Henrique?
You can contact Henrique and 90k+ other talented remote workers on Himalayas.
Message HenriqueFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
