Sr. Risk & Controls Analyst

Role

Senior Risk & Controls Analyst

Join our growing Risk Management function in a Global Company, including the Netherlands DNB regulated environment.

This person will play a critical role in building and maturing our global risk framework, supporting strategic initiatives, and ensuring alignment with European regulatory expectations (DNB, EBA, PSD2/PSD3, AMLD) and other best practices regarding Risk and Internal Controls. They also support the implementation of risk management routines, including the design of mitigation strategies.

We are looking for someone with strong analytical skills, solid experience in risk management in financial services or fintech, and the ability to thrive in a high-growth, cross-border, multicultural environment. As the role reports to a manager located in another country, strong communication, independence, and self‑management are essential.

• Support the development and enhancement of Hotmart’s global risk management framework.
• Identify, assess, and monitor key operational, financial, regulatory, and technology risks across the business.
• Perform risk assessments for processes, products, markets, and strategic initiatives.
• Support the creation and maintenance of risk registers, KRIs, policies, dashboards, and risk reporting structures.
• Contribute to the design and execution of internal control testing and effectiveness assessments.
• Collaborate with stakeholders across the Company, including various departments, such as:
  Legal, Finance, Compliance, Product, Engineering, Data, People and Operations.
• Provide insights and recommendations based on risk findings, process mapping, and data analysis.
• Assist with regulatory requirements applicable to the Company environment, mainly the Netherlands (including EMI licensing and governance standards).
• Support incident management processes and post‑mortem reviews.
• Prepare documentation, presentations, and reports for senior management, Committee's, the Board, and regulators.
• Contribute to building a strong risk culture across the organization.

Full-time

• 5–6 years of experience in risk management, internal controls, or related areas within banks, EMIs, PSPs, fintechs, or large tech companies.
• Solid understanding of risk frameworks, controls, and governance standards.
• Experience in risk assessments, process reviews, and control testing.
• Ability to work independently with teams located in different countries/time zones.
• Strong communication skills in English (written and spoken).
• High level of ownership, analytical thinking, and problem‑solving ability.
• Comfortable working in a fast‑paced environment with evolving structures.
• Comprehended knowledge over referred frameworks: COSO, SIRA, PCAOB, among others.

• Experience with DNB or European regulatory expectations (EBA, PSD2/PSD3, AMLD, risk governance standards).
• Background in tech or digital business models.
• Experience with risk quantification, mitigation and/or data‑driven risk indicators (KRIs).
• Familiarity with ICFR, including SOX requirements.
• Familiarity with GRC tools and risk management software.
• Certifications such as CRISC, ISO 31000, CIA, or similar.
• Experience with DORA regulatory requirements.

Reports to the Global Risk & Internal Controls Sr Manager, located in Brazil.