Summary
Overview
Work History
Education
Skills
Leader within Emerging Technology
Timeline
Generic

Bruno Silva

linkedin.com/in/bruno-m-m-s-silva

Summary

Detail-oriented Senior Technology Risk Analyst with over 3 years of experience in IT risk management, auditing, and control frameworks including within the financial services sector. Adept at maintaining risk registers, enhancing AI & technological capabilities, and conducting both high-level & in-depth risk assessments. Proven track record in driving continuous improvements and fostering a risk-aware culture within organizations. Holds extensive experience with IT governance, AI Governance and cybersecurity controls. Known for excellent communication, organisation, and a self-starter attitude; Specialised in Generative AI.

Overview

5
5
years of professional experience

Work History

Senior Tech Risk Consultant IAFA

Protiviti
The Shard
12.2024 - 01.2026
  • Conducted NIST cybersecurity audits to evaluate and strengthen compliance frameworks, addressing gaps and improving organizational resilience.
  • Executed FS SOX IT audits, ensuring adherence to financial reporting standards and IT control requirements.
  • Planned and executed engagements focusing on technology and business risk assessment, including internal audits and special projects.
  • Performed interviews, walkthroughs, and detailed testing to evaluate and enhance the effectiveness of internal control environments.
  • Identified control weaknesses, assessed their impact, and collaborated with stakeholders to implement practical solutions.
  • Assessed the effectiveness of IT controls and frameworks, proposing enhancements to mitigate risks.
  • Analysed and evaluated IT infrastructure to recommend improvements, optimising performance and reliability.
  • Developed and maintained professional relationships with clients, providing expert advice on IT audit matters.
  • Prepared detailed audit reports, presenting findings and recommendations to senior management for strategic decisions.
  • Managed multiple audit projects simultaneously, ensuring timely completion and adherence to quality standards.
  • Maintained comprehensive records of audit activities, findings, and outcomes for regulatory compliance.
  • Collaborated with IT departments to develop strategies for risk management and data protection.
  • Identified opportunities for cost savings and efficiency improvements within IT operations through detailed audits.
  • Conducted comprehensive audits on IT systems to identify security vulnerabilities and compliance issues.
  • Monitored system performance to identify weaknesses, bottlenecks and inefficiencies.
  • Initiated updates to systems, enhancing workflows and adding new functionalities.
  • Delivered custom AI solutions for clients, addressing unique challenges and delivering measurable outcomes.
  • Collaborated with cross-functional teams to identify opportunities for AI application across various business units.
  • Participated in industry conferences and workshops, staying abreast of latest trends and best practices in AI.
  • Monitored AI systems post-deployment to assess performance and implement necessary adjustments.
  • Led the integration of AI technologies into existing systems, significantly enhancing operational efficiency.
  • Provided mentorship to junior AI engineers, fostering a culture of learning and innovation within the team.
  • Led a team of software engineers in designing innovative software solutions, meeting tight deadlines and project specifications.
  • Managed large datasets, performed data cleansing, and executed preprocessing tasks to prepare for model development.
  • Participated in cybersecurity forums and workshops, sharing knowledge and learning from industry experts to improve organisational security posture.
  • Optimised security monitoring tools to reduce false positives, ensuring timely response to genuine threats.
  • Implemented two-factor authentication across critical systems, greatly enhancing account security and reducing unauthorised access risks.
  • Monitored network traffic for suspicious activity, using advanced tools to detect and thwart potential cyber attacks.
  • Completed regular vulnerability scans across enterprise network, working with colleagues to support remediation.
  • Coordinated cyber security risk assessments at system and enterprise levels and managed formal risk remediation activities.
  • Managed incident response activities, including investigation and remediation of security breaches, minimising impact on business operations.
  • Reviewed and updated disaster recovery plans to ensure business continuity in the event of cyber incidents.
  • Tested and executed security patches and updates to IT systems, reducing controllable risks.
  • Investigated potential cyber security incidents, suspected attacks and broader security incident management.
  • Designed and executed penetration tests to evaluate the effectiveness of security measures and identify exploitable weaknesses.
  • Coordinated with legal teams to understand implications of cybersecurity incidents and guide organisational response strategies.

IT Audit Analyst

KPMG
09.2022 - 10.2024
  • Stakeholder Collaboration: Supported cross-functional stakeholders in identifying, assessing, and managing IT risks. Facilitated discussions on risk and control, contributing to informed, risk-based decision-making.
  • Control Testing & Assurance: Conducted thorough control testing and assurance reviews, ensuring the effectiveness of the IT control environment and contributing to continuous improvement initiatives.
  • Audit Process Support: Provided comprehensive support during internal and external audits, ensuring audit issues were correctly assigned, addressed promptly, and aligned with regulatory requirements.
  • Understanding, evaluation, and validation of relevant General IT Controls (ITGCs) supporting the operation of Automated Controls (ACs) and Information, including determination of relevant risks arising from IT (RAFITs).
  • Evaluating technology and business risks of an entity's IT environment with ISA 315R.
  • Performed audits thorough analysis, testing, and assessing control environments, utilizing traditional sampling methods and automated tools (championing RPA Bots) to ensure thorough examination.
  • Led IT Control environment walkthroughs with key stakeholders across various industries.
  • Presented audit results effectively to Audit Senior Management and business stakeholders, ensuring alignment on audit findings and recommendations.
  • Documented audit testing and conclusions meticulously, compiling for clarity and compliance with audit standards.
  • Sarbanes-Oxley (SOX) 404 external audits; ICOFR audit experience; COSO & COBIT compliance.
  • Proficiency in information security domains, including policies, standards, and regulatory compliance.
  • Reviewed and verified financial statements for accuracy, highlighting any irregularities to senior auditors.
  • Assessed internal control systems to identify weaknesses and propose measures to mitigate risks.

Finance Group Controllership & Internal Audit

Travelport
10.2020 - 09.2021
  • Risk and Control Self-Assessment (RCSA): Collaborated with subject matter experts to oversee and coordinate the RCSA process, ensuring the accuracy and completeness of risk assessments across the Finance group.
  • Risk Reporting: Developed and delivered detailed risk reports that facilitated discussions on risk and control, supporting the decision-making process at the executive level.
  • Automation & Efficiency Improvements: Led the implementation of Oracle bots within the internal audit function, driving a 25% increase in efficiency for routine month-end tasks.
  • Managed comprehensive financial reporting, analysis, and consolidation processes for accurate monthly and annual accounts.
  • Produced monthly and year-end closing statements, financial documents and invoices.
  • Collaborated with IT department to enhance financial software, improving reporting capabilities and data accuracy.
  • Applied IFRS to shape technical accounting policies and procedures.
  • Analysed financial data to identify trends, perform variance analysis, and recommend cost reduction measures.
  • Coordinated with external auditors to facilitate annual audits, ensuring compliance with regulatory standards.
  • Oversaw cash flow management, optimising liquidity whilst minimising financial risk to the organisation.
  • Prepared detailed financial presentations for board meetings, providing insights into financial performance.

Education

BSc - Accounting and Finance

University of Sussex
07-2022

Skills

  • Internal Audit
  • IT Audit
  • SOX Compliance
  • Audit planning and execution
  • Control design and operation
  • Operational Effectiveness Testing
  • Professional standards
  • Sarbanes-Oxley Act
  • ISO 27001
  • ITIL
  • IT risk management
  • Key risk indicators
  • Governance
  • Risk and Compliance (GRC)
  • Risk tolerance
  • Cybersecurity controls
  • Risk mitigation strategies
  • Incident response planning
  • Execution
  • Disaster recovery procedures
  • Interpersonal skills
  • Communication skills (written and verbal)
  • Collaboration with stakeholders
  • Reporting and documentation
  • Data analytics tools (PowerBI)
  • IT infrastructure
  • Application controls
  • IT processes
  • Root cause analysis
  • Information Technology Audits
  • Emerging technologies
  • Penetration testing
  • Cybersecurity audits
  • Risk assessment
  • IT control evaluation
  • Data protection strategies
  • Compliance frameworks
  • AI integration
  • Stakeholder collaboration
  • Incident response management
  • Control testing
  • Automation implementation
  • Vulnerability management
  • Problem-solving
  • Willingness to learn
  • Calm under pressure
  • Public speaking
  • Analytical and critical thinking
  • Strategic planning
  • MS Office Suite

Leader within Emerging Technology

  • Co-founder, Global AI Thought Leadership series, Co-founded and led initiative to disseminate information on AI use cases and practical implementations cross-functionally., Led a team of 8 individuals, facilitated 60+ articles for over 40+ service lines over 12 countries.
  • Organiser and facilitator, KPMG Summer of AI 2023 & 2024, Organiser and facilitator for 50+ sessions regarding key issues around the AI revolution for over 6000 participants., Presenter for sessions on AI within Audit and Future of Audit to 300+ individuals.
  • Co-author, KPMG Internal Article, Generative AI Opportunities and Challenges for IT Auditors, IT Auditors of the Future
  • Finalist, KPMG AI Innovation Challenge, Pitched to KPMG's senior leadership on internal Generative AI tools; assisted with development and implementation.
  • Key Founder, Cyber COE (Centre of Excellence), Organized content and specialized in cybersecurity and cybersecurity controls.

Timeline

Senior Tech Risk Consultant IAFA

Protiviti
12.2024 - 01.2026

IT Audit Analyst

KPMG
09.2022 - 10.2024

Finance Group Controllership & Internal Audit

Travelport
10.2020 - 09.2021

BSc - Accounting and Finance

University of Sussex

Similar Profiles

  • null null

    Senior Business Consultant | Enterprise Risk Internal Audit at Ernst & Young (EY) GDS – Business ConsultingSenior Business Consultant | Enterprise Risk Internal Audit at Ernst & Young (EY) GDS – Business Consulting

  • Muhammad NomanMuhammad Noman

    Senior Consultant - Risk Advisory & Internal Audit at ECOVIS ALSABTISenior Consultant - Risk Advisory & Internal Audit at ECOVIS ALSABTI

  • Zaid A. BarhoumehZaid A. Barhoumeh

    Senior Consultant II, Risk Assurance Services at PricewaterhouseCoopersSenior Consultant II, Risk Assurance Services at PricewaterhouseCoopers

  • Zaid HamdanZaid Hamdan

    Senior Risk Consultant at PwCSenior Risk Consultant at PwC

CREATE PROFILE
Bruno Silva