← Back to list
Registration: 28.04.2026

Henrique Costa

Specialization: QA Test
— Professional with over 5 years of experience in risk management, compliance, and internal audit within global corporate environments. — Hands-on experience implementing and maintaining internal policies and frameworks, including ISO 27001 and SOC 1 Type II, as well as conducting audits in cloud and SaaS environments. — Certified in ISO 31000 (risk management) and fraud risk management, with a proven track record of leading end-to-end audits, managing security incident investigations, and producing intelligence reports. — Fluent in English, able to act as the primary liaison between technical, operational, and external audit teams. — Analytical, results-driven professional with a strategic approach to risk. Certifications & Courses: — ISO 31000 Risk Management – Six Sigma Academy Amsterdam (SSAA). — Fraud Risk Management – Brasiliano INTERISK. — Azure Fundamentals – Microsoft. — Cloud Security – Udemy.
Java Oracle SAP AWS ServiceNow Python Google Cloud Platform MySQL Azure Power BI
— Professional with over 5 years of experience in risk management, compliance, and internal audit within global corporate environments. — Hands-on experience implementing and maintaining internal policies and frameworks, including ISO 27001 and SOC 1 Type II, as well as conducting audits in cloud and SaaS environments. — Certified in ISO 31000 (risk management) and fraud risk management, with a proven track record of leading end-to-end audits, managing security incident investigations, and producing intelligence reports. — Fluent in English, able to act as the primary liaison between technical, operational, and external audit teams. — Analytical, results-driven professional with a strategic approach to risk. Certifications & Courses: — ISO 31000 Risk Management – Six Sigma Academy Amsterdam (SSAA). — Fraud Risk Management – Brasiliano INTERISK. — Azure Fundamentals – Microsoft. — Cloud Security – Udemy.
Java Oracle SAP AWS ServiceNow Python Google Cloud Platform MySQL Azure Power BI

Skills

Java
Python
MySQL
Power BI
AWS
Google Cloud
Azure
GenAI
ServiceNow
SAP
Oracle

Work experience

Auditor
07.2025 - 03.2026 |Wipro
ServiceNow, Oracle, etc, AI
● Conducted internal audits for cloud-based solution development and management projects (ServiceNow, Oracle, etc.). ● Led end-to-end audits within a 10-pillar framework to ensure global operational excellence and security. ● Performed multi-framework audits covering ISO 27001, data privacy, AI frameworks, and legal/contractual compliance. ● Assessed operational and security controls for teams building cloud infrastructure and enterprise solutions. ● Audited critical business pillars including asset management, HR, operational security, and business continuity (BCP). ● Identified control gaps in emerging technologies (AI) and cloud operations, delivering actionable recommendations to senior stakeholders.
ERM Framework Lead
01.2021 - 07.2025 |Previous Role
ERM, ISO 27001, SOC 1 Type II
● Responsible for the enterprise risk management (ERM) framework in Brazil, ensuring all BPS operations aligned with global standards. ● Led internal audits focused on ISO 27001, SOC 1 Type II, and internal information security policies at BPS. ● Served as the focal point between external ISO 27001 and SOC 1 Type II certification audits and support/operations teams. ● Validated and triaged all evidence and documentation prior to delivery to external auditors, ensuring a smooth process. ● Collaborated with the BCM team to develop, test, and update business continuity plans. ● Managed security incident investigations and prepared preventive recommendation reports for leadership.
Fraud Auditor / Investigator
02.2018 - 03.2021 |Oi
Audits, data analysis
● Mapped and mitigated risks related to internal and external fraud, identified suspicious activities, and implemented preventive measures. ● Conducted fraud audits, field investigations, counterintelligence, and fraud prevention activities. ● Interviewed employees and clients to gather information and produce detailed intelligence reports. ● Developed expertise in data analysis and forensic investigation to identify fraudulent patterns and trends.
Manual Tester
12.2016 - 11.2017 |BCPrime
SQL, ERP, POS
● Executed manual and exploratory functional tests for customized ERP and POS systems. ● Used SQL for database validation and data integrity verification. ● Provided comprehensive support and training for end users. ● Worked closely with developers to translate user requirements into functional software behaviors.
Developer
01.2019 - 12.2019 |Renault Experience 2019
AI-driven
● Developed the project for the Renault Experience 2019 innovation competition, achieving 3rd place. ● Provided AI-driven predictive diagnostics for car-sharing fleets (Twizzy), transforming vehicle data collected via CAN access into actionable maintenance insights. ● Identified potential failures before they occur and analyzed driver-specific wear patterns, reducing downtime and repair costs. ● Led the project and developed the monetization strategy for the solution.

Educational background

Telecommunications Technician
Till 2020
MKS
Systems Analysis and Development
since 2024 - Till the present day
Estácio
Industrial Engineering
2009 - 2015
Federal University of Paraná

Languages

GermanElementarySpanishIntermediateEnglishAdvanced