Lead Security Engineer Brazil, Sao Paulo

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationship with money across Latin America. With operations in Brazil, Mexico and Colombia, Nubank is today the largest digital banking platform in the world and one of the leading technology companies in the world, reinventing over 60 million customers' financial lives.

Nubank achieved this by offering a no-fee credit card, entirely managed by a mobile app, and a digital account, free of taxes. Nubank also offers transparent and hassle-free personal loans, a business account tailored for SMBs, and life insurance. In 2020, Nubank acquired digital broker Easynvest, now called Nu invest, and became the leader in self-directed digital investments in Brazil.

Throughout the years, Nubank raised around US$2 billion with some of the best-known growth and technology investors in the world, such as Berkshire Hathaway, Sequoia, DST, Tencent, Tiger, Kaszek, Founders Fund, Dragoneer, TCV, Redpoint, Ribbit, GIC, Whale Rock, Invesco, QED, and Capital Group.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States) and Berlin (Germany). Nubank was founded in São Paulo by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

1. Lead Security Control Development: Drive the end-to-end lifecycle (creation, implementation, and ongoing support) of robust security controls for corporate endpoints, on-premises production servers, and cloud-based production servers.
2. Network Security Expertise: Design, implement, and maintain advanced security controls specifically tailored for our on-premises network environments.
3. Architectural Guidance: Serve as a subject matter expert in security architectures, providing insights and direction for complex system designs to ensure security is embedded from the ground up.
4. Metrics & Reporting: Define, track, and analyze key operational and tactical security metrics to assess the effectiveness of controls and identify areas for improvement.
5. Regulatory Compliance Support: Translate complex regulatory requirements into actionable security controls and provide expert support during audits and compliance initiatives.
6. Technical Leadership: Provide strong technical leadership within the team, guiding design discussions, reviewing implementations, and ensuring high-quality, scalable security solutions.
7. Mentorship & Development: Actively mentor and develop junior security engineers, fostering their technical growth and contributing to a culture of continuous learning and excellence.
8. Incident Response & Remediation: Collaborate with incident response teams to rapidly address security incidents related to your areas of responsibility, driving root cause analysis and implementing preventative measures.

1. Extensive Experience: Proven track record in cybersecurity engineering, with a strong focus on infrastructure security.
2. Deep Technical Knowledge: Expert-level understanding and hands-on experience with security controls for:
3. Corporate Endpoints: EDR/XDR solutions, vulnerability management, host-based firewalls, device control.
4. Server Security: Hardening, patch management, access control, logging, and monitoring for Linux/Windows servers in both on-premises and cloud (AWS, Azure, GCP) environments.
5. Cloud Security Proficiency: Strong understanding of cloud security best practices, services, and architectures (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center).
6. Architectural Acumen: Ability to analyze complex system architectures, identify security gaps, and propose effective solutions.
7. Metrics-Driven Mindset: Experience defining, collecting, and analyzing security metrics to measure control effectiveness and influence strategy.
8. Regulatory Knowledge: Familiarity with relevant industry regulations and standards (e.g., PCI DSS, ISO 27001, SOC 2, NIST).
9. Leadership & Mentorship: Demonstrated experience in technical leadership, guiding projects, and mentoring less experienced engineers.
10. Problem-Solving Skills: Excellent analytical and problem-solving abilities, with a methodical approach to complex security challenges.
11. Communication: Exceptional communication skills, capable of articulating complex technical concepts to both technical and non-technical audiences.
12. Proactive & Ownership Mindset: A strong sense of ownership, driving initiatives from conception to completion with a proactive approach to security.

Experience building scripts or with any programming language

Understanding of infrastructure monitoring tools like Kibana or Prometheus

Experience with tools for ticketing, whiteboarding, collaboration dashboarding, and Google Docs suites.

Natural interest in security operations, coordinating actions with several stakeholders and teams like incident response, defensive security, etc.. in large projects

Experience collaborating in global projects, with distributed infosec teams.

• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• Gympass/Wellhub partnership
• Extended maternity and paternity Leaves
• Child care allowance
• Onsite Health Center - Medical support for every Nubanker in our office

At Nubank, we want to ensure that we are building a diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as key elements for our company, ensuring that none of them pose a barrier to recruiting talented individuals.

*

indicates a required field

First Name *

Last Name *

Preferred First Name

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

LinkedIn Profile

Website

Select...

Do you have a proven track record in cybersecurity engineering with a strong focus on infrastructure security? Select...

Do you have expert-level understanding and hands-on experience with security controls for corporate endpoints, such as EDR/XDR solutions, vulnerability management, host-based firewalls, and device control? * Select...

Are you experienced in server security, including hardening, patch management, access control, logging, and monitoring for Linux/Windows servers in both on-premises and cloud environments like AWS, Azure, and GCP? * Select...

Do you have knowledge of network security, including firewalls, IDS/IPS, network segmentation, VPNs, and zero-trust principles? * Select...

Do you have a strong understanding of cloud security best practices, services, and architectures, such as AWS Security Hub, Azure Security Center, and GCP Security Command Center? * Select...

Are you familiar with relevant industry regulations and standards, such as PCI DSS, ISO 27001, SOC 2, and NIST? * Select...