Security Engineer

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic slow and inefficient financial system. Since then through innovative technology and outstanding customer service the company has been redefining peoples relationships with money across Latin America. With operations in Brazil Mexico and Colombia Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today Nubank is a global company with offices in São Paulo (Brazil) Mexico City (Mexico) Bogotá (Colombia) Durham (United States) and Berlin (Germany). It was founded in 2013 in São Paulo by Colombian David Vélez and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information visit.

About the Role

We are looking for a Security Engineer to lead the architecture and automation of our global security this role you will drive the strategy for endpoint and network defense across on-premises and multi-cloud environments (AWS GCP Azure) operating with high autonomy to solve complex undefined security challenges. You will be responsible for building tailor-made solutions and establishing the standards that protect a platform impacting millions of lives.

As a technical leader you will bridge the gap between deep execution and organizational influence. You will lead cross-functional initiatives mentor engineering teams and advise on long-term security investments and roadmaps. We need a defensive security expert who combines strong technical reasoning with the ability to reduce complexity guide technical debates and deliver high-scale results in a fast-scaling customer-obsessed environment.

Responsibilities

• Design implement and support multicountry security solutions for onpremises and cloud infrastructures (endpoint and network) including defining and developing automation to enable largescale deployments and operation;
• Develop and maintain security policies and documentation for new endpoint and network technologies contributing to highlevel documentation for nonengineers and detailed technical documentation for engineering teams;
• Ensure secure configuration and management of endpoints network systems and security applications using appropriate security platforms tools and operatingsystemspecific controls;
• Support risk assessments related to endpoints networks and information protection helping identify and mitigate security exposures;
• Support security reviews and audits assisting internal audit teams with endpoint and network security issues and compliance activities and participating actively in discussions;
• Support to respond to cyber threats incidents and anomalies affecting endpoints and networks anticipating technical issues at the enterprise and platform level and making architectural and design decisions to prevent them;
• Evaluate buildvsbuy alternatives under general direction articulating tradeoffs between technical analytical and platform needs efficiency vs. thoroughness and the impact on technical debt.

Required Skills and Expertise

• Strong understanding of operating systems (Windows macOS Linux) and core security protocols including authentication authorization and cryptographic principles;
• Knowledge of network technologies including routing switching network security protocols and cloud networking (AWS GCP Azure);
• Knowledge of applicationlayer technologies business continuity disaster recovery (DRP) and secure system design;
• Experience with research analysis and datavisualization tools as well as identity and access management security operations and security analytics;
• Experience with automation and programming languages (e.g. Python and Go) including the ability to develop scripts tools and system integrations.
• Technical expertise with cloud and onpremises infrastructures including secure architecture deployment and operations;
• Experience in major incident management and security incident response across endpoints networks and cloud environments;
• Experience in listening and guiding technical debates to help reach a consensus;
• Ability to conduct indepth analysis of computer networks and systems to identify vulnerabilities misconfigurations and security gaps;
• Ability to conduct an in-depth analysis of computer networks and identify any vulnerabilities or gaps in the system;
• Awareness of the latest attack techniques threat actor behaviors and methods used to compromise systems and networks;
• Strong soft skills including effective communication with technical and nontechnical stakeholders the ability to guide technical debates and fast informed decisionmaking during critical events.

Role Location

São Paulo - SP Campinas - SP Rio de Janeiro - RJ or Belo Horizonte - MG.

Benefits

• Health dental and life insurance
• Meal allowance
• Transportation assistance
• 30 days of paid vacation
• Equity at Nubank
• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• NuLanguage - Our language learning program
• Gympass partnership
• Extended maternity and paternity Leaves
• Child care allowance
• Espaço Feijão- Private nursing and breastfeeding spaces in our buildings
• Onsite Health Center - Medical support for every Nubanker in our office

Diversity & Inclusion

At Nubank we are committed to building a diverse and inclusive workplace. We believe that variety in perspectives backgrounds and experiences enriches our company. We accommodate employees and applicants with different backgrounds and embrace equality in hiring.