Senior Defensive Security Engineer

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

About the team

Device Security: Our team is focused on device security, particularly endpoint security. Our goal is to enhance the security and management capabilities of our device management product. We aim to facilitate the smooth integration of devices into our existing device management framework, ensuring they are secure and managed from day one. Additionally, we are strengthening our workstation security capabilities to better protect against evolving threats. We streamline the device onboarding process to ensure consistent security standards and improve our ability to proactively identify and address vulnerabilities across our device ecosystem, aligning our device management strategy with Nubank's.

The Device Security Team specializes in:

Security Standardization: Maintaining consistent security standards across all workstations is crucial as we integrate new entities and their devices into our ecosystem.

Risk Management: Identifying and mitigating potential security risks associated with diverse device environments.

Vulnerability Management for Workstations: Proactively addressing vulnerabilities on workstations to protect against threats and maintain compliance with security policies.

Automation: Automating security processes and operational KTLOs and developing code-based solutions to improve the user experience, aligning expectations between security and ease of use for our end users.

As an Senior  Security Engineer, you’re expected to:

• Design, implement, and support multi-country security solutions and processes for on-premises and cloud infrastructures, defining and developing automation to enable large-scale deployments and operations;
• Support the policies and documentation developing on security best practices for new endpoint technologies, contributing to technical documentation targeted for non-engineers, so they can understand what the system does at a high level. Also contributes to lower-level documentation targeted for engineers as a result of whiteboards and other technical discussions;
• Ensure endpoints, system security applications, and services in the environment are securely configured and managed through operating system-appropriate security platforms and tools;
• Supporting for assessing company risk as it relates to endpoints and protection of information;
• Support security reviews and audits to help the internal audit team with endpoint security issues and compliance activities, participating actively in discussions;
• Support to respond to endpoint cyber threats, incidents, and anomalies, anticipating technical issues at the enterprise function and platform level and making architectural and design decisions to avoid them;
• Evaluate build vs buy system alternatives under general direction, understanding and articulating the tradeoffs between technical, analytical, and platform needs, efficiency vs. thoroughness, adding vs. reducing technical debt, etc.

What are we looking for?

• Strong understanding of operation systems (Windows, macOS, and Linux), and security protocols, including authentication and authorization;
• Knowledge of application layer technologies, network security, BCP, DRP, and cryptography;
• Experience with research, analysis, and visualization data tools, identity/access management, security operations, and analytics;
• Technical expertise with cloud environment (AWS, GCP, Azure) and on-premise technologies;
• Experience with automation languages (preferably Python);
• Experience in major incident management and security incident response;
• Experience in listening and guiding technical debates to help reach a consensus;
• Soft skills, including effective communication with team members and senior management;
• Ability to conduct an in-depth analysis of computer networks and identify any vulnerabilities or gaps in the system;
• Quick decision-making to ensure faster recovery in case of a security event, helping in the quick-fixing of flaws;
• Awareness of the latest methods used by hackers and malicious elements to break into systems.
• Advanced english 

We believe in good team chemistry, enthusiasm for building things, and our surprising capacity to learn new things when we stay humble and open-minded. Good computer science skills and concepts, as well as English language skills, are essential.

Role Location

NWW 

Benefits

• Health, dental and life insurance
• Meal allowance
• Transportation assistance
• 30 days of paid vacation
• Equity at Nubank
• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• NuLanguage - Our language learning program
• Gympass partnership
• Extended maternity and paternity Leaves  
• Child care allowance
• ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
• Onsite Health Center - Medical support for every Nubanker in our office

Diversity & Inclusion

At Nubank, we want to be sure that we're building a more diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as enriching elements to our company while ensuring neither of them represent a barrier when recruiting fantastic talent.