Lead Security Engineer

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationship with money across Latin America. With operations in Brazil, Mexico and Colombia, Nubank is today the largest digital banking platform in the world  and one of the leading technology companies in the world, reinventing over 60 million customers' financial lives.

Nubank achieved this by offering a no-fee credit card, entirely managed by a mobile app, and a digital account, free of taxes. Nubank also offers transparent and hassle-free personal loans, a business account tailored for SMBs, and life insurance. In 2020, Nubank acquired digital broker Easynvest, now called Nu invest, and became the leader in self-directed digital investments in Brazil. 

Throughout the years, Nubank raised around US$2 billion with some of the best-known growth and technology investors in the world, such as Berkshire Hathaway, Sequoia, DST, Tencent, Tiger, Kaszek, Founders Fund, Dragoneer, TCV, Redpoint, Ribbit, GIC, Whale Rock, Invesco, QED, and Capital Group.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States) and Berlin (Germany). Nubank was founded in São Paulo by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

The Lead Security Engineer will be responsible for:

• Lead Security Control Development: Drive the end-to-end lifecycle (creation, implementation, and ongoing support) of robust security controls for corporate endpoints, on-premises production servers, and cloud-based production servers.
• Network Security Expertise: Design, implement, and maintain advanced security controls specifically tailored for our on-premises network environments.
• Architectural Guidance: Serve as a subject matter expert in security architectures, providing insights and direction for complex system designs to ensure security is embedded from the ground up.
• Metrics & Reporting: Define, track, and analyze key operational and tactical security metrics to assess the effectiveness of controls and identify areas for improvement.
• Regulatory Compliance Support: Translate complex regulatory requirements into actionable security controls and provide expert support during audits and compliance initiatives.
• Technical Leadership: Provide strong technical leadership within the team, guiding design discussions, reviewing implementations, and ensuring high-quality, scalable security solutions.
• Mentorship & Development: Actively mentor and develop junior security engineers, fostering their technical growth and contributing to a culture of continuous learning and excellence.
• Incident Response & Remediation: Collaborate with incident response teams to rapidly address security incidents related to your areas of responsibility, driving root cause analysis and implementing preventative measures.

What we are looking for:

• Extensive Experience: Proven track record in cybersecurity engineering, with a strong focus on infrastructure security.
• Deep Technical Knowledge: Expert-level understanding and hands-on experience with security controls for:
• Corporate Endpoints: EDR/XDR solutions, vulnerability management, host-based firewalls, device control.
• Server Security: Hardening, patch management, access control, logging, and monitoring for Linux/Windows servers in both on-premises and cloud (AWS, Azure, GCP) environments.
• Network Security: Firewalls, IDS/IPS, network segmentation, VPNs, zero-trust principles.
• Cloud Security Proficiency: Strong understanding of cloud security best practices, services, and architectures (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center).
• Architectural Acumen: Ability to analyze complex system architectures, identify security gaps, and propose effective solutions.
• Metrics-Driven Mindset: Experience defining, collecting, and analyzing security metrics to measure control effectiveness and influence strategy.
• Regulatory Knowledge: Familiarity with relevant industry regulations and standards (e.g., PCI DSS, ISO 27001, SOC 2, NIST).
• Leadership & Mentorship: Demonstrated experience in technical leadership, guiding projects, and mentoring less experienced engineers.
• Problem-Solving Skills: Excellent analytical and problem-solving abilities, with a methodical approach to complex security challenges.
• Communication: Exceptional communication skills, capable of articulating complex technical concepts to both technical and non-technical audiences.
• Proactive & Ownership Mindset: A strong sense of ownership, driving initiatives from conception to completion with a proactive approach to security.

Preferred Qualifications

Experience building scripts or with any programming language Understanding of infrastructure monitoring tools like Kibana or Prometheus Experience with tools for ticketing, whiteboarding, collaboration dashboarding, and Google Docs suites.Natural interest in security operations, coordinating actions with several stakeholders and teams like incident response, defensive security, etc..  in large projectsExperience collaborating in global projects, with distributed infosec teams.

Role location

NWW 

Benefits

• Health, dental, and life insurance
• Meal allowance
• Transportation assistance
• 30 days of paid vacation
• Equity at Nubank
• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• NuLanguage - Our language learning program
• Gympass/Wellhub partnership
• Extended maternity and paternity Leaves  
• Child care allowance
• “Espaço Feijão” - Private nursing and breastfeeding spaces in our buildings
• Onsite Health Center - Medical support for every Nubanker in our office

Diversity & Inclusion

At Nubank, we want to ensure that we are building a diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as key elements for our company, ensuring that none of them pose a barrier to recruiting talented individuals.