Lead Security Engineer - Offensive Security

3 Weeks ago • All levels

Job Summary

Job Description

The Lead Security Engineer - Offensive Security role at Nubank involves proactively identifying and mitigating security threats through real-world attack simulations. The engineer will work closely with security engineers and product teams to implement secure development practices. Responsibilities include performing infrastructure, web, and mobile pentests, crafting and executing red team operations, vulnerability management, developing offensive security tools, and providing architectural reviews. The role aims to enhance Nubank's security posture and protect customers and assets from emerging threats.
Must have:
  • Offensive Security background with Red Team focus.
  • Experience with pentest phases.
  • Knowledge of attack vectors and exploitations.
  • Ability to reproduce APT group behavior.
  • Experience with security frameworks (e.g., OWASP).
  • Familiarity with AWS general concepts.
  • Ability to improve CI/CD pipelines and experience with SDLC.
  • Knowledge on Operating Systems, Networks, Databases and Infrastructure Architecture.
  • Experience with Threat Modeling.
  • Good computer science skills and concepts.
  • English language skills.
Good to have:
  • Active participation in CTF or Bug Bounty programs.
  • Experience with security assessment tools (e.g., Burp Suite, Nmap, Metasploit, SQLmap, Nessus, Censys, Shodan, and Frida.re)
Perks:
  • Health, dental and life insurance
  • Meal allowance
  • Transportation assistance
  • 30 days of paid vacation
  • Equity at Nubank
  • Parking partnership - discounted parking in our office
  • Free bike parking with showers available
  • NuCare - Our mental health and wellness assistance program
  • NuLanguage - Our language learning program
  • Gympass partnership
  • Extended maternity and paternity Leaves
  • Child care allowance
  • ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
  • Onsite Health Center - Medical support for every Nubanker in our office

Job Details

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

 

About the team

We are looking for curious, driven individuals passionate about enhancing security maturity through attack to join us as a Lead Security Engineer for our Offensive Security team.

At Nubank, our Offensive Security team plays a crucial role in proactively identifying and mitigating security threats before they can impact our customers, Nubankers, and financial assets. By simulating real-world attacks, we strengthen our security posture and continuously evolve our defense strategies to stay ahead of adversaries.

Your role will be key in helping teams across Nubank understand and collaborate with Offensive Security initiatives. You'll work closely with security engineers, product teams, and other stakeholders to educate, guide, and support them in implementing secure development practices, ensuring that security is embedded into our products and services from the ground up.

This is an exciting opportunity to play a pivotal role in enhancing Nubank's security maturity. You will be key in creating resources, providing guidance, and advocating for best practices to help teams proactively identify and address security risks, ultimately protecting our customers and the company from emerging threats.

As an Offensive Security Lead Engineer, you’re expected to:

  • Perform infrastructure, web, and mobile/API pentest;
  • Craft and execute red team operations;
  • Help with vulnerability management;
  • Code tools that assist with offensive security reviews;
  • Support operations to fix vulnerabilities and help development squads to understand security issues;
  • Assist in architectural / logical reviews of different softwares.

 

What are we looking for?

  • Offensive Security background, with a focus on Red Team activities;
  • Experience with different parts of a pentest, such as reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, etc;
  • Strong knowledge of recent and past attack vectors, as well as exploitations, and how to fix them;
  • Ability to reproduce behavior of Advanced Persistent Threat (APTs) groups;
  • Experience with security frameworks, such as OWASP;
  • Familiarity with AWS general concepts;
  • Ability to harden and improve CI/CD Pipelines as well as experience with SDLC;
  • General knowledge in all security scopes, as well as strong knowledge on Operating Systems, Networks, Databases and Infrastructure Architecture;
  • Experience with Threat Modeling;
  • Active participation in the CTF scene or Bug Bounty programs is a plus;
  • Experience with security assessment tools is also a plus, especially Burp Suite (e.g., for intercepting and modifying HTTP requests, automating attacks with Intruder, or analyzing application security). Familiarity with Nmap, Metasploit, SQLmap, Nessus, Censys, Shodan, and Frida.re is also valuable. More broadly, proficiency with any tool that aids in assessing and validating security is highly desirable.

 

We believe in good team chemistry, enthusiasm for building things, and our surprising capacity to learn new things when we stay humble and open-minded. Good computer science skills and concepts, as well as English language skills, are essential.

Role Location

Remote. 

Benefits

  • Health, dental and life insurance
  • Meal allowance
  • Transportation assistance
  • 30 days of paid vacation
  • Equity at Nubank
  • Parking partnership - discounted parking in our office
  • Free bike parking with showers available
  • NuCare - Our mental health and wellness assistance program
  • NuLanguage - Our language learning program
  • Gympass partnership
  • Extended maternity and paternity Leaves  
  • Child care allowance
  • ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
  • Onsite Health Center - Medical support for every Nubanker in our office






Diversity & Inclusion

At Nubank, we want to be sure that we're building a more diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as enriching elements to our company while ensuring neither of them represent a barrier when recruiting fantastic talent.



Similar Jobs

Zinnia - Deal Architect

Zinnia

Greenwich, Connecticut, United States (Hybrid)
3 Weeks ago
Haleon - RA Senior Manager

Haleon

Beijing, China (On-Site)
3 Weeks ago
Sleeper - Motion Graphic Designer (Mid-level)

Sleeper

Los Angeles, California, United States (Remote)
3 Months ago
Ettain Group - Ruby On Rails Developer

Ettain Group

Westlake, Texas, United States (On-Site)
10 Years ago
mighty koi - Senior Technical Artist

mighty koi

Warsaw, Masovian Voivodeship, Poland (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Lurkit - Campaign Strategy & Success Manager

Lurkit

Stockholm, Stockholm County, Sweden (Hybrid)
8 Months ago
Starschema - Customer Service Rep

Starschema

Clinton, Mississippi, United States (On-Site)
1 Month ago
London stock Exchange - Manager, Security Analytics

London stock Exchange

London, England, United Kingdom (Hybrid)
4 Weeks ago
Sporty Group - IN Manager Payment Operations

Sporty Group

Mumbai, Maharashtra, India (Remote)
1 Year ago
Forcepoint - Software Engineer II - Golang

Forcepoint

Thane, Maharashtra, India (On-Site)
4 Weeks ago
Riot Games - QA Engineer II - League of Legends, Cosmetics

Riot Games

Los Angeles, California, United States (On-Site)
2 Months ago
spin masters - Associate Counsel

spin masters

Toronto, Ontario, Canada (On-Site)
1 Month ago
NVIDIA - Senior Mechanical Manager

NVIDIA

Yokne'am Illit, North District, Israel (On-Site)
4 Months ago
Scopely - Director of Production, Marketing Technology

Scopely

Barcelona, Catalonia, Spain (Hybrid)
4 Months ago
Banyan Software - Senior Financial Analyst - DACH

Banyan Software

Munich, Bavaria, Germany (On-Site)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in State of São Paulo, Brazil

bytedance - Content Operations Manager (BR) - CapCut

bytedance

State Of São Paulo, Brazil (On-Site)
2 Months ago
OKX - Senior Audit Manager, FinCrime (LACC)

OKX

São Paulo, Brazil (On-Site)
1 Month ago
HCL Tech - AI Program Management

HCL Tech

Brazil (Remote)
1 Month ago
Epic Games - Senior Technical Animator

Epic Games

Porto Alegre, State Of Rio Grande Do Sul, Brazil (On-Site)
2 Months ago
ARVORE Immersive Experiences - Lead 3D Artist

ARVORE Immersive Experiences

São Paulo, State Of São Paulo, Brazil (Remote)
2 Months ago
WebTech Corporation - Assembler I

WebTech Corporation

State Of Minas Gerais, Brazil (On-Site)
3 Weeks ago
Sporty Group - IT Engineer- LatAm

Sporty Group

Brazil (On-Site)
7 Months ago
Wildlife Studios - Data Scientist

Wildlife Studios

São Paulo, Brazil (On-Site)
1 Month ago
PayPal - Analyst, Compliance Investigations

PayPal

State Of São Paulo, Brazil (Hybrid)
4 Weeks ago
FICO - Analytic Science — Lead Scientist

FICO

State Of São Paulo, Brazil (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Nubank was born in 2013 with the mission to fight against the complexity of the financial market to help our customers regain control of their financial lives. We have spent 11 years dedicated to bringing very simple ideas to places no one has ever taken them. For us, past success does not guarantee the future, which is why every day is “Day 1.” Being part of Nubank is embarking on a long-term journey where we know each challenge sparks creativity and innovation, where obstacles become opportunities to go a little further. Recently, we reached the milestone of 100 million customers globally, a significant achievement in our journey, but we know it wasn’t just the customers who chose us. We have over 8,000 Nubankers who choose to work with us daily.

State Of São Paulo, Brazil (On-Site)

Montevideo, Montevideo Department, Uruguay (On-Site)

Mexico City, Mexico (On-Site)

Mexico City, Mexico (Hybrid)

State Of São Paulo, Brazil (On-Site)

State Of São Paulo, Brazil (On-Site)

State Of São Paulo, Brazil (On-Site)

State Of São Paulo, Brazil (On-Site)

State Of São Paulo, Brazil (On-Site)

State Of São Paulo, Brazil (Hybrid)

View All Jobs

Get notified when new jobs are added by nubank

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug