Mid Infrastructure Engineer

Clara is the leading spend management platform for companies in Latin America. Our end-to-end solution includes locally-issued corporate cards, bill pay, and our highly-rated software platform; already being used by thousands of the most successful companies across the region.

Clara is backed by top investors and strategics including Accial Capital, Canary, Citi Ventures, Coatue, DST Global, General Catalyst, Goldman Sachs, ICONIQ Growth, Kaszek, Monashees, and Notable Capital, as well as prominent angel investors.

Disclaimer: This role is open to all candidates across LATAM, not just posting location.

Job Summary

We are looking for a highly skilled Security engineer, responsible for proactively securing our infrastructure and defending against cyber threats. This role requires a security expert who is always one step ahead of attackers—someone who can prevent, detect, mitigate, and neutralize threats in real time.

As the lead security engineer, you will actively monitor incoming attacks, develop mitigation strategies, build security plans for potential threats, and conduct continuous offensive security testing on our infrastructure. You will also run an in-house Security Operations Center (SOC), ensure compliance with security audits and certifications, and perform continuous scanning and vulnerability assessment on our systems.

Key Responsibilities

• Continuously monitor systems for active threats, unauthorized access, and potential vulnerabilities.
• Actively respond to and mitigate security incidents in real-time.
• Develop and refine playbooks for various attack scenarios and their mitigation.
• Perform continuous penetration testing and active scanning of internal infrastructure, networks, and services.
• Identify security weaknesses before attackers do and recommend security hardening strategies.
• Run an in-house SOC focused on active defense, logging, and real-time monitoring.
• Leverage threat intelligence feeds and develop in-house intelligence to stay ahead of attack trends.
• Develop tools and techniques for anomaly detection and automated incident response.
• Design, implement, and maintain zero-trust security models across cloud and on-prem infrastructure.
• Work closely with DevOps and infrastructure teams to ensure secure CI/CD pipelines and secure cloud deployments.
• Maintain compliance documentation, conduct internal security audits, and ensure security measures align with business objectives.
• Work with legal and compliance teams to ensure adherence to privacy laws.
• Run internal red team exercises and simulate real-world cyberattacks against the company’s infrastructure.

Requirements & Qualifications

• 5+ years of experience in cybersecurity, infrastructure security, or offensive security (red teaming, pentesting, or SOC leadership).
• Experience with offensive security tools.
• Proficiency in SIEM tools (Splunk, ELK Stack, Wazuh, etc.) and log analysis.
• Strong understanding of cloud security (AWS) and container security (Kubernetes, Openshift).
• Knowledge of compliance frameworks (ISO 27001, PCI-DSS, NIST, GDPR, etc.).
• Scripting and automation skills.
• Experience with forensic analysis and threat hunting methodologies.

Nice-to-Have

• OSCP, CISSP, CEH, or similar security certifications.
• Knowledge of reverse engineering and malware analysis.
• Experience working in the banking or fintech industries
• Experience in secure software development lifecycle (SSDLC).

We value

We are

What We offer