Lead Security Engineer - Certification

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

About the team

The Governance, Risk and Compliance (GRC) team enables Nubank to ensure compliance with legal, regulatory, and internal requirements, while continuously identifying, classifying, and monitoring risks, and providing strategic insights and performance evaluation to leadership.

 

GRC squad is responsible for collaborating with multidisciplinary teams to drive alignment between our technology security strategy and Nubank's overall objectives. We ensure that identified risks are mitigated, empowering risk-based decision-making by leadership both within and beyond the IT and Security Business Unit. 

 

As a Lead Security Engineer, you will: 

• Provide technical assistance to teams during security framework certification and recertification processes (e.g., ISO 27001, PCI-DSS).
• Identify gaps and improvement opportunities within the technical procedures required for certification.
• Develop and maintain strong partnerships with product and technical teams to facilitate the audit and assessment processes.
• Collaborate with technical teams to formulate action strategies, ensuring adherence to certification mandates and internal policies.
• Contribute to the development and refinement of policies, standards, and procedures to ensure alignment with compliance frameworks.
• Monitor action plan advancement and contribute to impact analysis of findings to identify root causes and ensure effective resolution.
• Prepare clear and concise audit reports around findings and action plans, and dashboards for management and relevant stakeholders.
• Work closely with Engineering, Product , IT, and other multidisciplinary and global teams to integrate compliance requirements into processes and systems.

 

We are looking for a professional who has: 

• Proven expertise in diverse cybersecurity domains and concepts such as PCI-DSS, ISO 27k family, NIST, and similar frameworks.
• Prior experience with security certification processes is highly desirable.
• Familiarity with designing and implementing compliance processes.
• Proficiency in project management and leading process improvement initiatives.
• Prior experience in internal controls, compliance, and audit support functions.
• Experienced in evaluating and implementing controls in cloud environments (e.g. AWS, GCP). 
• Excellent analytical skills with the ability to interpret complex data and translate findings into actionable insights.
• Proficiency in technical and risk assessment, with the ability to effectively communicate and collaborate with engineers, business process owners, auditors, and other stakeholders to translate complex technical concepts into actionable projects.
• Advanced English proficiency for both written and spoken communication.

Role Location

NWW  

Benefits

• Health, dental and life insurance
• Meal allowance
• Transportation assistance
• 30 days of paid vacation
• Equity at Nubank
• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• NuLanguage - Our language learning program
• Gympass partnership
• Extended maternity and paternity Leaves  
• Child care allowance
• ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
• Onsite Health Center - Medical support for every Nubanker in our office

Diversity & Inclusion

At Nubank, we want to be sure that we're building a more diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as enriching elements to our company while ensuring neither of them represent a barrier when recruiting fantastic talent.