Lead Security Engineer - Incidente Response

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow, and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

About the team

The Nubank Security Operations team actively seeks out potential security threats to protect both our customers and Nubankers. We respond swiftly to security incidents, conduct thorough investigations, and implement measures to mitigate risks. Our strong engineering capabilities allow us to reduce response times through automation and specialized micro-services.

Our Incident Response Team is focused on managing incidents and is constantly enhancing its skills and maturity. Additionally, the Nubank CSIRT is a proud member of the FIRST (Forum of Incident Response and Security Teams) community. For more information, see our FIRST membership details here.

You can find more about Nubank Infosec here: https://blog.nubank.com.br/infosec-nubank-protecao-dados/

 You will be responsible for

Nubank is experiencing hyper-growth in several dimensions: number of customers, products, international markets, and employees. We are seeking an Incident Responder Specialist who, together with the team, can relentlessly lead Security Operations pursuing and eradicating threats across complex environments. As an Incident Responder Specialist, you will be able to build and scale a healthy security operation team to tackle challenges from anomaly detection to incident response. Furthermore, you will be able to work to protect the applications powering one of the most sophisticated digital banking platforms ever built, and building solutions that enable faster and more effective security operation.

The Incident Responder Specialist will be responsible for:

• Investigate complex cases to understand the mechanisms of abuse and guide strategies to mitigate or detect the anomaly;
• Provide technical leadership and inspire the team to achieve high performance;
• Define and manage metrics that are used to make strategic decisions and evaluate the efficacy;
• Ensuring clear visibility into security operations;
• Alignment with stakeholders around the team’s vision, goals, and metrics;
• Analyze and interpret large datasets to enhance investigations, quantify trends, and support conclusions.
  
  

  We are looking for a person who

  Must-Have:

  • Passionate about incident response, with an innovative mindset and willingness to challenge the status quo;
  • 4+ years of experience as an Incident Response, specializing in investigation and mitigation within complex environments;
  • Experienced in leading major incident crises involving multiple stakeholders;
  • Strong teamwork and communication skills, both verbal and written, with the ability to effectively tailor messages for executive, technical, and non-technical audiences; 
  • Proficient in both understanding and speaking English;
  • Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies;
  • Ability to deal with multiple stack technologies including cloud environments;
  • Proficient in log analysis and conducting detailed, evidence-based investigations;
  • Fundamental skills in automation using SOAR, Python, and other programming languages.
  
  

  Nice to Have:

  • Knowledge in frameworks such as SIM3, FIRST Services Framework, Mitre ATT&CK, or NIST CSF;
  • CERT.BR (Carnegie Mellon - Incident Handler) or equivalent certifications in incident handling. 
  • Experience leading agile teams, being familiar with the most relevant ceremonies, metrics, and processes;
  • Participate in or lead Global Security operations with follow the sun approach.
  • Experience working with a team spanning multiple locations;
  • Experience in cloud environments, including incident response and management in cloud-based infrastructures.
  
  

  Role Location

  NWW

  Benefits

  • Health, dental, and life insurance
  • Meal allowance
  • Transportation assistance
  • 30 days of paid vacation
  • Equity at Nubank
  • Parking partnership - discounted parking in our office
  • Free bike parking with showers available
  • NuCare - Our mental health and wellness assistance program
  • NuLanguage - Our language learning program
  • Gympass partnership
  • Extended maternity and paternity Leaves  
  • Child care allowance
  • ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
  • Onsite Health Center - Medical support for every Nubanker in our office
  
  

  Diversity & Inclusion

  At Nu, we want to ensure that we are building a diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as key elements for our company, ensuring that none of them pose a barrier to recruiting talented individuals.