Lead Security Engineer - Okta/IAM Specialist

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in São Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

About the Role

We are seeking a Lead Security Engineer with deep expertise in Identity & Access Management (IAM), specialized in Okta (or similar platforms), to lead strategic initiatives in authentication, authorization, and large-scale identity integrations. This individual will operate with high autonomy, drive complex cross-functional projects, and establish standards that elevate our security posture across the organization.

This role is critical to strengthening the identity and access foundation in a fast-scaling environment. We are looking for a security engineer who combines deep technical expertise, strategic thinking, organizational influence, hands on execution and result delivery, acting as a reference point for IAM and Okta across the company.

Responsibilities

• Design, develop and evolve IAM platforms using Okta, including authentication (OIDC, OAuth2, SAML, SCIM), authorization, and identity lifecycle management.
• Lead complex integrations between Okta and internal/external systems, ensuring security, scalability, and reliability.
• Own and drive/ execute security roadmaps and initiatives, working independently while collaborating with multiple business and engineering teams.
• Conduct threat modeling, risk assessments, and architecture reviews, delivering innovative solutions that reduce risk and enable business growth.
• Mentor engineers and cross-functional squads, influencing strategic decisions and advancing IAM maturity.
• Participate in critical identity and access incident response, lead RCA, and implement long-term preventive controls.
• Data driven mindset to measure outcome and drive down security risks.
• Automation and Artificial Intelligence mindset applied to IAM.
• Audit Automation: Automate evidence collection and reporting for all access reviews and audit cycles.
• Cloud Identity Posture: Drive the strategy and implementation of Identity and Access Management within public cloud environments (e.g., AWS IAM and Google Cloud IAM), focusing on least-privilege access for cloud resources.
• Deliver medium-to-long-term security mechanisms that shape the organization’s identity and access management strategy.
• Set organizational standards in IAM, influencing engineering, product, and compliance teams.
• Actively contribute to task forces and strategic decision-making, driving functional growth and transformation.

Required Skills and Expertise

• Strong proficiency with Okta (Workforce): policies, workflows, provisioning, APIs, and custom integrations.
• Advanced knowledge of Identity & Access Management: OIDC, OAuth2, SAML, SWA, SCIM, JIT Provisioning.
• Solid background in Security Engineering: protocols, cryptography, access control, threat modeling, complete mediation, open-design, least privilege, authentication, authorization.
• Experience integrating Okta with microservices, APIs, CI/CD platforms, directories (AD/LDAP), and SaaS applications.
• Proficiency in scripting or programming languages such as Python, Go, or Node.js for automation and integration.
• Cloud Security Expertise: Proven experience with native IAM services and security best practices for at least one major cloud provider (AWS or GCP).
• Understanding of IGA (Identity Governance and Administration) / PAM (Privileged Access Management) concepts.
• Proven ability to lead and govern complex projects autonomously, managing ambiguity and multiple stakeholders.
• Strong communication and influence, able to translate technical risk into product and business decisions.
• High ownership mindset, setting long-term vision and enabling others through guidance and standards.
• English
  

Role Location

NWW

Benefits

• Health, dental and life insurance
• Meal allowance
• Transportation assistance
• 30 days of paid vacation
• Equity at Nubank
• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• NuLanguage - Our language learning program
• Gympass partnership
• Extended maternity and paternity Leaves  
• Child care allowance
• ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
• Onsite Health Center - Medical support for every Nubanker in our office

Diversity & Inclusion

At Nubank, we are committed to building a diverse and inclusive workplace. We believe that variety in perspectives, backgrounds, and experiences enriches our company. We accommodate employees and applicants with different backgrounds and embrace equality in hiring.