Technical Lead Security Engineer, Risk & Compliance na Nubank

Brazil, Sao Paulo

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world. Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

Requirements

Experience

Experience with large-scale distributed environments
Analysis of existing business processes and identify potential risks related to information security
Experience with risk analysis techniques like risk identification, assessment and prioritization and qualitative and quantitative risk assessment techniques is needed
Advanced understanding of cybersecurity principles, risk management frameworks (such as NIST, Cybersecurity Framework, NIST SP 800-30, FAIR, ISO 27001, ISO 27002, ISO 27005, ISO 31000 or COSO)
Demonstrated expertise in regulatory frameworks applicable to information security and cyber risk management in the financial sector across Brazil, Mexico, and Colombia
Ability to map and interpret cross-country requirements, translate them into actionable controls, and advise on compliance strategies in a fast-paced, tech-driven financial environment essential
Proven experience in designing and implementing security controls
Familiarity with different domains and concepts of cyber security
Strong inclination towards data-driven decision-making

Skills

cybersecurity
cloud and application security
evaluate and identify cyber risks
managing a team or acting in a leadership role
champion for other individual contributors
three lines of defense in IT security risk management
communicate and implement company methodologies to various teams
cloud security and infrastructure
cybersecurity principles
risk management frameworks
risk analysis techniques for both qualitative and quantitative assessments
cross-functional and global teams
translate business requirements into technical specifications
advise on compliance strategies

Responsibilities

Assess security gaps within the organization, in different technologies and business contexts, enabling risk treatment and designing action plans as necessary
Develop and implement policies and procedures related to information security and risk management
Support compliance with regulatory requirements related to security and privacy providing visibility and technical guidance on strategies for compliance and possible trade-offs based on risk
Collaborate with cross-functional teams to understand the business requirements, and translate them into technical specifications
Define guidelines and best practices on risk management and business security matters that empower Nubankers to perform their work efficiently and securely
Work in a multidisciplinary and global team, interacting with teams mainly in Brazil, Mexico, and Colombia

Technologies

cloudapplication security

Descubra se seu currículo está pronto para esta vaga

Veja como nossa IA pode otimizar seu currículo e aumentar suas chances de conseguir esta posição.