Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world. Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.
Technical Lead Security Engineer, Risk & Compliance at Nubank
Brazil, Sao Paulo
0
Requirements
Experience
- Experience with large-scale distributed environments
- Analysis of existing business processes and identify potential risks related to information security
- Experience with risk analysis techniques like risk identification, assessment and prioritization and qualitative and quantitative risk assessment techniques is needed
- Advanced understanding of cybersecurity principles, risk management frameworks (such as NIST, Cybersecurity Framework, NIST SP 800-30, FAIR, ISO 27001, ISO 27002, ISO 27005, ISO 31000 or COSO)
- Demonstrated expertise in regulatory frameworks applicable to information security and cyber risk management in the financial sector across Brazil, Mexico, and Colombia
- Ability to map and interpret cross-country requirements, translate them into actionable controls, and advise on compliance strategies in a fast-paced, tech-driven financial environment essential
- Proven experience in designing and implementing security controls
- Familiarity with different domains and concepts of cyber security
- Strong inclination towards data-driven decision-making
Skills
- cybersecurity
- cloud and application security
- evaluate and identify cyber risks
- managing a team or acting in a leadership role
- champion for other individual contributors
- three lines of defense in IT security risk management
- communicate and implement company methodologies to various teams
- cloud security and infrastructure
- cybersecurity principles
- risk management frameworks
- risk analysis techniques for both qualitative and quantitative assessments
- cross-functional and global teams
- translate business requirements into technical specifications
- advise on compliance strategies
Responsibilities
- Assess security gaps within the organization, in different technologies and business contexts, enabling risk treatment and designing action plans as necessary
- Develop and implement policies and procedures related to information security and risk management
- Support compliance with regulatory requirements related to security and privacy providing visibility and technical guidance on strategies for compliance and possible trade-offs based on risk
- Collaborate with cross-functional teams to understand the business requirements, and translate them into technical specifications
- Define guidelines and best practices on risk management and business security matters that empower Nubankers to perform their work efficiently and securely
- Work in a multidisciplinary and global team, interacting with teams mainly in Brazil, Mexico, and Colombia
Technologies
cloudapplication security
See if your resume is ready for this job
See how our AI can optimize your resume and improve your chances for this role.