Sr Security Engineer - Colombia

Nubank

Nubank

Bogotá, Bogota, Colombia
Posted on Sunday, May 5, 2024

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationship with money across Latin America. With operations in Brazil, Mexico and Colombia, Nubank is today the largest digital banking platform in the world and one of the leading technology companies in the world, reinventing over 60 million customers' financial lives.

Nubank achieved this by offering a no-fee credit card, entirely managed by a mobile app, and a digital account, free of taxes. Nubank also offers transparent and hassle-free personal loans, a business account tailored for SMBs, and life insurance. In 2020, Nubank acquired digital broker Easynvest, now called Nu invest, and became the leader in self-directed digital investments in Brazil.

Throughout the years, Nubank raised around US$2 billion with some of the best-known growth and technology investors in the world, such as Berkshire Hathaway, Sequoia, DST, Tencent, Tiger, Kaszek, Founders Fund, Dragoneer, TCV, Redpoint, Ribbit, GIC, Whale Rock, Invesco, QED, and Capital Group.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States) and Berlin (Germany). Nubank was founded in São Paulo by Colombian David Vélez, and co founded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

You will fit well if you:

  • You thrive in dynamic, fast-paced, results-oriented and diverse teams
  • You are hungry and enjoy being constantly challenged to learn and do more
  • You embrace conflict of ideas and like to question the status quo
  • You learn fast and easily adapt to changing situations and priorities
  • You believe in building great products and doing your best work
  • You are enthusiastic for finding root causes, build things from scratch and deliver solutions
  • You want to understand the big picture, to be held accountable and make a meaningful contribution with your work

Our challenges:

Technology is not a sector of our business: it's intrinsic to every area at Nubank. We encourage everyone to challenge the status quo. There's no "innovation team" - we hire innovative people for all our positions and encourage them to constantly question decisions to keep finding better ways to do something. Our business is experiencing hyper growth in several dimensions: number of customers, products, international markets and employees., and our engineering team must match that demand.

As we grow, we need to:Relentlessly pursue, indicate and contribute to eradicate threats across complex environments. Report and help solving incidents at scaleWork in regulated environments aligning with all the requirementsCommunicate clearly with external and internal stakeholders such as regulators, managers, etc.., Build solutions that enable faster and more effective incident response.

The Role will be responsible for:


Create strong relationships with diverse teams, by coordinating communication between different audiences, teams and stakeholders in english and spanish.Assess security gaps within the organization, in different technologies and business contexts, enabling risk treatment and designing technical action plans as necessary
Support compliance with regulatory requirements related to cybersecurity providing visibility and technical guidance on strategies for compliance and possible trade-offs based on risk
Working across different technical teams supporting and leading the solution of incidents, issues, regulatory requirements, understanding root cause and improving our security posture by implementing controls and defenses.

  • Develop and implement policies and procedures related to information security, physical security, fraud prevention, and cyber risk management
  • Collaborate with cross-functional teams to understand the business requirements, and translate them into technical specifications and vice-versa
  • Define guidelines and best practices on business security matters that empower Nubankers to perform their work efficiently and securely
  • Support other security engineers, motivating and creating continuous learning in a collaborative environment.

What we are looking for:

Experience in Information & Business Security, Privacy, Risk Management and IT Governance disciplines
An ability to thrive in engineering environments, interacting with technical teams and being able to jump into technical conversations at least with a theoretical knowledge.Practical knowledge of cloud infrastructure (private or public), microservices and distributed environments.Implementing Technical Controls based upon industry best practices but also challenging the status quo of current security frameworks.Experience working in regulated institutions and environments, interacting with external and internal stakeholders.Knowledge in ISO, PCI, NIST, Mitre ATT&CK and/or CSF frameworks.Experience with Colombian regulation in special the one related to information security requirements for financial institutions

  • Proven strong experience in assessing, designing and implementing security controls
  • Strong inclination towards data-driven decision-making
  • Familiarity with different domains and concepts of cyber and business security, including cybersecurity frameworks and industry standards
  • Excellent communication and problem-solving skills are important to effectively assess and communicate risks to internal stakeholders


Strong level of technical understanding, being able to take part in security discussions with Engineers and translate complex, technical projects and concepts for non-engineers and Business Executives
Proficiency in English and Spanish.


Preferred Qualifications

IT/Security operational background in regulated organizations Infosec Engineering with technical hands on experienceExperience collaborating in global projects, with distributed Information security teams.Experience or exposure to SFC auditsExperience leading certifications for ISO or PCI for a regulated institution in ColombiaInterest in working with regulators at a technical and business level. Natural interest in security operations, coordinating actions with several stakeholders and teams like incident response, defensive security, etc.. in large projectsExperience with tools for ticketing, whiteboarding, collaboration dashboarding, and google docs or similar tools for building documentation.

Benefits

  • Equity at Nubank
  • Health and life insurance
  • 15 days of paid vacation with 25% vacation bonus
  • NuCare - Our mental health and wellness assistance program
  • NuLanguage - Our language learning program
  • Extended maternity and paternity leaves

Diversity & Inclusion

At Nubank, we want to be sure that we're building a more diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as enriching elements to our company while ensuring neither of them represent a barrier when recruiting fantastic talent.