About Nubank
Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.
Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.
About the team
We are looking for curious, driven individuals passionate about enhancing security maturity through attack to join us as a Lead Security Engineer for our Offensive Security team.
At Nubank, our Offensive Security team plays a crucial role in proactively identifying and mitigating security threats before they can impact our customers, Nubankers, and financial assets. By simulating real-world attacks, we strengthen our security posture and continuously evolve our defense strategies to stay ahead of adversaries.
Your role will be key in helping teams across Nubank understand and collaborate with Offensive Security initiatives. You'll work closely with security engineers, product teams, and other stakeholders to educate, guide, and support them in implementing secure development practices, ensuring that security is embedded into our products and services from the ground up.
This is an exciting opportunity to play a pivotal role in enhancing Nubank's security maturity. You will be key in creating resources, providing guidance, and advocating for best practices to help teams proactively identify and address security risks, ultimately protecting our customers and the company from emerging threats.
As an Offensive Security Lead Engineer, you’re expected to:
- Perform infrastructure, web, and mobile/API pentest;
- Craft and execute red team operations;
- Help with vulnerability management;
- Code tools that assist with offensive security reviews;
- Support operations to fix vulnerabilities and help development squads to understand security issues;
- Assist in architectural / logical reviews of different softwares.
What are we looking for?
- Offensive Security background, with a focus on Red Team activities;
- Experience with different parts of a pentest, such as reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, etc;
- Strong knowledge of recent and past attack vectors, as well as exploitations, and how to fix them;
- Ability to reproduce behavior of Advanced Persistent Threat (APTs) groups;
- Experience with security frameworks, such as OWASP;
- Familiarity with AWS general concepts;
- Ability to harden and improve CI/CD Pipelines as well as experience with SDLC;
- General knowledge in all security scopes, as well as strong knowledge on Operating Systems, Networks, Databases and Infrastructure Architecture;
- Experience with Threat Modeling;
- Active participation in the CTF scene or Bug Bounty programs is a plus;
- Experience with security assessment tools is also a plus, especially Burp Suite (e.g., for intercepting and modifying HTTP requests, automating attacks with Intruder, or analyzing application security). Familiarity with Nmap, Metasploit, SQLmap, Nessus, Censys, Shodan, and Frida.re is also valuable. More broadly, proficiency with any tool that aids in assessing and validating security is highly desirable.
We believe in good team chemistry, enthusiasm for building things, and our surprising capacity to learn new things when we stay humble and open-minded. Good computer science skills and concepts, as well as English language skills, are essential.
Role Location
Remote.
Benefits
- Health, dental and life insurance
- Meal allowance
- Transportation assistance
- 30 days of paid vacation
- Equity at Nubank
- Parking partnership - discounted parking in our office
- Free bike parking with showers available
- NuCare - Our mental health and wellness assistance program
- NuLanguage - Our language learning program
- Gympass partnership
- Extended maternity and paternity Leaves
- Child care allowance
- ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
- Onsite Health Center - Medical support for every Nubanker in our office
Diversity & Inclusion
At Nubank, we want to be sure that we're building a more diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as enriching elements to our company while ensuring neither of them represent a barrier when recruiting fantastic talent.
Other Jobs from Nubank
Lead Security Engineer - Blockchain Security
Senior Systems Engineer
Senior Systems Engineer (SRE/DevOps)
Senior Database Engineer
Staff Systems Engineer
Similar Jobs
Software Engineer 2
Staff Software Engineer (Frontend) - Unified Accountant Console
Senior Staff Software Engineer (Frontend) - Embedded Platform
Senior Software Engineer (Frontend) - Embedded Platform
Senior Software Engineer (Backend) - Enterprise Tax Service
Software Developer
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 452 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say