About Nubank
Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationship with money across Latin America. With operations in Brazil, Mexico and Colombia, Nubank is today the largest digital banking platform in the world and one of the leading technology companies in the world, reinventing over 60 million customers' financial lives.
Nubank achieved this by offering a no-fee credit card, entirely managed by a mobile app, and a digital account, free of taxes. Nubank also offers transparent and hassle-free personal loans, a business account tailored for SMBs, and life insurance. In 2020, Nubank acquired digital broker Easynvest, now called Nu invest, and became the leader in self-directed digital investments in Brazil.
Throughout the years, Nubank raised around US$2 billion with some of the best-known growth and technology investors in the world, such as Berkshire Hathaway, Sequoia, DST, Tencent, Tiger, Kaszek, Founders Fund, Dragoneer, TCV, Redpoint, Ribbit, GIC, Whale Rock, Invesco, QED, and Capital Group.
Today, Nubank is a global company, with offices in So Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogot (Colombia), Durham (United States) and Berlin (Germany). Nubank was founded in So Paulo by Colombian David Vlez, and co founded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.
Our challenge:
Technology is not a sector of our business: it's intrinsic to every area at Nubank. We encourage everyone to challenge the status quo. There's no "innovation team" - we hire innovative people for all our positions and encourage them to constantly question decisions to keep finding better ways to do something. Our business is experiencing hyper growth in several dimensions: number of customers, products, international markets and employees., and our engineering team must match that demand.
As we grow, we need to:
- Relentlessly pursue, indicate and contribute to eradicate threats across complex environments.
- Report and help solving incidents at scale
- Work in regulated environments aligning with all the requirements
- Communicate clearly with external and internal stakeholders such as regulators, managers, etc..,
- Build solutions that enable faster and more effective incident response.
Youll be responsible for:
- Create strong relationships with diverse teams, by coordinating communication between different audiences, teams and stakeholders in english and spanish.
- Assess security gaps within the organization, in different technologies and business contexts, enabling risk treatment and designing technical action plans as necessary
- Support compliance with regulatory requirements related to cybersecurity providing visibility and technical guidance on strategies for compliance and possible trade-offs based on risk
- Working across different technical teams supporting and leading the solution of incidents, issues, regulatory requirements, understanding root cause and improving our security posture by implementing controls and defenses.
- Develop and implement policies and procedures related to information security, physical security, fraud prevention, and cyber risk management
- Collaborate with cross-functional teams to understand the business requirements, and translate them into technical specifications and vice-versa
- Define guidelines and best practices on business security matters that empower Nubankers to perform their work efficiently and securely
- Support other security engineers, motivating and creating continuous learning in a collaborative environment.
We are looking for a person who has:
- + 8 years of experience in Information & Business Security, Privacy, Risk Management and IT Governance disciplines
- An ability to thrive in engineering environments, interacting with technical teams and being able to jump into technical conversations at least with a theoretical knowledge.
- Practical knowledge of cloud infrastructure (private or public), microservices and distributed environments.
- Solid hands-on experience implementing Technical Controls based upon industry best practices, but also challenging the status quo of current security frameworks.
- Experience working in regulated institutions and environments, interacting with external and internal stakeholders.
- Knowledge in ISO, PCI, NIST, Mitre ATT&CK and/or CSF frameworks.
- Experience with Colombian regulation in special the one related to information security requirements for financial institutions
- Proven strong experience in assessing, designing and implementing security controls
- Strong inclination towards > https://building.nubank.com/nu-hybrid-work-model/.