Principal Security Engineer (Threat Detection)

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

We believe in:

• Strong and diverse teams;
• Enthusiasm for building and delivering new features and products;
• Capacity to keep learning new things while constantly improving what we are already good at;
• Collaborating efficiently to ship quality service/products.

Infosec & Security Operation Center (SOC)

The Nubank Security Operation team proactively hunts for security threats that may affect Customers or Nubankers, acts fast on security incidents to investigate those threats, and applies mechanisms to mitigate them. Also, Security Operation has a strong engineering power to decrease the time to act on threats through automation and dedicated micro-services.

You can find more about Nubank Infosec here!

A Principal Threat Detection Engineer is responsible for:

Here you will act as the subject-matter expert and primary contact for stakeholder teams, creating threat detection rules and actionable insights to identify, prevent, detect and respond to adversary activities. Work cross-functionally with security engineering and data science teams to build solutions for analyzing security events data at scale. And manage metrics to make strategic decisions, evaluating the maturity and efficacy of threat detection.

What skills do I need?

• Experience with threat hunting or detection engineering practices 
• Knowledge in frameworks such as: Mitre ATT&CK, Threat Hunting Frameworks and NIST CSF
• Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies
• Experience writing detection logic in SIEM (such as Splunk, Datadog, Qradar etc.)
• Advanced YARA Rules or SPL language
• Production experience with AWS, GCP or Azure 
• Good understanding and speaking of the English language (we'll use a lot, infosec is a global team :D)

Core Benefits

• Full remote position
• Health, dental and life insurances
• Meal allowance
• Transportation assistance
• 30 days of paid vacation
• Chance of earning equity at Nubank
• Parking partnership - discounted parking in our office
• Free bike parking with showers available
• NuCare - Our mental health and wellness assistance program
• NuLanguage - Our language learning program
• Gympass partnership
• Extended maternity and paternity Leaves 
• Child care allowance
• ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
• Onsite Health Center - Medical support for every Nubanker in our office

*Interviewing and onboarding are currently done virtually due to COVID-19. Everyone new to the team and our current staff will remain working from home until it is safe to return to our offices. If/when relocation is required, we have a team dedicated to global mobility and have partnered up with the best companies in the market to make sure processes run smoothly. We also offer a very competitive relocation package for international hires.