Lead Offensive Security Engineer

Brazil, Sao Paulo

Applications have closed

Nubank

Você finalmente no controle do seu dinheiro. Controle total do cartão de crédito e da conta 100% digital

View company page

About Nubank

Nubank was founded in 2013 to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. With operations in Brazil, Mexico, and Colombia, Nubank is today one of the largest digital banking platforms and technology-leading companies in the world.

 

Today, Nubank is a global company, with offices in São Paulo (Brazil), Mexico City (Mexico), Buenos Aires (Argentina), Bogotá (Colombia), Durham (United States), and Berlin (Germany). It was founded in 2013 in Sao Paulo, by Colombian David Vélez, and cofounded by Brazilian Cristina Junqueira and American Edward Wible. For more information, visit www.nubank.com.br.

 

What is a typical day for a Red Team Engineer?
  • Perform infrastructure, web and mobile pentest;
  • Help with vulnerability management;
  • Code tools that assist with offensive security security reviews;
  • Support operations to fix vulnerabilities and help development squads to understand security issues;
  • Assist in architectural / logical reviews of different softwares.
 
What skills do I need?
  • Offensive Security background, with a focus on Red Team activities;
  • Experience with different parts of a pentest, such as reconnaissance, enumeration, exploitation, post-exploitation, lateral movement, etc…;
  • Strong knowledge of recent and past attack vectors, as well as exploitations, and how to fix them;
  • Ability to reproduce behavior of Advanced Persistent Threat groups;
  • Experience with security frameworks, such as OWASP;
  • Familiarity with AWS general concepts;
  • Ability to harden and improve CI/CD Pipelines as well as experience with SDLC
  • General knowledge in all security scopes, as well as strong knowledge on Operating Systems, Networks, Databases and Infrastructure Architecture;
  • Experience with Threat Modeling;
  • Active participation in the CTF Scene or Bug Bounty programs;
  • Knowledge of these tools is a plus: Nmap, Metasploit, SQLmap, Burp Suite, Nessus, Censys and/or Shodan, Cloud security assessment tools.
 
We believe in good team chemistry, enthusiasm for building things, and our surprising capacity to learn new things when we stay humble and open-minded. Good computer science skills and concepts, as well as English language skills, are essential.
We are a very process-light organization that values human interactions. We love working in small, independent teams that feel like small startups and eschew coupling and centralizing where realistic. We understand that execution is the key to success and optimize processes to remove bottlenecks.
 

Role Location

Remote.


Benefits

  • Health, dental and life insurance
  • Meal allowance
  • Transportation assistance
  • 30 days of paid vacation
  • Equity at Nubank
  • Parking partnership - discounted parking in our office
  • Free bike parking with showers available
  • NuCare - Our mental health and wellness assistance program
  • NuLanguage - Our language learning program
  • Gympass partnership
  • Extended maternity and paternity Leaves  
  • Child care allowance
  • ‘Espaço Feijão’- Private nursing and breastfeeding spaces in our buildings
  • Onsite Health Center - Medical support for every Nubanker in our office


Diversity & Inclusion

At Nubank, we want to be sure that we're building a more diverse and inclusive workplace that reflects the customers we serve and seek to empower. That's why we hire based on equality. We consider gender, ethnicity, race, religion, sexual orientation, and other identity markers as enriching elements to our company while ensuring neither of them represent a barrier when recruiting fantastic talent.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: AWS Banking Burp Suite CI/CD Cloud Computer Science CTF Metasploit Nessus Nmap Offensive security OWASP Red team SDLC Security assessment SHODAN Vulnerabilities Vulnerability management

Perks/benefits: Career development Fitness / gym Health care Parental leave Team events Wellness

Region: South America
Country: Brazil
Job stats:  4  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.