← CarreiraAI
Greenhouse

Staff Security Engineer (IAM) - BR - 2026

Nubank · Brazil, Belo Horizonte; Brazil, Campinas; Brazil, Rio de Janeiro; Brazil, Sao Paulo

Publicada em 02/07/2026

Candidatar-se com o CarreiraAI →
h2 strong About Us /strong /h2 p Nu is one of the largest digital financial platforms in the world, with more than 122 million customers across Brazil, Mexico, and Colombia. Guided by our mission to fight complexity and empower people, we are redefining financial services in Latin America and this is still just the beginning of the purple future we're building. /p p Listed on the New York Stock Exchange (NYSE: NU), we combine proprietary technology, data intelligence, and an efficient operating model to deliver financial products that are simple, accessible, and human. br Our impact has been recognized by global rankings such as Time 100 Companies, Fast Company’s Most Innovative Companies, and Forbes World’s Best Bank. Visit our institutional page a href= https://international.nubank.com.br/careers/ https://international.nubank.com.br/careers/ /a nbsp; br strong br /strong strong About the Role /strong /p p Nubank is seeking a Staff Security Engineer to contribute in the Identity and Access Management security function across a financial technology organization serving over 100 million customers in Brazil, Mexico, and Colombia. br This is a senior individual-contributor role with organizational-level technical influence, responsible for supporting a multi-year IAM security strategy, directing its execution across multiple engineering teams, and ensuring that identity and access controls meet the security, regulatory, and operational requirements of a globally operating financial institution. /p p The Staff Security Engineer is expected to bring a demonstrated history of delivering consequential security programs — including programs that encountered setbacks — and the technical judgment that only sustained, hands-on experience in the domain produces. br Critically, this role requires a security engineering philosophy grounded in business enablement: the conviction that security done well accelerates what the organization can do, not merely protects it. This means rigorously distinguishing between controls that reduce real risk and those that create the appearance of compliance without reducing exposure, taking genuine ownership of outcomes rather than delegating accountability through policy, and continuously questioning inherited assumptions about what security measures are necessary, sufficient, or proportionate. /p p br br /p h3 strong What You’ll Be Responsible For /strong /h3 ul li Defining, communicating, and executing a multi-year security strategy (especially in the IAM field) aligned with the organization's risk posture, regulatory obligations, and business objectives across multiple countries and regulatory jurisdictions. /li li Lead organization-wide authentication migrations that span heterogeneous surfaces — browser, operating system login, CLI tooling, and API-level integrations — across thousands of employees, multiple device ecosystems, and distributed work environments, producing measurable outcomes: authentication success rates above 99%, material reductions in per-authentication time, support exception rates below 1%, and return on investment within weeks of enforcement. /li li Designing and maintaining the core identity infrastructure with the durability and operational discipline required at organizational scale: enterprise Identity Provider, PKI and X.509 certificate lifecycle automation, mutual TLS for service-to-service authentication, and credential management systems engineered to remain sound as the organization grows. /li li Translating least-privilege access from a principle into a measurable, organization-wide program — with defined metrics, visible adoption curves, and accountability structures that allow Security and Engineering leadership to track and act on the organization's access risk posture over time. /li li Designing and maintaining a security engineering framework — comprising technical mechanisms, policies, incentives, and assurance processes — that ensures security propert
Candidatar-se com o CarreiraAI →