← CarreiraAI
Greenhouse

Grupo QuintoAndar | Senior Security Engineer (Vulnerability Management)

Quintoandar · Brasil

Publicada em 30/06/2026

Candidatar-se com o CarreiraAI →
p strong About Grupo QuintoAndar /strong /p p We are Grupo QuintoAndar, the largest real estate ecosystem in Latin America. Guided by a shared purpose of helping people love where they live, we have a diversified portfolio of brands and solutions across different countries in Latin America, covering all phases of the housing journey. We also have a Technology Hub in Portugal. We develop technology and innovation to transform and enhance the overall living experience. /p p With the support of a world-class team of investors and advisors, including Kaszek, Qualcomm, General Atlantic, and SoftBank, Grupo QuintoAndar is currently valued at over USD 5.1 billion and continues to grow year over year. /p p Here, you will work with top professionals in the market, in an environment that breathes innovation, collaboration, and high performance. To learn more about our story, visit: a href= https://grupoquintoandar.com/pt/ /a a href= https://grupoquintoandar.com/pt/ https://grupoquintoandar.com/pt/ /a . /p p nbsp; /p p strong Location amp; Remote Work /strong /p p Our technology team operates under a remote-first model, which means we work from home and can live anywhere in Brazil. We also offer the option of working from our São Paulo offices or partner coworking spaces, up to twice a week. /p p nbsp; /p p strong Hiring Process Stages /strong /p p The stages of our hiring processes aim to assess your experiences and allow you to meet our teams and explore career opportunities. They are structured as follows. /p ul li Tech screening nbsp; /li li Tech interview 1 /li li Tech interview 2 /li li People Interview /li li Hiring Comittee /li li Offer /li /ul p strong About the Team /strong /p p We are looking for a strong Senior Security Engineer /strong to technically lead our Vulnerability Management strategy and the adoption of the strong CTEM /strong (Continuous Threat Exposure Management) framework. This position operates at a strategic and systemic level, influencing multiple teams and technical domains, ensuring that risk identification and remediation are integrated into security engineering and operations workflows. /p p strong Responsibilities /strong /p ul li strong Implementation of the CTEM Program: /strong Lead the continuous threat exposure cycle, focusing on full visibility of the attack surface and prioritization based on real risk. This includes managing strong Bug Bounty /strong programs, Vulnerability Management, and AppSec findings. /li li strong Synergy with AppSec / Cyber Security / Business Units: /strong Work in close collaboration with Application Security (AppSec) professionals to ensure that infrastructure, cloud, and code vulnerabilities are handled holistically within the strong Secure Development Lifecycle (SDLC) /strong . /li li strong Articulation and Teamwork: /strong This is a shared responsibility, requiring high-level teamwork skills and fine-tuning with multiple stakeholders (Product Managers, Tech Leads, and DevOps) to balance security with agility. /li li strong Assessment and Planning: /strong Critically evaluate findings, present risks clearly to non-technical areas, and plan remediation schedules with Engineering teams. Act as a technical reference for complex decisions, such as critical vulnerabilities and strong zero-days /strong , risk exceptions, formal acceptance, and trade-offs between speed, cost, and security. /li li strong Remediation Orchestration: /strong Define mitigation strategies that do not just fix the immediate problem, but instead elevate the systemic resilience of the platform. /li /ul p strong Behavioral and Technical Profile: /strong /p ul li strong Extreme Collaboration: /strong Ability to share responsibilities and build joint solutions with AppSec, Engineering, and Business teams, avoiding silos and ensuring a 360º view of risk. /li li strong Strategic Communication: /strong Ability to navigate between deep technical discussions with engineers and executive presentations for s
Candidatar-se com o CarreiraAI →