MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Lead Security Engineer (GRC)

Nubank

Brazil, Belo Horizonte; Brazil, Campinas; Brazil, Rio de Janeiro; Brazil, Sao Paulo (Belo Horizonte, Campinas, Rio de Janeiro, São Paulo) Hybrid permanent

Posted: March 25, 2026

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Quick Summary

The Lead Security Engineer (GRC) role at Nubank is responsible for ensuring the security and compliance of our digital banking platform, working closely with cross-functional teams to identify and mitigate risks.

Required Skills

Security Certifications Risk Management Internal Controls Compliance Audit Assessments Regulatory Requirements Risk Mitigation Data-Driven Insights

Job Description

About us

Nubank was founded in 2013 with the mission of fighting complexity to empower people in their daily lives by reinventing financial services. Today, we are one of the largest digital banking platforms in the world, serving millions of customers across Brazil, Mexico, and Colombia. For more information, visit our careers page: https://international.nubank.com.br/careers/

About the team

The Governance, Risk and Compliance (GRC) team enables Nubank to remain compliant with legal, regulatory, and internal requirements, while continuously identifying, classifying, and monitoring risks and providing strategic insights and performance evaluation to leadership.

The GRC squad collaborates with multidisciplinary teams to align our technology security strategy with Nubank’s overall business objectives, ensuring that identified risks are mitigated and that risk-based decision-making is enabled within and beyond the IT & Security Business Unit.

About the role

You will be responsible for acting as a technical reference in security, certifications, and internal controls, serving as a bridge between engineering, risk, audit, and business stakeholders.
You will define strategies, support risk-based decision-making, and ensure that security and compliance requirements are effectively embedded into processes, systems, and products.

Key responsibilities

• Act as a senior technical and governance reference across security, certifications, risk, and internal controls, influencing strategy.

• Identify control gaps and improvement opportunities in technical procedures required for certification and recertification processes (e.g., ISO 27001, PCI-DSS).

• Develop and maintain strong partnerships with business and technical leaders to orchestrate audits, assessments, and remediation plans in a risk-based and scalable way.

• Collaborate with technical teams to define action plans that ensure adherence to regulatory requirements and internal policies.

• Conduct assessments of internal controls, ensuring adherence to internal policies, legal requirements, and industry standards.

• Identify gaps and improvement opportunities in the internal controls landscape and lead control reviews, ensuring timely resolution of issues.

• Work closely with Risk teams to align on the mitigation of identified risks.

• Support responses to audit requests, regulatory inquiries, and due diligence from business partners.

• Partner with Engineering, Product, IT, and global teams to integrate compliance and security requirements into processes and systems.

• Define and monitor KRIs and KPIs, delivering forward-looking, data-driven insights to senior management and Committees.

• Drive continuous improvement and scale, simplifying processes and strengthening Nubank’s Security Maturity as the company grows globally.

Qualification Requirements

• Solid experience in information security, with strong knowledge of frameworks such as PCI-DSS, ISO 27000 family, NIST, and similar.

• Prior experience with security certification processes and/or internal controls, compliance, and audit support.

• Excellent executive communication skills, capable of translating complex topics into clear, actionable insights for senior leadership and committees.

• Experience operating in regulated and global environments, including interaction with auditors and regulators.

• Bachelor’s degree in Engineering, Technology, Security Information, Risk Management or related fields.

• Familiarity with using AI and automation (e.g., machine learning, generative AI, or LLM-based tooling) to enhance security compliance use cases.

• Knowledge of the regulatory landscape relevant to financial services, such as SOx, BACEN, CVM, CNBV, ANBIMA, SEC, and related regulations.

• Hands-on experience with cloud environments (e.g., AWS, GCP) and implementing security controls in these contexts.

• Advanced English (written and verbal) required.

Nice to have Requirements

• Relevant certifications such as CRISC, CISA, Security+, CISSP, or CISM are considered a strong plus.

International experience is highly desirable.

Our Benefits

• Chance of earning equity at Nubank

• Food/ Meal Card (Vale-Refeição and/or Vale Alimentação)

• Public Transportation Commuting Benefit (Vale-Transporte)

• NuCare – Psychological, Financial and Legal Assistance Program

• Life Insurance

• Medical Plan

• Dental Plan

• NuLanguage – Language Course Program

• Nucleo - Our learning platform of courses

• Extended Parental Leave

• Daycare Allowance

• Parental Consultancy

• Work-from-home Allowance

• Gym Partnerships

• 30 days of paid vacation

• Relocation Assistance Package, if applicable

Work Model for this Role

Hybrid 2-3 times/week: Our hybrid work model brings us to the office at least twice a week, on strategic days designed to maximize team connection and collaboration. For more details, visit https://building.nubank.com/nu-hybrid-work-model/

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply