Cyber Security Incident Responder Specialist (SOC)

Mexico CityMexico CityCiudad de MéxicoMexicoNorth America

About Nubank

Nubank was founded in 2013 in São Paulo by David Vélez, and cofounded by Cristina Junqueira and Edward Wible to free people from a bureaucratic, slow and inefficient financial system. Since then, through innovative technology and outstanding customer service, the company has been redefining people's relationships with money across Latin America. Nubank is one of the largest digital banking platforms and technology-leading companies in the world and just went through an IPO. 

Today, Nubank is a global company, with operations in São Paulo (Brazil), Mexico City (Mexico), Bogotá (Colombia), and offices in Buenos Aires (Argentina), Durham (United States), and Berlin (Germany). For more information, visit

Infosec & Security Operation Center

The Nubank SOC team proactively hunts for security threats that may affect Customers or Nubankers, acts fast on security incidents to investigate those threats, and applies mechanisms to mitigate them. Also, SOC has a strong engineering power to decrease time to act on threats through automation and dedicated micro-services.

You can find more about Nubank Infosec here (article in portuguese):

We believe in:

  • Strong and diverse teams;
  • Enthusiasm for building and delivering new features and products;
  • Capacity to keep learning new things while constantly improving what we are already good at;
  • Collaborating efficiently to ship quality service/products.

Our Challenges

Nubank is experiencing hyper growth in several dimensions: number of customers, products, international markets and employees. We are seeking a Security Incident Responder Specialist who, together with the team, are able to relentlessly pursue and eradicate threats across complex environments. With your technical expertise, you will be solving incident response challenges at scale, working to protect the applications powering one of the most sophisticated digital banking platforms ever built, and building solutions that enable faster and more effective incident response. 

What is a typical day for a Cyber Security Incident Responder Specialist?

Nubank Incident Response team analyzes information, discusses observations and activities, and shares reports and communications across the company. The amount of time spent on any one of these activities depends on one key question: Is this a time of calm or crisis? That’s why it’s essential to have an extraordinary person who combines intellectual curiosity with a tireless passion for never giving up, especially during times of crisis. 

As a Security Incident Responder Specialist, you will identify several types of security incidents by understanding how attacks work, and how to effectively respond before they get out of hand. 

The Cyber Security Incident Responder Specialist will be responsible for:

  • Gathers facts, evaluates risk, delegates activities, and defines a systematic action plan to contain and eradicate security threats as quickly and safely as possible
  • Coordinates containment and eradication of major security incidents
  • Contribute to the improvements to the SOC monitoring, hunting, and incident management processes.
  • Establishing well-done communication between different squads to make it easy to automate or outsource incident response and analysis to MSSP 
  • Evaluate appropriate solutions for supporting the security operations function, making decisions between building versus buying tools
  • Participate in audits and assessments and provide support, as appropriate.
  • Participate in security on-call rotation.
  • Identifying chains of attacks and collecting data based on knowledge of the adversary's tactics, techniques and procedures (TTPs).

What you'll need to be successful:

Must Have

  • Experience as SOC L2 using methodologies for investigation and incident response, mainly within Windows and Linux environments.
  • Experience in areas such as incident response, systems security, network security, and/or application security
  • Curious and innovative Security Analyst with a passion for information security operations, customer service, and automation
  • Strong teamwork and communication skills. Excellent written and verbal communication skills with the ability to adapt messaging to executive, technical, and non-technical audiences
  • Has good understanding of the English language
  • Knowledge in frameworks as: MITRE ATT&CK or NIST CSF
  • Security analysis skills (log file analysis and analysis of mixed data sources/types). SPL language, how to query and modify alerts at Splunk
  • Understanding of cloud infrastructure (Amazon, Azure, Google)
  • Understanding of security vulnerabilities, attacker exploit techniques, and their remediation methodologies
  • Ability to work with a high degree of autonomy
  • Strong problem-solving skills
  • Strong sense of ethics & values, ability to handle confidential situations with discretion
  • Able to work in a diverse team

Nice to have

  • Defensive certifications or equivalent knowledge
  • Github real world experience
  • Experience scripting such as Python, shell script or Clojure
  • Experience with AWS products
  • Experience with automation and/or usage of:
    • Okta 
    • Fortinet
    • Palo Alto technologies
    • Google Security Tools (Gmail, DLP and Google products hardening)

Core Benefits

  • Equity at Nubank
  • Health and life insurance 
  • Food card
  • 15 days of paid vacation with 25% vacation bonus
  • Holiday Bonus ("Aguinaldo") of 30 days of pay per year
  • NuCare - Our mental health and wellness assistance program
  • NuLanguage - Our language learning program
  • Extended maternity and paternity leaves

*Interviewing and onboarding are currently done virtually due to COVID-19. Everyone new to the team and our current staff will remain working from home until it is safe to return to our offices. If/when relocation is required, we have a team dedicated to global mobility and have partnered up with the best companies in the market to make sure processes run smoothly. We also offer a very competitive relocation package for international hires.

Cyber Security Jobs by Category

Cyber Security Jobs by Location

Cyber Security Salaries