Nubank is the leading financial technology company in Latin America. Its first product, launched in 2014, is a no-fee credit card that is fully managed by a mobile app. Almost 30 million people have requested the product since launch, and the company has passed the 10 million active customer mark. In 2017, Nubank launched its proprietary loyalty rewards program ("Nubank Rewards"), as well as a digital account ("NuConta") that is already used by 7 million people. This year, the company began testing its personal loan service and took its first steps in international expansion, opening offices in Mexico and Argentina. To date, Nubank has raised around US$ 420 million in seven equity investment rounds from Sequoia Capital, Kaszek Ventures, Tiger Global Management, QED, Founders Fund, DST Global, Redpoint Ventures, Ribbit Capital, Dragoneer Investment Group, Thrive Capital and Tencent. Recently, Nubank was elected as the most innovative company in Latin America and ranked no. 36 on Fast Company' 50 Most Innovative Companies ranking.
What are some examples of problems a Regulations IC will solve?
Be the infosec point of contact for areas like Risk, Compliance and Internal Audit. Understand how infosec works and translate that to these areas and find out together things that have to be done by the Infosec team. Also responsible for external audits. The goal in 3 months is to get the needed projects mapped for Mexico's launch.
What is a typical day for a Regulations IC?
- Accountable for audit points and risk/compliance projects, making sure that they are on time;
- Our Risk squad is new so they have many questions about how infosec works and will work together a lot in mapping and designing solutions that the infosec/risk team will do;
- Every six months we are audited by an external auditor. This takes about a week of collecting evidence that the auditors need (most of it is automated already).
Basic security knowledge
- Understand the properties: Authenticity, Confidentiality, Integrity, Non-repudiation
- Understand the tradeoff security vs usability
- Understand the value of good design in security solutions
- Hardening: Assess the attack vectors of a system and work with other teams/codebases to design the hardening/actions
- Security by design principles
- Basic offensive knowledge
- Show knowledge of adversarial thinking
- Be able to point out flaws in the design of a system/protocol considering a malicious actor
Other security-related knowledge
- Show knowledge of basic personal hardening: MFA, disk encryption, password managers, etc
- AWS services
- Basic architecture design on cloud
- Shared security model
General technical skills
- Designing: Actively contributes to the technical design of features and participates in whiteboarding sessions
- Computer networking
- Some concepts of distributed systems
The list of benefits must follow Nubank’s model:
- Competitive compensation package, including opportunity to earn equity ownership in Nubank
- Health, dental and life insurance
- Meal allowance (“vale refeição”)
- Flexibility to choose your own custom setup (computer, monitors, OS etc.)
Diversity and Inclusion at Nubank
We want to have a product for every Brazilian, and we build strong and diverse teams that rise up to the challenge. We are a team of the most creative people in technology, and we hire under equal opportunity, irrespective of gender, ethnicity, religion, sexual orientation or background. We are proud to say that 30% of Nubanker recognize themselves as part of the LGBTQ+ community, and 40% of our team identify as women, in all positions and seniority levels. We are a very process-light organization that values human interactions, and that is a very important part of our culture. At Nubank, everyone has the opportunity to speak up and participate, grow and share ideas.