Security Engineering Manager; Cloud Security - BR

Position: Security Engineering Manager (Cloud Security) - BR - 2026
About Us

Nu is one of the largest digital financial platforms in the world, with more than 122 million customers across Brazil, Mexico, and Colombia. Guided by our mission to fight complexity and empower people, we are redefining financial services in Latin America and this is still just the beginning of the purple future we're building.

Listed on the New York Stock Exchange (NYSE: NU), we combine proprietary technology, data intelligence, and an efficient operating model to deliver financial products that are simple, accessible, and human.

Our impact has been recognized by global rankings such as Time 100 Companies, Fast Company's Most Innovative Companies, and Forbes World's Best Bank. Visit our institutional page  /careers/

About the Team

Cloud Security defines and operates the cloud security controls that underpin Nubank's growth globally and across multiple cloud providers. The team owns the preventive guardrails, configuration baselines, and posture-detection mechanisms that allow Nubank to launch in new markets, sustain regulatory commitments with international banking regulators, and adopt AI safely at the cloud layer.

About the Role

We are looking for an Engineering Manager II to lead a highly senior team of software engineers, translate Foundation Security's strategy into structured execution, and provide the close technical leadership of this squad's seniority and scope demand. This is a dedicated leadership seat - your full focus is one squad and its outcomes.

What You'll Be Responsible For

Lead the squad

* Set clear expectations, give frequent feedback, and run career conversations with senior ICs.

* Hire and onboard talent, partnering with P&C and the Foundation Security hiring pipeline.

* Mediate conflicts, address low performance promptly and impartially, and create a safe space for difficult conversations.

* Manage team engagement with data; plan the team's composition and skills against Nubank's objectives.

Drive technical decisions and engineering excellence

* Lead and enable technical decisions on the squad's architecture, with a strong understanding of multi-cloud patterns and trade-offs (AWS, GCP, IaC, Kubernetes, event-driven controls).

* Be accountable for the technical health of the squad's products: code quality, test coverage, observability, and technical-debt management.

* Set the team's quality bar; oversee root cause analysis for complex incidents and lead phased rollouts that reduce blast radius.

* Sponsor architectural decisions for squad-level projects and communicate trade-offs to non-technical stakeholders.

Translate strategy into execution

* Cascade Foundation Security and ITSec strategy into the squad's roadmap, balancing regulatory commitments across international markets, AI enablement, and ongoing reduction of cloud configuration risk.

* Manage small-to-moderate initiatives that span multiple stakeholders (Infrastructure peers, infrastructure teams, product engineering, compliance, GRC, procurement).

* Own the squad's contribution to OKRs, monthly business reviews, and the Area business board.

Operate with accountability

* Hold accountability for the squad's financials within ITSec's guidelines (tooling renewals, headcount, contracts).

* Operate in compliance with corporate policies and risk-management processes.

* Lead and mentor others within the squad; contribute to hiring panels across Foundation Security.

We Are Looking for a Person Who Has

Must-have

* Engineering Manager experience leading a software/security squad, or strong tech-lead/staff-level background with clear intent and readiness to move into people management.

* Solid hands-on software engineering background - comfortable reading and reviewing code in at least one of Golang, Clojure, or Python, writing Shell/Python scripts for automation, and reviewing IaC (Terraform, Pulumi).

* Working knowledge of AWS at scale (multi-account, Organizations, IAM, networking, Security Hub, Config). Familiarity with GCP is a strong plus.

* Comfort designing and governing preventive controls (SCPs, Organization Policies, admission controllers) and remediation pipelines.

* Track record of hiring, onboarding, and developing engineers; experience (or strong appetite) for running performance and career conversations.

* Strong written and spoken communication in English; ability to make complex trade-offs clear to non-technical stakeholders.

Nice-to-have

* Prior experience building and shipping software products (not only operating off-the-shelf security tools) - internal platforms, services, CLIs, integrations, APIs.

* Prior exposure to CSPM/CNAPP platforms (any major vendor).

* Experience supporting regulatory or compliance work streams (PCI, ISO 27001, banking regulators).

* Familiarity with Kubernetes runtime security, event-streaming platforms, and large-scale data pipelines.

* Experience embedding security into AI/ML infrastructure.

* Hands-on use of AI coding assistants (Cursor, Claude Code, Git Hub Copilot, or similar) to accelerate engineering work and…