Descrição da Vaga
What are some examples of problems a Security Analyst will solve?
Maintain technology-driven valuable solutions is a hard security problem. The ecosystem needs to be fully secured in order to not compromise any business strategy, products or client data. Information security analysts are responsible for addressing vulnerabilites and flaws in softwares, infrastructure and workflows. We consistently work with new technologies, and thus value professionals who are open to learning new things, regardless of pre-existing comfort zones.
You might solve any of the following problems:
- Perform security tests on products looking for vulnerabilites;
- Analyse workflows for flaws and problems that can leverage security attacks;
- Perform rigorous and meticulous tests in infrastructure and softwares for security problems;
- Automate vulnerability scans in softwares and infrastructure;
- Perform simulation of complete real attacks aiming for company assets.
What is a typical day for a Security Analyst?
Information security analysts work in small taskforces, focused in specific targets. They are divided in pentesters and red team. Pentesters are generally more focused in the technological aspect of the attack, pwning through software, while the red team, despite having people focused in technology, will do everything needed to reach the final goal, exposing flaws in other areas. Our working environment is open and diverse, and our offices have a broad mix of collaborative working spaces, quiet areas, leisures space, and workstations.
You will fit well if:
- You are driven and enjoy facing new challenges
- You enjoy being constantly challenged to learn and do more
- You embrace conflict of ideas and like to question the status quo
- You learn quickly and easily adapt to changing situations and priorities
- You have a great analytical thinking and problem solving skills.
- You want to understand the big picture, to be held accountable and make a meaningful contribution with your work.
- Pentest, WEB/Mobile apps security tests or software exploitation.
- Computer security vulnerabilities (Classification, risk, etc).
- Unix-like operating Systems concepts.
- Software engineer concepts, such as RESTful API, messaging, databases, infrastructure as code.
- Access control hardware (NFC, RFID, bluetooth, etc)
- Social engineering
- Competitive compensation package, including opportunity to earn equity ownership in Nubank
- Health, dental and life insurance
- Meal allowance (“vale refeição”)
- Flexibility to choose your own custom setup (computer, monitors, OS etc.)