Lead Security Engineer (AI) – Product Security

Nu is one of the largest digital financial platforms in the world, with more than 127 million customers across Brazil, Mexico, and Colombia. Guided by our mission to fight complexity and empower people, we are redefining financial services in Latin America and this is still just the beginning of the purple future we're building.

Listed on the New York Stock Exchange (NYSE: NU), we combine proprietary technology, data intelligence, and an efficient operating model to deliver financial products that are simple, accessible, and human.

Our impact has been recognized by global rankings such as Time 100 Companies, Fast Company's Most Innovative Companies, and Forbes World's Best Bank. Visit our institutional page https://international.nubank.com.br/careers/

AI is core to how Nubank builds products — and securing it is one of the most critical and forward-looking challenges in the company. The AI Security team, part of Nubank's Information Technology & Security area, is responsible for ensuring that AI systems are developed and operated safely and securely at scale, across LLM-powered applications, autonomous agents, and the infrastructure that supports them.

As Lead Security Engineer (AI), you will own and drive Nubank's defensive security strategy for AI products and internal tools. You will define frameworks, set technical direction, build runtime protections, and enable engineering teams across the company to ship AI systems securely by default. This role sits at the intersection of cutting-edge AI and high-stakes security — and your work will directly shape how one of the world's largest fintechs builds trustworthy AI at scale.

• Leading the security strategy for Nubank's AI systems — covering LLM-powered applications, AI agents, and their underlying infrastructure — and building the standards and frameworks that guide secure AI deployment across the company.
• Securing AI agents and autonomous workflows by hardening tool usage, enforcing appropriate permission levels, and monitoring agent behavior and decision-making in production.
• Designing and enabling secure architectural patterns for AI applications, including LLM-based services and agent orchestration systems.
• Developing AI-specific detection and monitoring capabilities to identify abuse, misuse, and anomalous behavior — including telemetry across prompts, responses, tool usage, and agent execution.
• Designing and implementing runtime protections for LLM applications, such as prompt injection detection, jailbreak protection, abuse detection, and output safety controls.
• Collaborating with AI engineers and platform teams to integrate security controls into AI development and deployment pipelines.
• Staying current with emerging threats and AI security trends, translating them into concrete controls, guidelines, and standards across Nubank's engineering organization.

• Deep expertise in product security, application security, or cloud security, combined with hands-on experience building AI agent systems.
• A proven track record leading cross-team technical initiatives — setting standards and driving adoption without direct authority.
• Experience designing and implementing secure systems and controls in production environments.
• Hands-on experience with runtime security controls (input validation, abuse detection, policy enforcement) in high-throughput production systems.
• Solid familiarity with LLM application architectures — including prompt pipelines, tool use, and RAG — and their threat surfaces such as prompt injection, data exfiltration, and jailbreaks.
• Strong understanding of agentic systems and AI infrastructure, with the ability to threat-model novel and non-deterministic systems.
• Experience building monitoring, telemetry, and alerting for production systems.
• Strong programming skills in at least one production language, with the ability to read and review code across the AI stack.

• Durham, United States
• Miami, United States
• Palo Alto, United States
• Washington DC, United States

Hybrid 2–3 times/week: Our hybrid work model brings us to the office at least twice a week, on strategic days designed to maximize team connection and collaboration. For more details, visit https://building.nubank.com/nu-hybrid-work-model/