5.914 Empregos para Cissp - Brasil

About The Team/Role
We are the WEX Identity Protection Team, tasked with deploying and managing security IAM technologies and procedures across the enterprise. We work closely with internal teams and clients to ensure the company functions securely. Our team maintains a high standard and collaborates closely to foster robust, dependable, and efficient relationships. We take ownership of our outcomes and take pride in our workmanship.

Changing the world isn't easy, and we have much work ahead. From securing applications, data centers and cloud resources, we've got more work than we can handle and we're looking for great people to come along for the ride. We are looking for an application security engineer who is responsible for ensuring the secure function of software security and familiarity with multiple general security practices and toolsets

*How you'll make an impact *

• A highly motivated senior security engineer who loves working in and with high-performing team that interface with the entire enterprise
• A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion
• Someone who cares deeply for team results but can work independently to deliver high-quality solutions for projects and operational tasks
• Comfortable balancing the need to move fast with the realities of working in a highly regulated organization
• Someone who thrives in situations where details and accuracy are vital
• A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who can complete tasks and deliverables with minimal oversight
• Work closely with Enterprise IT teams on securing access to WEX's infrastructure and applications
• Able to mentor other engineers both technically and professional
• Have exceptional knowledge of commonly used Identity tools/platforms.
• Configure, troubleshoot and maintain identity access platforms and infrastructure
• Install/implement and configure security applications that monitor systems & infrastructures
• Have IT experience and knowledge of operating systems and their access controls
• Monitor systems for irregular behavior and set up preventive measures
• Plan, develop, implement and update the company's information security strategy
• Handle security business-critical tasks and security systems administration
• Install, configure, update and troubleshoot our global security tools and services
• Identify, define and document system security requirements and recommend solutions to management
• Develop, execute and track the performance of security measures to protect the information, servers, and computer systems
• Write comprehensive guides, standards and reports including assessment-based findings, outcomes, and recommendations for security enhancements
• Have a diverse background in IT, security, and supporting processes

*Experience you'll bring *

• Are able to communicate effectively in both written and spoken English
• Have hands-on administrative and development experience with Identity Access platforms including installation, configuration, and administration.
• Experience working with Sailpoint
• Have a strong understanding of Identity Access Management, including governance, lifecycle and compliance.
• Have experience with scripting and automation using languages such as Java.
• Are familiar with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS).
• Have excellent analytical, problem-solving, and communication skills.
• Have a strong, practical understanding of modern IT infrastructure, networking, and security engineering concepts
• Can troubleshoot information security issues within a complex environment
• Experience in engineering and implementing solutions that meet security, compliance, and business needs
• Can commit and deliver on defined project/delivery timelines with minimal supervision
• Can work in an on-call rotation which may include some night and weekend shifts
• Relevant certifications for Sailpoint Certified Engineer.
• Experience working with Java/Beanshell languages
• Experience working with Linux OS
• Basic Network security knowledge
• Experience working with OKTA, Auth0
• Experience working with Delinea PAM, CrowdStrike Identity Protection, IT Access using Artificial intelligence.

WHAT YOUR RESPONSIBILITIES WILL INCLUDE:
This role will be responsible for for security incident handling and designing, implementing, monitoring and maintaining the mainly technical information security controls and services to protect Stahl's information assets. Interacting with local and global IT professionals beyond and within Stahl.

JOB DESCRIPTION:

• Guard and monitor the overall security architecture to suitably and effectively protect all of Stahl's information and IT assets.
• Propose, design and implement fit for purpose security solutions based on internal policy requirements or any identified risk.
• Execute high quality periodical risk assessments.
• Proper and timely follow up upon any identified security alerts.
• Review and report on the security posture and performance of external IT security suppliers
• Be the main technical contact for external security suppliers
• Provide multi-level cyber security reporting and dashboards to different internal stakeholders.
• Drive and maintain compliance to information security standards for any new IT solutions and or change proposals.
• Maintain adequate security documentation.

Specific requirement
This job requires the ability to bypass information security controls hence elevated levels of Integrity and Confidentiality are required for this role.

Certifications such as CISSP, CEH, Microsoft security or willing to get certified.

Thorough knowledge in IT Infra technology (clients, servers, network, IAM, 2FA, vulnerability management, firewalls and other cyber security relevant topics).

Structured, accurate and disciplined in planning and execution.

Good communication skills in English

Important:
The candidate must live in Rio Grande do Sul (near Porto Alegre) / Brazil OR México ( near León or Toluca)

Considering the importance and role of this position, if you´re approved we will check your personal credentials.

WHAT DO WE OFFER?
At Stahl we offer working in an international, challenging, growing and dynamic organization, with the opportunity to have a real impact on the company, the people and the environment. An employment conditions package with excellent secondary employment conditions is offered. This package includes:

• Attractive salary that matches the responsibilities and experience
• Health insurance
• Pension Plan
• Bonus
• Voluntary day
• Extensive career development opportunities.

Company Description

Technology is our how. And people are our why. For over two decades, we have been harnessing technology to drive meaningful change.

By combining world-class engineering, industry expertise and a people-centric mindset, we consult and partner with leading brands from various industries to create dynamic platforms and intelligent digital experiences that drive innovation and transform businesses.

From prototype to real-world impact - be part of a global shift by doing work that matters.

Job Description

We are seeking a Senior Cybersecurity Specialist with deep expertise in Privileged Access Management (PAM) to join our dynamic security team. The ideal candidate will possess strong experience with CyberArk (or similar PAM platforms), and be skilled in problem-solving, critical thinking, and cross-functional collaboration in a global enterprise. A high level of English proficiency is essential for success in this role.

Key Responsibilities:

• Lead the design, implementation, and lifecycle management of Privileged Access Management solutions, with a strong focus on CyberArk.
• Enforce PAM policies, develop secure access practices, and perform risk assessments on privileged access.
• Integrate PAM solutions with enterprise systems including Identity and Access Management tools such as Okta.
• Manage and respond to security incidents involving privileged users or accounts.
• Collaborate with infrastructure, DevOps, and application teams to ensure secure integration of PAM solutions.
• Work with IT Service Management platforms (especially ServiceNow) to manage change management and approvals.
• Document procedures, playbooks, and system configurations aligned with best practices.
• Use tools such as Jira for tracking, planning, and project execution.
• Operate effectively using modern collaboration tools like Webex, Slack, and other enterprise communication platforms.
• Follow ITIL best practices in service delivery and incident/change/problem management processes.
• Participate in audits and ensure compliance with internal policies and external regulatory requirements.

Qualifications

Qualifications:

Must-Have:

• 5+ years of cybersecurity experience, with at least 3 years focused on Privileged Access Management.
• Proven hands-on expertise with CyberArk or equivalent PAM tools.
• Strong knowledge of Identity and Access Management (IAM), especially using Okta.
• Experience with ITIL-based service management, particularly change management processes in ServiceNow.
• Familiarity with Jira, ticketing systems, and project workflow tools.
• Proficiency in modern collaboration platforms: Webex, Slack, Teams, and others.
• Advanced written and spoken English communication skills.
• Excellent problem-solving and critical thinking capabilities.
• Strong knowledge of Active Directory, LDAP, and integration with various enterprise systems.

Nice to have:

• CyberArk certifications (e.g., Defender, Sentry).
• Experience with scripting languages (PowerShell, Python).
• Familiarity with security frameworks (e.g., NIST, ISO
• Experience in cloud platforms (AWS, Azure, GCP) and managing privileged access in hybrid environments.

Additional Information

Additional information

Discover some of the global benefits that empower our people to become the best version of themselves:

• Finance: Competitive salary package, share plan, company performance bonuses, value-based recognition awards, referral bonus;
• Career Development: Career coaching, global career opportunities, non-linear career paths, internal development programmes for management and technical leadership;
• Learning Opportunities: Complex projects, rotations, internal tech communities, training, certifications, coaching, online learning platforms subscriptions, pass-it-on sessions, workshops, conferences;
• Work-Life Balance: Hybrid work and flexible working hours, employee assistance programme;
• Health: Global internal wellbeing programme, access to wellbeing apps;
• Community: Global internal tech communities, hobby clubs and interest groups, inclusion and diversity programmes, events and celebrations.

At Endava, we're committed to creating an open, inclusive, and respectful environment where everyone feels safe, valued, and empowered to be their best. We welcome applications from people of all backgrounds, experiences, and perspectives—because we know that inclusive teams help us deliver smarter, more innovative solutions for our customers. Hiring decisions are based on merit, skills, qualifications, and potential. If you need adjustments or support during the recruitment process, please let us know.

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

• Application Security
  Lead secure design and code reviews across engineering teams.
• Define and enforce secure coding practices for JavaScript/TypeScript services.
• Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
• Conduct threat modeling and risk assessments for new features.
• Partner with engineers to remediate vulnerabilities and improve secure development practices.
• Authentication & Identity
  Own the roadmap for authentication and identity across customer and internal applications.
• Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
• Collaborate with Product to align usability, compliance, and security in authentication flows.
• Define secure approaches to session management, device trust, and account recovery.
• Confidential Computing (AWS Nitro Enclaves)
  Design enclave‑based architectures to isolate and protect sensitive workloads.
• Integrate Nitro Enclaves with KMS and secure APIs.
• Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
• Ensure compliance, auditability, and resilience of enclave workloads.
• Additional Security Domains
  Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
• Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
• Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
• Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.

• 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
• Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
• Expertise with AWS security best practices, particularly in serverless architectures.
• Hands‑on experience with AWS Nitro Enclaves for confidential computing.
• Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
• Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
• Background in SIEM design and log correlation across cloud and application layers.
• Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
• Experience with Secure Code Review.
• Understanding of software supply chain.
• Deep understanding of Linux internals.
• Remediate vulnerabilities identified in penetration test reports.
• Strong communication and collaboration skills, able to influence engineering and product teams.

• Familiarity with Bitcoin custody and key management practices.
• Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
• Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.

• Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
• Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
• Builder’s mindset, excited to create, iterate, and scale IS practices.
• Collaborative partner, able to influence across functions and cultures with empathy and clarity.
• Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
• Remote work experience.

• Comprehensive, best‑in‑class total rewards package that starts on your first day.
• Competitive PTO package.
• Ownership in the company through shared equity.
• Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
• Career that provides purpose in your job.
• We remove barriers so you love what you do.
• Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
• Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

• Application Security
  Lead secure design and code reviews across engineering teams.
• Define and enforce secure coding practices for JavaScript/TypeScript services.
• Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
• Conduct threat modeling and risk assessments for new features.
• Partner with engineers to remediate vulnerabilities and improve secure development practices.
• Authentication & Identity
  Own the roadmap for authentication and identity across customer and internal applications.
• Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
• Collaborate with Product to align usability, compliance, and security in authentication flows.
• Define secure approaches to session management, device trust, and account recovery.
• Confidential Computing (AWS Nitro Enclaves)
  Design enclave‑based architectures to isolate and protect sensitive workloads.
• Integrate Nitro Enclaves with KMS and secure APIs.
• Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
• Ensure compliance, auditability, and resilience of enclave workloads.
• Additional Security Domains
  Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
• Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
• Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
• Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.

• 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
• Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
• Expertise with AWS security best practices, particularly in serverless architectures.
• Hands‑on experience with AWS Nitro Enclaves for confidential computing.
• Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
• Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
• Background in SIEM design and log correlation across cloud and application layers.
• Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
• Experience with Secure Code Review.
• Understanding of software supply chain.
• Deep understanding of Linux internals.
• Remediate vulnerabilities identified in penetration test reports.
• Strong communication and collaboration skills, able to influence engineering and product teams.

• Familiarity with Bitcoin custody and key management practices.
• Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
• Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.

• Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
• Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
• Builder’s mindset, excited to create, iterate, and scale IS practices.
• Collaborative partner, able to influence across functions and cultures with empathy and clarity.
• Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
• Remote work experience.

• Comprehensive, best‑in‑class total rewards package that starts on your first day.
• Competitive PTO package.
• Ownership in the company through shared equity.
• Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
• Career that provides purpose in your job.
• We remove barriers so you love what you do.
• Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
• Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

• Application Security
  Lead secure design and code reviews across engineering teams.
• Define and enforce secure coding practices for JavaScript/TypeScript services.
• Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
• Conduct threat modeling and risk assessments for new features.
• Partner with engineers to remediate vulnerabilities and improve secure development practices.
• Authentication & Identity
  Own the roadmap for authentication and identity across customer and internal applications.
• Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
• Collaborate with Product to align usability, compliance, and security in authentication flows.
• Define secure approaches to session management, device trust, and account recovery.
• Confidential Computing (AWS Nitro Enclaves)
  Design enclave‑based architectures to isolate and protect sensitive workloads.
• Integrate Nitro Enclaves with KMS and secure APIs.
• Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
• Ensure compliance, auditability, and resilience of enclave workloads.
• Additional Security Domains
  Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
• Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
• Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
• Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.

• 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
• Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
• Expertise with AWS security best practices, particularly in serverless architectures.
• Hands‑on experience with AWS Nitro Enclaves for confidential computing.
• Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
• Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
• Background in SIEM design and log correlation across cloud and application layers.
• Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
• Experience with Secure Code Review.
• Understanding of software supply chain.
• Deep understanding of Linux internals.
• Remediate vulnerabilities identified in penetration test reports.
• Strong communication and collaboration skills, able to influence engineering and product teams.

• Familiarity with Bitcoin custody and key management practices.
• Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
• Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.

• Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
• Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
• Builder’s mindset, excited to create, iterate, and scale IS practices.
• Collaborative partner, able to influence across functions and cultures with empathy and clarity.
• Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
• Remote work experience.

• Comprehensive, best‑in‑class total rewards package that starts on your first day.
• Competitive PTO package.
• Ownership in the company through shared equity.
• Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
• Career that provides purpose in your job.
• We remove barriers so you love what you do.
• Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
• Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.

Ledn is a global financial services company built for digital assets, helping to improve the everyday lives of Bitcoin holders while building generational wealth for the future.

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role will drive both tactical improvements and long‑term strategy for securing our applications and authentication systems.

You will work across our JavaScript/TypeScript services, AWS serverless stack (Lambda, API Gateway, Cognito, SNS, SQS), MongoDB, and Kubernetes microservices, and take ownership of evolving our authentication layer toward modern, phishing‑resistant approaches. In addition, you will design and operate AWS Nitro Enclaves to protect critical data and cryptographic operations in isolated, verifiable environments. This is a hands‑on engineering role with direct impact on product security, infrastructure security, and customer trust.

• Application Security
  Lead secure design and code reviews across engineering teams.
• Define and enforce secure coding practices for JavaScript/TypeScript services.
• Automate vulnerability detection (SAST, SCA, DAST) within CI/CD.
• Conduct threat modeling and risk assessments for new features.
• Partner with engineers to remediate vulnerabilities and improve secure development practices.
• Authentication & Identity
  Own the roadmap for authentication and identity across customer and internal applications.
• Enhance existing Cognito‑based identity architecture with stronger, phishing‑resistant MFA solutions (e.g., WebAuthn, passkeys, hardware tokens).
• Collaborate with Product to align usability, compliance, and security in authentication flows.
• Define secure approaches to session management, device trust, and account recovery.
• Confidential Computing (AWS Nitro Enclaves)
  Design enclave‑based architectures to isolate and protect sensitive workloads.
• Integrate Nitro Enclaves with KMS and secure APIs.
• Migrate high‑value operations (e.g., cryptographic and financial processes) into enclave environments.
• Ensure compliance, auditability, and resilience of enclave workloads.
• Additional Security Domains
  Harden AWS services (Lambda, API Gateway, SQS, SNS) with least‑privilege IAM and secure key management.
• Improve Kubernetes security posture (RBAC, pod security, image scanning, runtime monitoring).
• Deploy and operate a SIEM framework; develop detection rules, dashboards, and incident playbooks.
• Support compliance initiatives (SOC 2, ISO 27001) with security controls and documentation.

• 10 years minimum of proven experience in Application Security with a focus on web and cloud‑native applications.
• Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10, auth bypasses, business logic flaws).
• Expertise with AWS security best practices, particularly in serverless architectures.
• Hands‑on experience with AWS Nitro Enclaves for confidential computing.
• Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
• Practical experience with Cognito / Auth0 (MFA, custom flows, secure session handling).
• Background in SIEM design and log correlation across cloud and application layers.
• Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
• Experience with Secure Code Review.
• Understanding of software supply chain.
• Deep understanding of Linux internals.
• Remediate vulnerabilities identified in penetration test reports.
• Strong communication and collaboration skills, able to influence engineering and product teams.

• Familiarity with Bitcoin custody and key management practices.
• Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
• Prior work on user‑facing security features such as passwordless authentication, recovery flows, or device trust.

• Looking for more than operational excellence — a leader who thrives in a startup or tech environment.
• Passion for progress, adaptability, and resilience in a high‑growth, fast‑paced environment.
• Builder’s mindset, excited to create, iterate, and scale IS practices.
• Collaborative partner, able to influence across functions and cultures with empathy and clarity.
• Demonstrate integrity and accountability, especially in managing confidential information across diverse legal and cultural contexts.
• Remote work experience.

• Comprehensive, best‑in‑class total rewards package that starts on your first day.
• Competitive PTO package.
• Ownership in the company through shared equity.
• Remote work: opportunity to work anywhere in the world for up to 180 days (subject to restrictions).
• Career that provides purpose in your job.
• We remove barriers so you love what you do.
• Equal‑opportunity employer proud of inclusivity, diversity, and success that comes from diversity.
• Accommodation requests can be made at any stage of the recruitment process; requests will be addressed confidentially.

Join to apply for the Security Engineer role at LEDN .

LEDN is a global financial services company that delivers digital asset lending, savings, and trading products across more than 150 countries. We believe that digital assets can democratize access to the global economy and are building products and services that enable that vision. Our core values are act with integrity, own it, have a passion for progress, and lead with empathy.

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role drives tactical improvements and long‑term strategy for securing our applications and authentication systems across JavaScript/TypeScript services, AWS serverless stack, MongoDB, Kubernetes microservices, and more.

• Application Security: Lead secure design and code reviews across engineering teams; define and enforce secure coding practices; automate vulnerability detection (SAST, SCA, DAST); conduct threat modeling; partner with engineers to remediate vulnerabilities.
• Authentication & Identity: Own the roadmap for authentication and identity across customer and internal applications; enhance Cognito-based identity architecture with phishing‑resistant MFA solutions (WebAuthn, passkeys, hardware tokens); define secure session management and device trust approaches.
• Confidential Computing (AWS Nitro Enclaves): Design enclave‑based architectures; integrate Nitro Enclaves with KMS and secure APIs; migrate high‑value operations into enclave environments; ensure compliance, auditability, and resilience.
• Additional Security Domains: Harden AWS services with least‑privilege IAM and secure key management; improve Kubernetes security posture; deploy and operate a SIEM framework with detection rules and incident playbooks; support SOC 2, ISO 27001 compliance initiatives.

• 10+ years of proven experience in Application Security focused on web and cloud‑native applications.
• Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10).
• Expertise with AWS security best practices, especially for serverless architectures.
• Hands‑on experience with AWS Nitro Enclaves for confidential computing.
• Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
• Practical experience with Cognito/Auth0 (MFA, custom flows, secure session handling).
• Background in SIEM design and log correlation across cloud and application layers.
• Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
• Experience with Secure Code Review and software supply chain security.
• Strong communication and collaboration skills; able to influence engineering and product teams.

• Familiarity with Bitcoin custody and key management practices.
• Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
• Prior work on user‑facing security features such as passwordless authentication and device trust.

• Adaptable, resilient, and comfortable navigating ambiguity in a fast‑paced, high‑growth environment.
• Builder’s mindset, excited to create, iterate, and scale security practices.
• Collaborative partner who influences across functions and cultures with empathy and clarity.
• Demonstrates integrity and accountability, especially around confidential information and diverse legal contexts.
• Has worked in a remote environment and can manage a remote first organization.

• Competitive PTO package and flexible work arrangements; remote work allowed up to 180 days per year.
• Ownership in the company through equity and crypto‑asset incentives.
• Growth opportunities in a leading digital‑asset company.
• Comprehensive total rewards package, including remote benefits and health coverage.

LEDN is an equal‑opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Accommodation requests can be submitted confidentially throughout the recruitment process.

Join to apply for the Security Engineer role at LEDN .

LEDN is a global financial services company that delivers digital asset lending, savings, and trading products across more than 150 countries. We believe that digital assets can democratize access to the global economy and are building products and services that enable that vision. Our core values are act with integrity, own it, have a passion for progress, and lead with empathy.

We are seeking a full‑time Security Engineer with deep expertise in Application Security, Identity & Access Management, and Confidential Computing to strengthen the security of our Bitcoin‑backed loan platform. This role drives tactical improvements and long‑term strategy for securing our applications and authentication systems across JavaScript/TypeScript services, AWS serverless stack, MongoDB, Kubernetes microservices, and more.

• Application Security: Lead secure design and code reviews across engineering teams; define and enforce secure coding practices; automate vulnerability detection (SAST, SCA, DAST); conduct threat modeling; partner with engineers to remediate vulnerabilities.
• Authentication & Identity: Own the roadmap for authentication and identity across customer and internal applications; enhance Cognito-based identity architecture with phishing‑resistant MFA solutions (WebAuthn, passkeys, hardware tokens); define secure session management and device trust approaches.
• Confidential Computing (AWS Nitro Enclaves): Design enclave‑based architectures; integrate Nitro Enclaves with KMS and secure APIs; migrate high‑value operations into enclave environments; ensure compliance, auditability, and resilience.
• Additional Security Domains: Harden AWS services with least‑privilege IAM and secure key management; improve Kubernetes security posture; deploy and operate a SIEM framework with detection rules and incident playbooks; support SOC 2, ISO 27001 compliance initiatives.

• 10+ years of proven experience in Application Security focused on web and cloud‑native applications.
• Strong knowledge of JavaScript/TypeScript/Golang/Python and modern web vulnerabilities (OWASP Top 10).
• Expertise with AWS security best practices, especially for serverless architectures.
• Hands‑on experience with AWS Nitro Enclaves for confidential computing.
• Deep understanding of authentication and authorization standards (OAuth2, OIDC, WebAuthn, FIDO2).
• Practical experience with Cognito/Auth0 (MFA, custom flows, secure session handling).
• Background in SIEM design and log correlation across cloud and application layers.
• Familiarity with Kubernetes security (RBAC, pod security, admission controls, image scanning).
• Experience with Secure Code Review and software supply chain security.
• Strong communication and collaboration skills; able to influence engineering and product teams.

• Familiarity with Bitcoin custody and key management practices.
• Knowledge of Infrastructure as Code security (Terraform, AWS CDK).
• Prior work on user‑facing security features such as passwordless authentication and device trust.

• Adaptable, resilient, and comfortable navigating ambiguity in a fast‑paced, high‑growth environment.
• Builder’s mindset, excited to create, iterate, and scale security practices.
• Collaborative partner who influences across functions and cultures with empathy and clarity.
• Demonstrates integrity and accountability, especially around confidential information and diverse legal contexts.
• Has worked in a remote environment and can manage a remote first organization.

• Competitive PTO package and flexible work arrangements; remote work allowed up to 180 days per year.
• Ownership in the company through equity and crypto‑asset incentives.
• Growth opportunities in a leading digital‑asset company.
• Comprehensive total rewards package, including remote benefits and health coverage.

LEDN is an equal‑opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Accommodation requests can be submitted confidentially throughout the recruitment process.