Visa

Senior Cybersecurity Engineer

Visa

full-time

Posted on:

Location Type: Remote

Location: Brazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

CloudDistributed SystemsKubernetesTerraform

About the role

  • Designing, implementing, and operating identity and authorization platforms used across internal and external services
  • Defining and evolving authentication and authorization patterns based on OAuth 2.0, OpenID Connect, and token-based security
  • Supporting and improving API security using API Gateway technologies, preferably Kong, including authentication flows, rate limiting, and policy enforcement
  • Collaborating with engineering teams to securely integrate identity solutions into APIs and services
  • Building and maintaining infrastructure using Infrastructure as Code (Terraform)
  • Operating and securing Kubernetes-based workloads and identity-related services
  • Contributing to cloud architecture decisions with a strong focus on security, resilience, and scalability
  • Partnering with DevOps and SRE teams to improve observability, incident response, and operational excellence
  • Participating in security reviews, threat modeling, and architecture design discussions
  • Defining best practices, documentation, and reference architectures for identity and access management
  • Continuously learning and staying current with modern identity, cloud security, and platform engineering practices

Requirements

  • 6 or more years of work experience with a Bachelor's Degree or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or up to 3 years of relevant experience with a PhD
  • Strong experience securing API Gateway platforms , with deep familiarity in architectures based on Kong Gateway (Enterprise or OSS) , including ingress and egress traffic patterns in cloud‑native environments.
  • Proven expertise in Identity and service‑to‑service security , including the design, enforcement, and validation of mTLS‑based communication , certificate lifecycle management, and trust boundaries across distributed systems.
  • Hands‑on experience working with Public Key Infrastructure (PKI) concepts and implementations, including certificate issuance, rotation, revocation, and integration with gateways and workloads.
  • Deep understanding of API security controls implemented at the gateway layer, such as OAuth2, OpenID Connect, JWT validation, client credentials, rate limiting, traffic filtering, and abuse prevention.
  • Strong experience securing Kubernetes‑based platforms , including API Gateway deployments running inside clusters, with knowledge of namespaces, workload isolation, network policies, and integration with service mesh when applicable.
  • Solid experience reviewing and influencing Infrastructure as Code (IaC) used to provision API Gateways, identity components, and supporting infrastructure, particularly using Terraform and GitOps‑style workflows.
  • Proven ability to perform security assessments, threat modeling, and architectural reviews for gateway and identity platforms, identifying systemic risks, misconfigurations, and scalability concerns.
  • Strong understanding of observability and security monitoring for gateways and identity services, including logs, metrics, and traces used to detect anomalies, investigate incidents, and support audits.
  • Excellent analytical and problem‑solving skills, with strong attention to detail when operating in high‑traffic, multi‑environment, and multi‑region platforms .
  • Ability to clearly communicate security risks, architectural decisions, and remediation strategies to engineering teams, platform owners, and non‑technical stakeholders.
  • Demonstrated ability to lead and influence cross‑functional teams , including platform engineering, SRE, and application teams, ensuring consistent security baselines across the API and identity ecosystem.
Benefits
  • Employees can work remotely
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
OAuth 2.0OpenID ConnectAPI securityKong GatewayInfrastructure as CodeTerraformKubernetesPublic Key InfrastructuremTLSGitOps
Soft Skills
analytical skillsproblem-solving skillsattention to detailcommunication skillsleadershipinfluencecollaborationsecurity assessmentthreat modelingarchitectural reviews