Lead Security Engineer (AI-Native)
Location
Argentina
Posted
69 days ago
Salary
0
Seniority
Lead
Job Description
Lead Security Engineer (AI-Native)
Nerdy
Overview: The Lead Security Engineer drives Nerdy’s enterprise security and infrastructure strategy to ensure scalable, secure, and reliable systems in a AWS first environment. This role combines strategic leadership and hands-on operational oversight to protect company assets, ensure compliance, and support high-growth business objectives. About Nerdy: At Nerdy (NYSE: NRDY) - the company behind Varsity Tutors - we’re redrawing the blueprint of learning. Our Live + AI™ platform fuses real-time human expertise with proprietary generative-AI systems, setting a new bar for measurable academic impact at global scale. We recruit the kind of technologists and operators you’d bet on as solo founders - people who turn ambiguous problems into shipping code, iterate faster than markets move, and compound their advantage with every data point. In an era where great employees can deliver 10-times the leverage of the merely good, we back those who play to win. Fortune favors the bold. Join us. How we compete: - AI-Native at every level From the CEO to day-one hires, everyone builds and ships with generative AI. If you’re not wielding AI, you’re not done. - Entrepreneurial velocity Move at founder speed, prototype in hours, and measure in real user outcomes. Slow teams die. - Free-market rigor Ideas rise or fall on merit and results - no committees, no politics, no cap on upside. - Full-stack ownership You design, build, and run what you ship; accountability is a feature, not a bug. - Reward for contribution Pay rises with impact, not years. Outstanding results earn outsized rewards. We evaluate both what you achieve and how you achieve it: living our leadership principles and using AI effectively are formally measured and rewarded. - Relentless exploration Push the frontier of generative AI in live learning and - because only the paranoid survive - questioning every legacy assumption along the way. - Is Apolitical You stay focused on mission-aligned outcomes, not distractions or unrelated causes. If you’re a technically minded builder who thrives on open competition, personal responsibility, and the chance to redefine how the world learns - while continually stretching the limits of what generative AI can do - come do the most ambitious and rewarding work of your career here. Learn more at nerdy.com. Nerdy’s shareholder letters below explain our latest products and strategy: - Q4-2025 Shareholder Letter - Q3-2025 Shareholder Letter - Q2-2025 Shareholder Letter Responsibilities: - Define and execute enterprise security strategy - Partner closely with leaders to cover compliance, automation, and security best practices across the organization - Lead business continuity and disaster recovery planning - Identify and address security gaps created by the rapid adoption of new tools and platforms - Oversee threat detection, incident response, and vulnerability management - Ensure regulatory, privacy, and data protection compliance - Use AI-powered tools (e.g., Cursor, Claude Code, or equivalent) to implement security guardrails, automate checks, and accelerate security workflows - Mentor other engineers and collaborate with peers to strengthen the team's collective knowledge - Design secure, scalable, and resilient architecture - Embed security controls across Engineering, Product, Legal, and People teams - Manage vendors, security tools, and IT systems - Report security posture and risk metrics to executives Qualifications: - 7+ years in Security Engineering, IT, or Infrastructure leadership - Experience leading enterprise security in AWS-first environments - Hands-on experience with AWS security (IAM, security groups, logging, monitoring) - Strong knowledge of cybersecurity frameworks, risk, and compliance - Experience leading threat detection, vulnerability management, and incident response - Demonstrated ability to influence, driving security adoption across engineering and product teams - Expertise in cloud infrastructure, IAM, endpoint and network security - Explicit mentoring of senior-level engineers regularly - Ability to align security strategy with business goals - Strong executive communication and stakeholder management skills - Experience using AI tools for security purposes with tools like Cursor, GitHub Copilot, Claude, or similar - Bachelor’s in CS, Information Security, or related field (advanced degree/certs preferred - Nice to have: Familiarity with NIST 800-171 and/or CMMC Level 2 compliance frameworks Unleash Your Potential at Nerdy: At Nerdy, you'll earn your success through meritocracy and exceptional outcomes. Our benefits reward performance and initiative: - Competitive USD Compensation: Enjoy a market-leading rate paid in U.S. dollars. - 100% Remote (Home Country Only): Work from anywhere in your home country—no relocation required, no borders crossed. - Flexible Time Off: Our flexible PTO lets you recharge on your own terms and when you need it the most. - Local Holiday Pay: We honor your nation’s official holidays with paid time off—celebrate what matters to you. - Continuous Learning: Get a free, all-inclusive learning membership for you and your household—including 1-on-1 tutoring hours, unlimited on-demand classes, and access to our full suite of learning products and services. - Supercharge with AI: Gain exclusive access to cutting-edge AI tools that boost your productivity, making you feel almost super-human (cape not included). - Feedback-Rich, Collaborative Culture: Tap into regular training, peer reviews, and a team that treats every team member as a vital collaborator and owner in our success. - Make a Global Impact: Your expertise fuels an innovative platform used by learners around the world—be part of something transformative. The Bottom Line: If you're driven by impact, energized by ownership, and excited to help shape what’s next, you’ll thrive here. We move fast, think big, and reward those who deliver. This isn’t a traditional corporate environment - it’s a place to do the most meaningful work of your career.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
About Us Mindgard is a London-based startup specializing in AI security. We help security teams test and find vulnerabilities within AI apps, models, and systems in less time. We’ve spun-out from a leading UK university, and our mission is to secure the future of AI against cyber attacks targeting AI. This is an unsolved challenge globally, and we are among the world’s first to offer a solution to this rapidly growing problem. The Role We are hiring a mid-level Security & IT Engineer to take full ownership of implementing our IT security controls and embedding them into how the company actually operates. This is a hands-on role. Your primary focus for the first 6 months will be turning our existing security policies into real, working systems and processes across engineering, product, and research. You will act as the bridge between compliance requirements and day-to-day execution - ensuring controls are not only in place, but practical, scalable, and aligned with how we build. Alongside this, you will own core IT operations, including device management, access control, and internal support, ensuring the company runs securely and efficiently. You will work closely with Operation leadership, Security leadership, and the Engineering team. What You Will Own 1. SOC 2 Implementation (70–80%) - Primary Focus You will be responsible for taking SOC 2 requirements and making them real inside the business. - Translating SOC 2 policies into working technical controls across systems and workflows - Implementing and enforcing access controls across engineering tools and infrastructure - Setting up logging, monitoring, and alerting in a way that aligns with how engineering operates - Embedding security into development workflows without slowing teams down - Ensuring all controls are properly configured, tested, and continuously monitored - Maintaining audit-ready evidence (logs, configurations, screenshots, system outputs) - Ensuring our compliance platform accurately reflects reality at all times - Establishing repeatable processes for access reviews, incident tracking, and risk management - Acting as the primary owner of technical audit readiness 2. Security Monitoring & Incident Response (10–15%) - Monitor systems for security events and unusual activity - Investigate alerts and take first response actions - Define clear processes for escalation and incident handling - Maintain simple, effective response playbooks - Run occasional internal security tests or drills 3. IT Operations & Access Management (10–15%) Own day-to-day internal security and IT operations, including: - Managing employee devices and enforcing security standards - Administering identity and access systems (onboarding, offboarding, permissions) - Ensuring least-privilege access across all tools and systems - Supporting employees with technical issues and access requests - Maintaining secure configurations across laptops, tools, and internal systems 4. Security Questionnaires & Documentation - Own the security questionnaire process end-to-end - Build and maintain a central library of approved answers - Reduce dependency on leadership over time - Ensure all responses accurately reflect implemented controls
Lead Security Architect
LI.FIThe multi-chain liquidity gateway. A DeFi middleware to build crypto-enabled businesses.
• Own and strengthen company-wide security and compliance • Lead security efforts across infrastructure, applications, internal systems, and employee devices • Identify risks and vulnerabilities across the organisation and ensure they are addressed • Establish scalable security processes and best practices across teams • Own the organisation's compliance posture - define target frameworks, drive progress against them, and ensure requirements are reflected in day-to-day operations • Coordinate audits and external security work • Own relationships with external security firms and auditors • Lead the organisation through compliance framework certifications end-to-end • Plan and run security reviews and external audits, ensuring findings are tracked and resolved • Act as the internal authority on external security requirements and regulatory expectations • Build security awareness across the company • Define and own the company's security awareness and training programme • Drive application security • Own the Secure Software Development Lifecycle (Secure SDLC) across the engineering organisation • Work closely with engineering teams to ensure secure design and implementation of products — getting into the detail where needed • Personally review tools, frameworks, and architectures for security risks and ensure findings drive action • Own Web3 security • Bring a solid understanding of Web3-specific security risks — smart contract vulnerabilities, protocol exploits, wallet and key management, and on-chain threat vectors • Own AI Security • Identify and mitigate security risks related to AI-driven tooling, agents, and automation • Implement security tooling and automation • Own the security tooling strategy — defining requirements, evaluating solutions, and driving implementation • Establish monitoring standards, incident response processes, and security workflows • Ensure security is consistently embedded in engineering pipelines and tooling
Consultor Especializado en Cumplimiento PCI DSS y Ciberseguridad
FRICE ConsultingEn FRICE Consulting valoramos la diversidad e inclusión, fomentando un entorno donde el talento trasciende cualquier diferencia. ¡Únete a nuestra Comunidad FRICE! No dudes en postular por el portal.
Este es un puesto de trabajo remoto. · Desde FRICE Consulting, empresa líder en Consultoría TI y captación de Talento Digital, desde el año 2016 tenemos operaciones en distintos países de Latinoamérica. En este momento, para un importante cliente que tiene operaciones en diversos países, nos encontramos en la búsqueda de un talento para el perfil: Consultor Especializado en Cumplimiento PCI DSS y Ciberseguridad - País: Residentes en Brasil / Colombia / Chile / Argentina - Modalidad: Remoto (con presencialidad ocasional) - Tiempo de asignación: A convenir - Jornada Laboral: Full Time, Lunes a viernes Objetivo del puesto: - Realizar una evaluación integral del flujo de pagos de la compañía, abarcando tanto los puntos de venta (POS) como el canal web. - Identificar riesgos, brechas de cumplimiento y procesos operativos asociados a los componentes tecnológicos del flujo de pagos. - Verificar el cumplimiento de los lineamientos de ciberseguridad y las normativas internacionales aplicables, con especial énfasis en PCI DSS (versión 4.0 preferente). - Elaborar informes técnicos y ejecutivos que presenten hallazgos, evidencias y recomendaciones concretas y aplicables, priorizando un enfoque práctico y no teórico. Requisitos: - Formación en Ingeniería en Informática, Sistemas, Ciberseguridad o carrera afín. - 3 a 5 años de experiencia comprobable en proyectos de cumplimiento PCI DSS (idealmente versión 4.0). - Experiencia práctica en evaluaciones de cumplimiento, levantamiento de procesos y revisión de controles técnicos. - Conocimiento técnico sólido del ecosistema de pagos retail: POS, pinpads, gateways, adquirentes, tokens, cifrado y arquitectura de red. - Capacidad para comunicar riesgos técnicos a audiencias no técnicas y coordinar equipos multidisciplinarios. Principales funciones: - Elevar y documentar el flujo completo de pagos en entornos POS y web, incluyendo actores, procesos, aplicaciones y componentes tecnológicos. - Evaluar el grado de cumplimiento con PCI DSS (v4.0 preferente) y otros estándares internacionales relevantes. - Identificar riesgos de seguridad y brechas de cumplimiento operativas y tecnológicas. - Revisar la configuración y segmentación de red, controles de acceso, cifrado y almacenamiento seguro de datos de tarjeta. - Analizar procesos operativos y controles de ciberseguridad aplicados a la infraestructura de pagos. - Preparar y presentar informes técnicos y ejecutivos, con hallazgos claros, evidencias y recomendaciones prácticas. - Asesorar a los equipos internos en la definición de planes de remediación. - Verificar el cumplimiento de lineamientos de seguridad en proveedores y terceros. - Promover buenas prácticas de ciberseguridad y cumplimiento normativo dentro del equipo de trabajo. Conocimientos requeridos: - Seguridad en entornos Cloud (AWS, Azure o GCP). - Desarrollo seguro (DevSecOps): revisión de código, pruebas de seguridad. - Segregación de funciones y control de accesos (RBAC, IAM). - Seguridad en integraciones (API Security, autenticación y cifrado). - Uso de herramientas de seguridad (SIEM, escáneres de vulnerabilidades, etc.). Conocimientos deseables: - Experiencia en normativas y marcos complementarios: ISO 27001, NIST, CIS, OWASP. - Certificaciones o formación adicional en seguridad de la información o cumplimiento normativo. En FRICE Consulting valoramos la diversidad e inclusión, fomentando un entorno donde el talento trasciende cualquier diferencia. ¡Únete a nuestra Comunidad FRICE! No dudes en postular por el portal.
Mainframe Security Specialist
Blue PearlWe craft CLOUD solutions that fit your business requirements and budget.
• Lead remediation of MQ security vulnerabilities within a mainframe environment • Design and implement secure access control frameworks using Broadcom Top Secret • Define and document security patterns and controls across: Batch processing environments, CICS transactions, User access and permissions, Third-party integrations • Collaborate with mainframe and MQ engineers/SMEs to ensure best-practice security implementation • Provide expert input on mainframe security architecture and governance • Ensure all remediation activities are completed within audit timelines (before September deadline) • Produce clear documentation of security configurations, standards, and patterns
