Title: Senior Security Engineer, Enterprise Security Location: São Paulo Job Description: At Braze, we have found our people. We’re a genuinely approachable, exceptionally kind, and intensely passionate crew. We seek to ignite that passion by setting high standards, championing teamwork, and creating work-life harmony as we collectively navigate rapid growth on a global scale while striving for greater equity and opportunity – inside and outside our organization. To flourish here, you must be prepared to set a high bar for yourself and those around you. There is always a way to contribute: Acting with autonomy, having accountability and being open to new perspectives are essential to our continued success. Our deep curiosity to learn and our eagerness to share diverse passions with others gives us balance and injects a one-of-a-kind vibrancy into our culture. If you are driven to solve exhilarating challenges and have a bias toward action in the face of change, you will be empowered to make a real impact here, with a sharp and passionate team at your back. If Braze sounds like a place where you can thrive, we can’t wait to meet you. WHAT YOU'LL DO As a Senior Security Engineer on the Enterprise Security team, you'll protect Braze employees, their assets, and work locations using various tools and technologies. Your responsibilities include investigating malware and advanced threats, implementing DLP in a variety of solutions, securing SAAS applications, hardening internal configurations, proposing security architecture enhancements, and developing alerts & reports. In this role you will build, maintain, and document essential security infrastructure operating at the center of cloud operations, product, app security, and system architecture. That includes developing and enforcing policies, collaborating with other business units to enhance SIEM capabilities, and reviewing business partner technologies for security improvements. This role allows for collaboration with technical stakeholders to further expand upon DLP, Integrations management & 3rd party Saas application review, Shadow AI, IAM, SSO, and vulnerability remediation. Take charge of securing communications, facilitating compliance, and deploying automation. You'll operate independently and collaboratively to implement protective systems and mentor junior associates in security concepts. As a senior team member, you'll help build functionality for a high-scale, growing customer base, collaborate with diverse security professionals, address unique security challenges, participate in on-call rotations, and respond to critical incidents. On-call rotation and working with Security and Engineering resources to help respond to critical incidents and escalations is an active part of this role. WHO YOU ARE Qualifications: - 5+ years of Security Engineering experience with a strong focus on enterprise security, network security, endpoint security - 3+ years of experience working in a corporate security organization/environment with hands on, technical, user facing implementation - Prior experience working as a technical authority in a team environment - A self-starter with great communication and organizational skills - Professional experience with the modern tech stack and protecting SaaS applications. Direct technical and hands on experience with securing Email, Mac endpoints, IAM, Crowdstrike EDR, Enterprise networking security (both endpoint and infra), and forensics - Experience conducting end-to-end security reviews of SaaS applications, data flow analysis, Technical architecture, authentication and authorization controls, and contractual security requirements, to ensure third-party tools meet organizational security standards - Experience leading the design, implementation, and continuous tuning of Data Loss Prevention (DLP) programs across endpoints, networks, and cloud environments, including policy development, incident triage, data classification alignment, and cross-functional collaboration to prevent unauthorized exfiltration of sensitive data. - Bonus: - Cloud security experience - Technical Security Certifications that delve deeper than high level concepts - #LI-Hybrid WHAT WE OFFER Braze benefits vary by location, and we encourage you to review our specific benefits offerings for each country here. More details on benefits plans will be provided if you receive an offer of employment. From offering comprehensive benefits to fostering hybrid ways of working, we’ve got you covered so you can prioritize work-life harmony. Braze offers benefits such as: - Competitive compensation that may include equity - Retirement and Employee Stock Purchase Plans - Flexible paid time off - Comprehensive benefit plans covering medical, dental, vision, life, and disability - Family services that include fertility benefits and equal paid parental leave - Professional development supported by formal career pathing, learning platforms, and a yearly learning stipend - A curated in-office employee experience, designed to foster community, team connections, and innovation - Opportunities to give back to your community, including an annual company-wide Volunteer Week and donation matching - Employee Resource Groups that provide supportive communities within Braze - Collaborative, transparent, and fun culture recognized as a Great Place to Work® - ABOUT BRAZE Braze is the leading customer engagement platform that empowers brands to Be Absolutely Engaging™. Braze helps brands deliver great customer experiences that drive value both for consumers and for their businesses. Built on a foundation of composable intelligence, BrazeAI™ allows marketers to combine and activate AI agents, models, and features at every touchpoint throughout the Braze Customer Engagement Platform for smarter, faster, and more meaningful customer engagement. From cross-channel messaging and journey orchestration to Al-powered decisioning and optimization, Braze enables companies to turn action into interaction through autonomous, 1:1 personalized experiences. The company has been consistently recognized as a Leader in marketing technology by industry analysts, and was named a G2 “Best of Marketing and Digital Advertising Software Product” in 2026. Braze was also named a 2026 Best Places to Work by Built In, a 2025 America’s Greenest Companies by Newsweek, and a 2025 Fortune Best Workplace in Technology™ by Great Place To Work®. Braze is also proudly certified as a Great Place to Work® in the U.S., the UK, Australia, and Singapore. The company is headquartered in New York with offices in Austin, Berlin, Bucharest, Chicago, Dubai, Jakarta, London, Paris, San Francisco, São Paulo, Singapore, Seoul, Sydney and Tokyo. BRAZE IS AN EQUAL OPPORTUNITY EMPLOYER At Braze, we strive to create equitable growth and opportunities inside and outside the organization. Building meaningful connections is at the heart of everything we do, and that includes our recruiting practices. We're committed to offering all candidates a fair, accessible, and inclusive experience – regardless of age, color, disability, gender identity, marital status, maternity, national origin, pregnancy, race, religion, sex, sexual orientation, or status as a protected veteran. When applying and interviewing with Braze, we want you to feel comfortable showcasing what makes you you. We know that sometimes different circumstances can lead talented people to hesitate to apply for a role unless they meet 100% of the criteria. If this sounds familiar, we encourage you to apply, as we’d love to meet you. Please see our Candidate Privacy Policy for more information on how Braze processes your personal information during the recruitment process and, if applicable based on your location, how you can exercise any privacy rights.

• Design and engineer security controls for AI-enabled SaaS applications • Define and evolve the enterprise AI Security Architecture, guardrails, and security requirements aligned to business objectives • Treat AI agents as first-class identities, defining authentication, authorization, lifecycle management, and revocation • Identify and mitigate AI-specific risks including data leakage, prompt injection, jailbreaks, model abuse, data poisoning, model extraction, and AI supply-chain risk • Collaborate closely with IAM, SecOps, AppSec, GRC, IT engineering, AI platform teams, and business stakeholders to embed security controls where they belong

Role Description - Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels. - Support AWS, Azure, and Google cloud operations in securing the public cloud environments. - Configure and troubleshoot IAM policies, Security Groups, Service Control Policies, Role Based Access Control, and Managed Service Identities. - Tune and configure SIEM performance and events data quality to maximize log correlation efficiency. - Work closely with the network team to implement and maintain network access control technologies. - Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks. - Demonstrate expertise in shell scripting and other programming languages, such as Python and PowerShell. - Show proficiency in understanding and using regular expressions (regex). - Have a solid understanding of REST/SOAP/WSDL/XML (Web Services) and HTTP request methods. - Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001. - Guide the network and operations teams in implementing security best practices. - Work with network and systems engineering teams to promote automation, automated monitoring and administration functionality. - Implement and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management. - Support the efforts to develop operational best practice procedural documentation for operations staff. - Assist in the development and documentation of various systems, policies, procedures, and customer deliverables. - Research new products and make appropriate recommendations. - Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed. - Conduct ongoing security assessments, document and track findings and remediation activities. - Provide on-call support as needed. Qualifications - BS in Computer Science, Engineering or related field desired. - Minimum 3 years of experience supporting an enterprise-level environment. - Good understanding of the following: log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, LogRhythm, Splunk, etc.), IDS/IPS technologies, vulnerability scanners (Nessus, Qualys, etc.) and other related technologies. - Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. - Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud. - Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX, etc. - Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS. - Working knowledge of firewall and web filtering technologies. - Experience practicing ITIL framework-based processes such as Change, Problem, and Incident Management in an enterprise environment. - Excellent verbal and written communication, presentation, and interpersonal skills. - Ability to define, document and support systems, policies, and procedures. - Excellent analytic, problem-solving and troubleshooting skills. - Good knowledge and experience designing network, system and application security architectures. - Ability to efficiently handle multiple projects with shifting priorities. - Ability to anticipate and mitigate risks as well as define architectural solutions. Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends—we set them and drive change. As a market leader in enterprise analytics and AI software, we've pioneered the BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. We are now also at the forefront of AI disruption, providing data via our enterprise semantic layer to AI agents, tools, and platforms. But that's not all. Strategy is also leading a groundbreaking shift in digital assets, adopting bitcoin as our primary treasury reserve asset in 2020. Since then, we have issued innovative bitcoin-backed securities and have been the leader in bitcoin treasury companies. This visionary move has helped us build a fortress balance sheet, and is solidifying our position as a forward-thinking, innovative force in the market. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee, you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment.

• Own vulnerability management, dependency security, threat modeling, security code reviews, and remediation of penetration test findings. • Strengthen our AWS security posture, identity and access management (IAM, SSO, SAML, SCIM), endpoint security, threat detection, and incident response capabilities. • Design and implement security controls for AI-powered products and workflows, including protections against prompt injection, data leakage, and other AI-specific risks. • Build technical safeguards that enable the secure use of PHI and sensitive data within LLM-powered systems. • Implement and maintain the technical controls, evidence, and security practices required to support HIPAA, SOC 2, and other compliance programs. • Leverage AI-powered tooling, automation, and modern security platforms to scale security impact across the organization. • Build self-service security solutions, paved roads, and runbooks that help engineers move quickly while maintaining strong security standards. • Partner closely with Engineering and IT to deliver pragmatic, scalable security solutions that support product velocity and business growth. • Be a force multiplier for the Pod-Infra team