Light
Energy • B2C • B2B
Light is a Brazilian electric utility that generates, distributes and commercializes electricity to residential and commercial customers in the Rio de Janeiro area. The company provides billing and customer services (online and in-person), grid maintenance and expansion, anti-theft and emergency response operations, programs for energy efficiency, distributed generation and sustainability, and community and cultural initiatives.
DevSecOps Lead
Job not on LinkedIn
November 25
Light
Energy • B2C • B2B
Light is a Brazilian electric utility that generates, distributes and commercializes electricity to residential and commercial customers in the Rio de Janeiro area. The company provides billing and customer services (online and in-person), grid maintenance and expansion, anti-theft and emergency response operations, programs for energy efficiency, distributed generation and sustainability, and community and cultural initiatives.
📋 Description
• Own security across Light's engineering infrastructure and development lifecycle • Establish security controls and compliance posture for enterprise fintech customers • Split time between infrastructure security engineering (Terraform, AWS security services, CI/CD hardening), compliance programme execution (SOC 2, GDPR, ISO 27001) • Partner with engineering teams to integrate security into workflows • Design and implement security controls across the AWS environment • Harden EKS cluster security and secure CI/CD pipelines • Lead SOC 2 Type II compliance programme and establish security policies for GDPR and ISO 27001 • Implement automated compliance monitoring • Write Terraform, review architecture designs, triage security alerts, and coordinate penetration testing
🎯 Requirements
• 5-7 years' experience in security engineering roles, preferably in fintech, SaaS or payments • Proven experience owning infrastructure and cloud security in a fast-moving environment • Deep technical expertise: AWS (VPC, IAM, EKS, Lambda, RDS), Kubernetes, Terraform/IaC • Hands-on experience with vulnerability management, penetration test oversight, secure CI/CD, container security • Familiarity with compliance frameworks: SOC 2, ISO 27001, GDPR • Excellent risk judgment and ability to balance security requirements with business velocity • Strong communication skills — able to influence engineers and explain security to non-technical stakeholders • Bonus points: Prior experience in fintech / financial software / payments. • Certifications such as AWS Security Specialty, CISSP, CKS, OSCP, or equivalent • Experience with compliance automation platforms (Vanta, Drata, Secureframe) • Background in software engineering or prior development experience
🏖️ Benefits
• Competitive salary + stock options in our fast-growing startup • Paid parental leave • 25 days of annual leave + public holidays (in your country) • Regular socials and company off-sites • A huge opportunity to shape a market-defining product and engineering culture
Apply NowSimilar Jobs
September 10
Database Reliability Engineer for ClickHouse Cloud improving core database reliability, scalability, and performance. Lead incident response, metrics, chaos testing, and on-call processes.
AWS
Azure
Cloud
Google Cloud Platform
Python
SQL