About this role
We are looking for a DevSecOps to help strengthen our security posture across a multi‑cloud environment and embed security into the way we build, deploy, and operate technology. This role is essential in driving a culture where security becomes “business as usual” and ensuring that best practices are consistently applied across teams.
You will work with high autonomy, collaborate with diverse technical groups, and take ownership of critical areas of the cloud security landscape while helping evolve automation, processes, and secure engineering practices.
🛠️ Your key responsibilities
Develop a solid understanding of the current security landscape across a multi‑cloud environment (AWS and GCP).Build relationships and understand interactions between system owners, engineering teams, and global security partners.Take ownership of specific areas within the cloud security ecosystem and drive improvements.Establish processes that ensure security is embedded throughout the engineering lifecycle (SSDLC).Lead or contribute to automation initiatives across the organization to reduce manual work and increase consistency.Implement and improve DevSecOps practices, embedding security controls into CI/CD and development workflows.Work with security tooling to support scanning, hardening, monitoring, and policy enforcement.Support cultural transformation, promoting a mindset of shared responsibility for security.Collaborate closely with Development, DevOps/SRE, Infrastructure, TSSI, EGSO, Audit, and global security partners.Operate independently with high ownership while contributing effectively across teams. 🎯 What we expect from you
Bachelor’s degree in Computer Science, Engineering, Information Systems, or a related technical field, or equivalent practical experience.Strong hands‑on experience with AWS Security (required).GCP Security strongly preferred (can be developed on the job for candidates with strong AWS background).Experience with:GitHubLinux/UnixScripting in Go or PythonTerraform (Infrastructure as Code)Solid understanding of Cloud Security Architecture, DevSecOps principles, and secure-by-design mindset.Familiarity with security tooling and ability to integrate controls into pipelines and cloud environments.Ability to collaborate across multiple teams while working independently with high autonomy.A problem‑solving attitude and the ability to understand the full end‑to‑end picture.A mindset of enabling teams — positioning security as a partner that helps deliver secure features and products.+ Advanced English and availability to travel to São Carlos/SP when need it.⭐ Nice to have
Hands-on experience with GCP security architecture.Experience with enterprise security tooling (SAST, SCA, secrets management, CSPM, etc.).Exposure to multi‑cloud environments or large‑scale enterprise infrastructure.Certifications in cloud security or DevSecOps (AWS/GCP security specialties, etc.).Experience driving cultural change or security adoption across engineering teams. At Serasa Experian, we believe that diversity is essential for a healthier and more innovative work environment, where everyone can share experiences and express their ideas. That’s why we promote several initiatives to support inclusive recruitment and the professional development of our people.
We also have our affinity groups, created to empower and support individuals from underrepresented groups: ExperianPride (LGBTQIAPN+ community), Ubuntu (racial equity), Women in Experian (gender equity), Aspire (people with disabilities), and Connecting Generations (generations).
Come be part of this transformation!
Experian Careers - Creating a better tomorrow together
Find out what its like to work for Experian by clicking here