Director Security Engineer | DevSecOps

Your wellbeing, our mission. Join a company shaping a healthier world.

GET TO KNOW US

At Wellhub we're revolutionizing workplace wellness. Our platform connects employees worldwide to the best partners for fitness, mindfulness, therapy, nutrition, and sleep—all in one simple subscription. Headquartered in NYC with team members in 11 countries, we’re on a mission to make every company a wellness company.

We believe work should be fulfilling, inspiring, and balanced. Here, you’ll find a team that values wellbeing, collaboration, and different perspectives, where passion and creativity push boundaries to create real impact. Your contributions will help shape a healthier, more balanced world for you and millions of people globally. 

Join us in redefining the future of wellbeing!

 

 

THE OPPORTUNITY

We are hiring a Director of Security Engineering for our Information Security team in Portugal! This is a Remote – Portugal position, meaning you can work from anywhere within the country. Please note that this role is only open to candidates in Brazil. 

The Information Security team is responsible for protecting our subscription-based product serving millions of users. As a Director of Security Engineering, you will be the technical leader driving application security, DevSecOps practices, and security engineering across our 10 product verticals. This is a unique opportunity to build security capabilities in a high-growth environment. You will help construct the technical security strategy, architect security solutions, lead threat modeling, and establish secure development practices across all engineering teams. The role requires deep technical expertise in application security, cloud security, and modern DevSecOps practices.In this capacity, you will serve as the primary architect for our security engineering roadmap, ensuring that protection is integrated at every stage. You will oversee the deployment of automated security tooling, mentor senior engineers in advanced vulnerability research, and partner with product leaders to balance rapid feature delivery with robust risk mitigation. Your leadership will be pivotal in scaling our security posture to meet the demands of a global, multi-vertical ecosystem while fostering a culture of shared security responsibility.

 

YOUR IMPACT 

• Lead the technical security strategy for product and application security, defining architecture standards, security baselines, and secure coding guidelines aligned with OWASP ASVS, NIST SSDF, and BSIMM frameworks.
• Architect and implement a comprehensive DevSecOps pipeline, integrating SAST, DAST, SCA, and container scanning across all CI/CD pipelines serving 10 product verticals.
• Drive threat modeling practices across critical product flows, partnering with engineering leads to identify and mitigate security risks before they reach production.
• Design and implement a centralized security telemetry architecture, connecting application logs, WAF events, and fraud signals into a unified SIEM platform for real-time detection.
• Lead the technical evaluation, selection, and implementation of security tools (SAST/DAST, SIEM/SOAR, PAM, API Gateway security, container security scanners).
• Establish and mentor a team of 7-8 embedded DevSecOps engineers across product verticals, providing technical guidance and ensuring consistent security standards.
• Own the technical roadmap for reducing MTTD from >48h to <1h and fraud detection from D+1 to real-time through security engineering and automation.
• Live the mission: inspire and empower others by genuinely caring for your own wellbeing and your colleagues. Bring wellbeing to the forefront of work, and create a supportive environment where everyone feels comfortable taking care of themselves, taking time off, and finding work-life balance.

 

WHO YOU ARE 

• A seasoned security engineer with experience in application security, cloud security, or security engineering, with at least 4 years in a senior technical leadership role.
• Deep expertise in secure software development lifecycle (SSDLC), threat modeling (STRIDE, PASTA), and security architecture for distributed systems and microservices.
• Hands-on experience with security tooling: SAST (Checkmarx, Snyk, SonarQube), DAST (Burp Suite, OWASP ZAP), SCA, container scanning (Trivy, Prisma), and SIEM platforms (Elastic, Splunk, Sentinel).
• Extensive knowledge of cloud security (AWS and/or GCP), including IAM, VPC security, secrets management, and container orchestration security (Kubernetes/EKS).
• Experience building and scaling DevSecOps programs, integrating security into CI/CD pipelines, and mentoring engineering teams on secure coding practices.
• Proficiency in at least two programming languages (Python, Go, Java, or JavaScript) with the ability to review code, write security tooling, and automate security workflows.
• Familiarity with compliance frameworks (ISO 27001, PCI DSS, LGPD/GDPR) and how they translate into technical security controls.
• Effective communication skills (Portuguese and English) to translate complex technical security concepts into actionable guidance for engineering teams at all levels.
• We recognize that individuals approach job applications differently. We strongly encourage all aspiring applicants to go for it, even if they don't match the job description 100%.
• For this specific role, please note that prior experience in application security engineering and DevSecOps pipeline implementation is a mandatory requirement.

 

WHAT WE OFFER YOU

With thoughtful benefits, emotional wellbeing resources, and a culture that empowers you to take ownership of your role and your wellbeing, we create an environment where you can thrive in all dimensions of your life. Our benefits include:

WELLHUB:  Free Gold membership with access to onsite gyms and studios, digital fitness programs, and online wellness resources for meditation, nutrition, mental wellbeing support, and more! Add up to three family members to your plan, ensuring access to wellness for those who matter most to you. 

HEALTHCARE: Health insurance.

FLEXIBLE WORK: As a Flexible First company, we offer hybrid and remote options to give you the freedom to work in a way that suits you. The model for this specific role can be discussed with your recruiter and hiring manager. We offer all employees a one-time reimbursement to set up their home office equipment and a monthly work allowance to help cover the costs of working from home.

FLEXIBLE SCHEDULE:  Flexibility for us isn’t just about where we work—it also means being able to shape how and when we get things done. Together with their leaders, employees define schedules that align with their time zones, team needs, and personal routines.

PAID TIME OFF: We know how important it is to take time away from work to recharge. Employees receive a minimum of 25 days paid holiday per year with an additional day for each year of tenure (up to 5) in addition to annual holidays (including an extra holiday on your birthday!).

PARENTAL LEAVE: Welcoming a new child is one of the most special moments in your life. Take the time to be present and enjoy your growing family. We offer 100% paid parental leave to all new parents. Parents giving birth are eligible for an extended leave and a ramp-back period to return part-time while they get settled.  

CAREER GROWTH: Access world-class platforms, participate in interactive sessions,  build your personalized development roadmap, and explore internal opportunities. We focus on continuous learning and feedback to support your journey toward personal and professional success. 

CULTURE: You’ll join a team of passionate people who come together to break boundaries, support each other, and create a meaningful impact in workplace wellness. We win together, building trust through open communication and a culture where every perspective matters. Learn more about our shared culture and values here. 

And to get a glimpse of life at Wellhub… Follow us on Instagram @lifeatwellhub and LinkedIn!

 

Diversity, Equity, and Belonging at Wellhub

We aim to create a collaborative, supportive, and inclusive space where everyone knows they belong. At Wellhub, we welcome and celebrate your authentic self.

Wellhub is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, gender identity or expression, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by appropriate law.

Our commitment to inclusion also extends to how we recognize and reward our people. We’re proud to be Syndio Fair Pay Certified, reflecting our ongoing dedication to equitable and fair pay practices across our global team. Read more about it here.

Questions on how we treat your personal data? See our Aviso de Privacidade para Candidatos. 

 

#LI-REMOTE

#LI-CM1