Senior Software Engineer GitHub Governance

About the team

The GitHub Governance team is one of the highest-leverage teams in ETS. It decides — and operationalizes — how ten thousand Nubankers interact with GitHub, how repositories are governed, how access is granted and revoked, how vulnerabilities are surfaced and triaged, and how the platform serves as the substrate for AI-assisted development at Nubank. The team's mandate touches every engineer in the company and every InfoSec, IAM, and Datasec partner that depends on the platform. The team is currently four people, holding the platform's active mandate: KPMG audit obligations, the Moon device-block project, EMU (Enterprise Managed Users) migration, rollouts including Copilot Code Review, vibe-coding profile design, the inactivity-rule mechanism, and IP control work tied to the AI-First posture. Every GitHub change at Nubank now routes through formal change management with InfoSec.

About the role

The person is a hands-on individual contributor on the GitHub Governance team, owning platform operations and developer-facing support alongside the team's governance and compliance work. The role combines platform engineering with a strong service orientation: the person will be the team's primary point of contact for GitHub-related tickets, on-call support, and day-to-day developer experience issues across Nubank's engineering org. They will also contribute to audit evidence collection, access control automation, and the team's broader platform roadmap.

What the person will own

Developer support and on-call. The person will be the first responder for GitHub-related tickets — access issues, permission errors, policy questions, repo configuration problems — triaging and resolving them directly or routing to the right owner. They will participate in the team's on-call rotation and be the face of GitHub Governance for the developer community. Platform and Developer Experience. Beyond reactive support, the person will identify recurring pain points and build the tooling, automations, and documentation to address them at the root.This includes improving self-service flows, contributing to the Marlowe identity/access platform integrations, and helping engineers understand and navigate GitHub's governance model. Audit and compliance. The person will support evidence collection for Internal and External Audit, help maintain access controls aligned with SOX requirements, and contribute to the team's compliance posture across GitHub's governance surface.

What we are looking for

We are looking for two specific competencies, both required. Hands-on GitHub expertise. Genuine working depth in GitHub Enterprise: org and repo-level policy, access control, rulesets, audit logs, the GitHub API, Actions automation, and the operational realities of running GitHub at scale. The person should be able to diagnose a permission issue, write an automation to prevent it, and explain the tradeoff to a non-technical

stakeholder. Developer experience and platform orientation. A track record of making developers' lives easier — whether through tooling, documentation, automation, or support systems. Experience on platform or internal-tools teams, with a service mindset and a bias toward reducing friction at scale rather than solving one-off problems. Customer-facing / support experience. Comfort operating in an on-call or ticket-driven environment: communicating clearly with developers and stakeholders at different technical levels, and closing issues with the kind of follow-through that builds trust. Experience with audit or compliance workflows is a strong plus.