1m
DevSecOps Engineer, Technical Referent
Requisitos
What skills do you need?
- Strong security engineering across IAM/SSO/PAM, role modeling (RBAC/ABAC), least privilege, and SoD.
- Public cloud expertise: AWS and GCP IAM; Microsoft Entra ID; SAML/OIDC, SCIM; tools such as Apono, Jamf, and Intune.
- Automation mindset: infrastructure-as-code and policy-as-code (Terraform/Pulumi/Ansible) and scripting (Python/Bash).
- Audit and compliance experience: PCI DSS, SOX, and ISO 27001 (planning, evidence collection, remediation follow-up).
- Proven ability to identify and deliver security automations that reduce manual access tasks and audit effort.
- Effective collaboration with DevOps, Networking, Security, and Service Desk; clear stakeholder communication.
Anuncio original
Why should you join dLocal?
dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world's fastest-growing, emerging markets.
By joining us you will be a part of an amazing global team that makes it all happen. Being a part of dLocal means working with 1000+ teammates from 30+ different nationalities and developing an international career that impacts millions of people's daily lives. We are builders, we never run from a challenge, we are customer-centric, and if this sounds like you, we know you will thrive in our team.
What's the opportunity?
Join dLocal's IT Cloud Platform Services to strengthen identity, access, and endpoint security across our multi-cloud environment. You'll design and govern role models, lead SSO and IAM integrations for AWS, GCP, and Microsoft Entra ID, and drive secure-by-default automation that reduces manual work and errors. You'll collaborate daily with DevOps, Networking, Security, and Service Desk to standardize controls and improve developer productivity. You'll also leverage AI tools to accelerate analysis, policy design, and continuous improvements, informed by our enterprise access matrix.
What will you be doing?
- Define and maintain the enterprise role model (RBAC/ABAC), ownership, and approval flows; align designs and reviews with the access matrix.
- Lead SSO and identity integrations (SAML/OIDC, SCIM, MFA) on Microsoft Entra ID; standardize application onboarding and lifecycle.
- Administer AWS IAM and GCP IAM at org/account/project levels (SCPs/org policies, permission boundaries, service accounts, workload identity), enforcing least privilege and SoD.
- Build automation for provisioning, deprovisioning, and periodic access reviews using IaC/PaC; integrate JIT/PAM workflows (e.g., Apono).
- Strengthen endpoint and device posture with Jamf and Intune (baselines, compliance, conditional access signals) tied to identity controls.
- Implement guardrails and continuous controls (audit trails, logging, anomaly detection for access usage) with clear remediation playbooks.
- Identify, prioritize, and deliver automation opportunities that remove manual access tasks, reduce escalations, and increase audit readiness.
- Use AI tools to analyze access patterns, suggest policy improvements, and speed up documentation and evidence gathering, safely and with governance.
- Partner with DevOps, Networking, Security, and Service Desk on scalable workflows, incident resolution, and user experience improvements.
- Document architectures, runbooks, and SOPs; support audits and risk assessments with clear evidence and metrics.
Implement and review application permissions in Amazon EKS (Kubernetes RBAC, service accounts, IRSA) to enforce least privilege and SoD. -
Implement and review application permissions in Amazon EKS (Kubernetes RBAC, service accounts, IRSA) to enforce least privilege and SoD.
What do we offer?
Besides the tailored benefits we have for each country, dLocal will help you thrive and go that extra mile by offering you:
- Flexibility: we have flexible schedules and we are driven by performance.
- Fintech industry: work in a dynamic and ever-evolving environment, with plenty to build and boost your creativity.
- Referral bonus program: our internal talents are the best recruiters - refer someone ideal for a role and get rewarded.
- Social budget: you'll get a monthly budget to chill out with your team (in person or remotely) and deepen your connections!
- dLocal Houses: want to rent a house to spend one week anywhere in the world coworking with your team? We've got your back!
Flexibility in how you work: We focus on impact and productivity over fixed hours. This means our teams have flexible schedules and, depending on your role and location, you will combine self‑managed focus time with moments of in‑person connection in our collaboration hubs.
What happens after you apply?
Our Talent Acquisition team is invested in creating the best candidate experience possible, so don't worry, you will definitely hear from us. We will review your CV and keep you posted by email at every step of the process!
Candidatura gestionada por dLocal