DevSecOps Engineer, Technical Referent

DLocal

Job Location:

Madrid - Spain

Monthly Salary: Not Disclosed

Posted on: 8 hours ago

Vacancies: 1 Vacancy

Job Summary

Why should you join dLocal

dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate we make it possible for our merchants to make inroads into the worlds fastest-growing emerging markets.

By joining us you will be a part of an amazing global team that makes it all happen. Being a part of dLocal means working with 1000 teammates from 30 different nationalities and developing an international career that impacts millions of peoples daily lives. We are builders we never run from a challenge we are customer-centric and if this sounds like you we know you will thrive in our team.

Whats the opportunity

Join dLocals IT Cloud Platform Services to strengthen identity access and endpoint security across our multi-cloud environment. Youll design and govern role models lead SSO and IAM integrations for AWS GCP and Microsoft Entra ID and drive secure-by-default automation that reduces manual work and errors. Youll collaborate daily with DevOps Networking Security and Service Desk to standardize controls and improve developer productivity. Youll also leverage AI tools to accelerate analysis policy design and continuous improvements informed by our enterprise access matrix.

What will you be doing

Define and maintain the enterprise role model (RBAC/ABAC) ownership and approval flows; align designs and reviews with the access matrix.
Lead SSO and identity integrations (SAML/OIDC SCIM MFA) on Microsoft Entra ID; standardize application onboarding and lifecycle.
Administer AWS IAM and GCP IAM at org/account/project levels (SCPs/org policies permission boundaries service accounts workload identity) enforcing least privilege and SoD.
Build automation for provisioning deprovisioning and periodic access reviews using IaC/PaC; integrate JIT/PAM workflows (e.g. Apono).
Strengthen endpoint and device posture with Jamf and Intune (baselines compliance conditional access signals) tied to identity controls.
Implement guardrails and continuous controls (audit trails logging anomaly detection for access usage) with clear remediation playbooks.
Identify prioritize and deliver automation opportunities that remove manual access tasks reduce escalations and increase audit readiness.
Use AI tools to analyze access patterns suggest policy improvements and speed up documentation and evidence gathering safely and with governance.
Partner with DevOps Networking Security and Service Desk on scalable workflows incident resolution and user experience improvements.
Document architectures runbooks and SOPs; support audits and risk assessments with clear evidence and metrics.
Implement and review application permissions in Amazon EKS (Kubernetes RBAC service accounts IRSA) to enforce least privilege and SoD.
Implement and review application permissions in Amazon EKS (Kubernetes RBAC service accounts IRSA) to enforce least privilege and SoD.

What skills do you need

Strong security engineering across IAM/SSO/PAM role modeling (RBAC/ABAC) least privilege and SoD.
Public cloud expertise: AWS and GCP IAM; Microsoft Entra ID; SAML/OIDC SCIM; tools such as Apono Jamf and Intune.
Automation mindset: infrastructure-as-code and policy-as-code (Terraform/Pulumi/Ansible) and scripting (Python/Bash).
Audit and compliance experience: PCI DSS SOX and ISO 27001 (planning evidence collection remediation follow-up).
Proven ability to identify and deliver security automations that reduce manual access tasks and audit effort.
Effective collaboration with DevOps Networking Security and Service Desk; clear stakeholder communication.

What do we offer

Besides the tailored benefits we have for each country dLocal will help you thrive and go that extra mile by offering you:

- Flexibility: we have flexible schedules and we are driven by performance.

- Fintech industry: work in a dynamic and ever-evolving environment with plenty to build and boost your creativity.

- Referral bonus program: our internal talents are the best recruiters - refer someone ideal for a role and get rewarded.

- Social budget: youll get a monthly budget to chill out with your team (in person or remotely) and deepen your connections!

- dLocal Houses: want to rent a house to spend one week anywhere in the world coworking with your team Weve got your back!

Flexibility in how you work: We focus on impact and productivity over fixed hours. This means our teams have flexible schedules and depending on your role and location you will combine selfmanaged focus time with moments of inperson connection in our collaboration hubs.

What happens after you apply

Our Talent Acquisition team is invested in creating the best candidate experience possible so dont worry you will definitely hear from us. We will review your CV and keep you posted by email at every step of the process!

Also you can check out ourwebpage Linkedin and Youtubefor more about dLocal!

We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.

Required Experience:

Why should you join dLocaldLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we opera...