Job Description
Why should you join dLocal?
dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world’s fastest-growing, emerging markets.
By joining us you will be a part of an amazing global team that makes it all happen. Being a part of dLocal means working with 1000+ teammates from 30+ different nationalities and developing an international career that impacts millions of people’s daily lives. We are builders, we never run from a challenge, we are customer-centric, and if this sounds like you, we know you will thrive in our team.
What You’ll do:
- Own and continuously evolve our cloud WAF stack, defining and tuning rules, policies, and traffic flows to protect public APIs and frontends at scale, while proactively reducing noise and false positives.
- Build and maintain end‑to‑end HTTP/HTTPS observability, including structured logging, dashboards, alerting, and synthetic checks, so that performance issues, misconfigurations, and attacks are detected and triaged early.
- Drive WAF and networking infrastructure as code (IaC), fully integrated into CI/CD pipelines, ensuring changes are repeatable, auditable, tested, and secure, and helping to reduce configuration drift across environments.
- Design and operate VPCs and core network services(routing, DNS, VPNs, and third‑party connectivity), making sure they are resilient, scalable, and aligned with our global network and security architecture.
- Automate key deployment and configuration workflows (e.g., onboarding and decommissioning sites, rule and policy lifecycle, failover between WAF providers), minimizing manual work, human error, and operational risk.
- Lead and actively participate in incident response for network and WAF‑related security, performance, and availability events, including triggering WAF DRP procedures, executing controlled failovers, and driving post‑mortems and follow‑up remediation.
- Partner closely with Information Security and Compliance to ensure the network and WAF architecture meets regulatory and industry standards (e.g., PCI, SOX), providing audit‑ready evidence and continuously strengthening controls.
- Keep technical documentation current and actionable for architectures, traffic flows, runbooks, and configuration standards, enabling other engineering teams to move fast while maintaining a strong security and reliability posture.
What We Need You to Have:
- Solid, hands‑on experience managing and configuring WAFs in cloud environments (ideally multi‑provider), protecting high‑traffic web applications and APIs.
- Strong knowledge of networking and protocols (TCP/IP, HTTP/HTTPS, TLS, DNS, routing, load balancers, VPN/IPsec).
- Practical experience with at least one cloud provider (ideally AWS) and its networking components (VPC, subnets, security groups, NACLs, routing, load balancers).
- Real‑world experience with Infrastructure as Code (Terraform or similar) and CI/CD pipelines to manage network and WAF changes.
- Experience in observability and monitoring: log, metric and trace analysis, building actionable dashboards and alerts (latency, errors, throughput, anomalous traffic patterns).
- Strong communication and cross‑team collaboration skills (Networking, Security, Platform, Product), with English good enough to document and coordinate in writing and in calls.
- English
Would be Awesome if you had:
- Exposure to PCI-DSS framework or any other relevant security standard will be valued;
- Good knowledge of security architectures, both monoliths and microservices, including how they are developed and operate at scale;
- Good understanding about Machine learning, RAG, and LLM logic in context of security results.
- Previous work in high‑criticality environments (payments, fintech, banking, global e‑commerce) where availability and latency are key.
- Background as a network/security architect, able to propose end‑to‑end designs (multi‑WAF, multi‑cloud, DRP, zero‑trust, etc.) and explain technical and business trade‑offs.
What do we offer?
Besides the tailored benefits we have for each country, dLocal will help you thrive and go that extra mile by offering you:
- Flexibility: we have flexible schedules and we are driven by performance.
- Fintech industry: work in a dynamic and ever-evolving environment, with plenty to build and boost your creativity.
- Referral bonus program: our internal talents are the best recruiters - refer someone ideal for a role and get rewarded.
- Learning & development: get access to a Premium Coursera subscription.
- Language classes: we provide free English, Spanish, or Portuguese classes.
- Social budget: you’ll get a monthly budget to chill out with your team (in person or remotely) and deepen your connections!
- dLocal Houses: want to rent a house to spend one week anywhere in the world coworking with your team? We’ve got your back!
Flexibility in how you work: We focus on impact and productivity over fixed hours. This means our teams have flexible schedules and, depending on your role and location, you will combine self‑managed focus time with moments of in‑person connection in our collaboration hubs.
What happens after you apply?
Our Talent Acquisition team is invested in creating the best candidate experience possible, so don’t worry, you will definitely hear from us. We will review your CV and keep you posted by email at every step of the process!
Also, you can check out our webpage, Linkedin and Youtube for more about dLocal!
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
