Senior Security Engineer

Why should you join dLocal? dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world’s fastest-growing, emerging markets. By joining us you will be a part of an amazing global team that makes it all happen, in a flexible, remote-first dynamic culture with travel, health and learning benefits, among others. Being a part of dLocal means working with 1000+ teammates from 30+ different nationalities and developing an international career that impacts millions of people’s daily lives. We are builders, we never run from a challenge, we are customer‑centric, and if this sounds like you, we know you will thrive in our team. About Us & The Role We're not building a traditional security team. We are a lean, forward‑thinking organization that rapidly adopts the latest disruptive innovations to stay ahead of the curve. We believe the future of defense is smart, efficient, and scaled, and we're leveraging AI agents and modern platforms to build it. What You’ll Do Hunt, Don’t Just Wait: Conduct adversary‑centric threat hunts, fueled by cutting‑edge threat intelligence and the MITRE ATT&CK framework. You’ll go beyond alerts to perform proactive, hypothesis‑driven analysis. Lead End‑to‑End Response: Command the full incident lifecycle—from triage and containment to eradication and post‑mortem—for incidents across our endpoint, identity, and multi‑cloud environments. Build Smarter Detections: Engineer, tune, and maintain high‑fidelity detections in our SIEM. Your goal isn’t just to find evil, but to do so with precision, minimizing noise and maximizing signal. Automate Everything: Design, build, and scale our automated response workflows. You’ll be a primary driver in leveraging our SOAR, AI agents, and custom automations (Tines, etc.) to create smart, efficient responses that allow us to scale. Integrate Threat Intelligence: Actively consume and integrate threat intel to inform detection engineering, enrich investigations, and guide proactive hunting campaigns. Partner & Innovate: Work directly with engineers and product teams to ensure security telemetry is actionable, measurable, and built for a modern, automated defense. Act as a Senior Escalation Point: Serve as a key leader for major incidents, providing technical and strategic guidance to the wider Cyber Defense team. What You Bring A “Builder” Mindset: 4–8 years of experience in Security Operations, Detection Engineering, or Incident Response, with a clear passion for building solutions, not just operating them. Proven IR Expertise: Demonstrable, hands‑on experience with advanced incident response (host, identity, or cloud). Deep Detection & SIEM Skills: Strong expertise in SIEM and detection (Sumo Logic, Splunk, Sentinel, Elastic, Crowdstrike, Panther, Hunters) and a proven track record of creating and tuning robust detections. An Adversary‑Centric Approach: You think like an attacker. You’re deeply familiar with the MITRE ATT&CK framework and modern attacker tradecraft. A Passion for Automation: You have a clear drive to automate the mundane. Whether it’s with SOAR platforms, Python, or other tools, you believe in automating to focus on the critical. Technical Acumen: Familiarity with endpoint security (EDR), identity protection and data loss prevention tools, and modern cloud environments. Clarity & Discipline: Strong written communication and documentation skills are essential. You know how to write a playbook, document a finding, and communicate complex issues clearly. Curiosity for the Future: A genuine excitement for new technology. You’re eager to learn and apply new tools, including AI agents and modern platforms, to solve complex security problems. Nice to Have Deep experience with cloud‑native security (AWS, GCP, or Azure). Experience integrating and operationalizing threat intelligence platforms. Familiarity with IaC (Terraform / Ansible) or container security concepts. Prior exposure to purple‑team exercises. Certifications such as GCIA, GCFA, OSCP, or similar are valued but not required. Why You’ll Love It Here This is a high‑impact, high‑ownership role. You’ll join a small, senior team where everyone contributes end‑to‑end. We’re building a modern, intelligent, and automated defense program from the ground up. If you’re tired of legacy tools and rigid, reactive processes, and you want to build the future of cyber defense using the latest disruptive innovations, let’s talk. Benefits & Offerings Remote work: work from anywhere or one of our offices around the globe. Flexibility: we have flexible schedules and we are driven by performance. Fintech industry: dynamic and ever‑evolving environment. Referral bonus program: internal talents are the best recruiters. Learning & development: Premium Coursera subscription. Language classes: free English, Spanish, or Portuguese classes. Social budget: monthly budget to connect with team. We may use artificial intelligence tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us. #J-18808-Ljbffr