DevSecOps
DevSecOps
- 0 Vacancy
- 280 Views
Offer Salary
Attractive
Job Description
dLocal powers local payments connecting merchants with billions of emerging market consumers through one single API.
Why you should join dLocal?
dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world’s fastest-growing, emerging markets.
By joining us you will be a part of an amazing global team that makes it all happen, in a flexible, remote-first dynamic culture with travel, health, and learning benefits, among others. Being a part of dLocal means working with 600+ teammates from 25+ different nationalities and developing an international career that impacts millions of people’s daily lives. We are builders, we never run from a challenge, we are customer-centric, and if this sounds like you, we know you will thrive in our team.
What will I be doing?
- You are going to be responsible for designing, implementing, and supporting a Threat Intel program and perform Threat Modelling;
- Reviewing of threat data from various sources and develops custom signatures or other custom detection capabilities;
- Designing and building security for our cloud environment;
- Working closely with the infrastructure and product teams who are using AWS, and ensuring that they have secure-by-default systems;
- Documenting operational procedures and protocols regarding security;
- Developing and implementing consistent and automated patch management in concert with systems teams;
- Responsible for the analysis to provide indicators for enterprise defensive measures;
- Suggesting and implementing new frameworks and tools to reduce attack surface;
What skills do I need?
- Strong understanding of how to respond and manage incidents in cloud-based environments;
- Demonstrated experience in administration and maintenance of anti-malware tools (NGAV, EDR, and others);
- Huge familiarity of application and perimeter protection solutions (WAF, Firewall's, CASB, and others);
- In-depth knowledge of security frameworks such as CIS Controls, OWASP, NIST, and others;
- Knowledge with Cloud platforms (majorly AWS, but can be Azure and GCP as well);
- Great background in scripting and coding (Ruby, Python, Go, JavaScript, etc);
- Great background in managing and operating SOC solutions and procedures (Dashboards, Alerts, Integrations, and more);
- Experience with log aggregation/concentration (Wazuh, ELK stack, Graylog, and others) and also SIEM solutions (Splunk, LogRhythm, SumoLogic, and others);
- Understanding of how to build security on CI/CD environments;
- Know-how of containerization technology such as Docker and Kubernetes and the ability to deploy hardened configurations using orchestration tools (Ansible, Chef, Puppet, or others);
- Great background in data protection solutions (Information Classification solutions, DLP, Data Mapping, Encryption, and others);
- Knowledge in secrets management solutions (Vault, AWS Secrets, AWS KMS, and others) and IAM administration and management (SSO, AWS IAM, and others);
- Desire to achieve team success and ability to mentor colleagues;
- Quickly identify issues and solve them;
Our Talent Acquisition team is invested in creating the best candidate experience possible, so don’t worry, you will definitely hear from us. We will review your CV and keep you posted by email at every step of the process!