dLocal - Senior Security Engineer, Defensive Infrastructure

• 6+ years of hands-on experience across Security Operations, Detection Engineering, and Cloud Security, with a strong track record of building and owning infrastructure, not just operating it. • Platform depth: SIEM, EDR, DLP, CSPM, CNAPP. You know these tools at the configuration and architecture level, not just the dashboard level. • Cloud-native engineering: advanced AWS security architecture (IAM, SCPs, GuardDuty, and beyond), production EKS hardening, and Kubernetes security from first principles. • Automation and IaC proficiency: expert-level Terraform and Python (or Go). You build integrations and automate workflows because doing things manually at scale offends you. • Adversary-centric detection mindset: MITRE ATT&CK is a working tool for you, not a reference poster. You build detections that find real attacker behavior. • Compliance ownership: you have directly owned technical controls and evidence production for PCI DSS, SOX, SOC2 or equivalent. You know how to make compliance not hurt the engineering team. • Cross-functional range: you can run a threat modeling session with a product team, hand off a prioritized backlog to DevOps, and interface with OffSec on findings, all without creating friction. Stakeholder intelligence is a real skill you have built. • Grit: high autonomy means high accountability. You are comfortable with ambiguity, do the manual work when it needs doing, and do not wait for someone to define the path. • Solid knowledge across multiple security domains like CDR, Cloud Security, AppSec, Offsec, etc • Experience with Security Platforms, AI agents, LLM APIs and automation frameworks. If you are not there yet, you are actively building it. • Familiarity with threat intelligence platforms and integrating intel into detection pipelines. • Prior involvement in purple-team or red-team exercises. • Certifications (GCIA, GCFA, OSCP, AWS Security Specialty) are valued but secondary to what you have built and shipped. • How You'll Work • High ownership. No queue to wait in. • You will interface daily across Cyber Detection & Response, Cloud & Platform Security, AppSec, IAM, Offensive Security, and the Security Automation & AI team. On the engineering side, you will work regularly with Cloud Platforms, SRE, DevOps, Network, and CI/CD teams. The surface area is wide and the problems are real. • The CISO's office operates on one principle: security is a business enabler. You will have executive sponsorship and the political cover to make pragmatic trade-offs. What you will not have is the option to move slowly or hide behind process. • If you want to own infrastructure that actually matters, work with a team that respects engineering craft, and build in an environment that moves at the speed of the business, this is the right place.