dLocal
Fintech
PrincipalSecurityEngineer–Identity&Access
Neural analysis suggests this role is
optimal for Principal candidates.
“Principal Security Engineer – Identity & Access at dLocal. Skills: Identity and Access Management, Identity Governance and Administration (IGA), Federation, Zero Trust architecture, RBAC/ABAC models. Engineer the Identity Lifecycle (JML & SoD). Implement robust access certifications”
What You'll Achieve.
Build a modern, highly automated identity security program; Build a highly scalable, automated identity governance machine; Scale our authentication and authorization foundations; Securely and seamlessly fold new organizations into our identity ecosystem; Ensure identity data flows securely from the ultimate source of truth; Improve identity threat visibility and automated containment
Industry & Context.
Resilient problem solver; See an exciting puzzle where others see a messy legacy setup; Solve long-standing identity problems
What They're Looking For.
Must Have
Proven track record of designing, building, or scaling Identity and Access programs in fast-paced, complex environments, Solid, hands-on experience with modern workforce identity systems, lifecycle processes (JML, SoD, Certifications), protocols (SAML, OIDC, OAuth2, SCIM), RBAC/ABAC models, and enterprise identity platforms (e. g. , SailPoint, Saviynt, Okta), Ability to find the critical balance between enforcing strict, least-privilege security and maintaining high usability for the business, Ruthlessly organized, capable of driving an enterprise identity strategy while simultaneously troubleshooting an immediate, ground-level access escalation, Mentoring, leadership, and documentation capabilities, ensuring that the systems you design are highly scalable, well-understood, and easily maintained by the wider organization
Nice to Have
Experience navigating the identity and access requirements of highly regulated environments (PCI-DSS, SOX, SOC 2), Familiarity with machine identity governance, secrets management, and API access, Relevant industry certifications demonstrating your dedication to the identity domain
What You'll Do.
Engineer the Identity Lifecycle (JML & SoD)
Implement robust access certifications
Implement Separation of Duties (SoD)
Implement unified IGA frameworks
Design and scale authentication and authorization foundations across cloud
and on-premise environments
Lead identity federation leveraging SAML
Drive the adoption of Zero Trust architecture and Adaptive MFA across the enterprise
Lead the identity integration strategy for mergers
and massive enterprise transformation initiatives
Design self-service identity workflows
Design automated controls
Translate written compliance policies into code
Configure integrations
Engineer IGA platforms
Untangle access flows
How You'll Work.
Team & Collaboration
Partner deeply with Enterprise IT Service Desk, Application owners, Cloud Platform, and Infrastructure teams to govern access across Enterprise and Cloud; Align with Detection & Response teams to improve identity threat visibility and automated containment; Collaborate heavily with HR and Enterprise Applications to ensure identity data flows securely from the ultimate source of truth; Elevate the engineers around you through mentoring, leadership, and documentation
Communication Scope
Negotiate with engineering directors; Bring engineering directors along; Enforce security without alienating engineering directors
Full Job Description
## Description Why should you join dLocal? dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world’s fastest-growing, emerging markets. By joining us you will be a part of an amazing global team that makes it all happen. Being a part of dLocal means working with 1000+ teammates from 30+ different nationalities and developing an international career that impacts millions of people’s daily lives. We are builders, we never run from a challenge, we are customer-centric, and if this sounds like you, we know you will thrive in our team. ## About Us & The Role We are not building a traditional, bureaucratic identity and access management function. We are building a modern, highly automated identity security program—and we need a sharp, relentless operator to build it. Identity is the new perimeter, and managing how our global workforce accesses enterprise systems is one of our highest priorities. We are looking for a Principal Security Engineer – Identity & Access to help drive our identity evolution alongside our existing senior engineering team. You will be walking into a rapidly evolving ecosystem that has outgrown its early identity frameworks. Your mandate is to take that complex web of legacy entitlements and build a highly scalable, automated identity governance machine. This is not an "ivory tower" strategy role. We do not need someone to draw Visio diagrams and hand them off to junior admins. We need a pragmatic, high-agency builder who helps design the strategy but has the zero-ego grit to execute it with their own hands. ## What You'll Do Engineer the Identity Lifecycle (JML & SoD): Take on our workforce identity and access ecosystem. You will engineer a highly auto
Applying for this Principal Security Engineer – Identity & Access role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about dLocal?
Real rants from real employees. Read before you apply.