Dlocal1mo ago

Cybersecurity Programs & Delivery Lead

São Paulo · São PauloFull Timelead

SecurityOtherCybersecurity Programs & Delivery

0 views0 saves0 applied

Apply Now

Quick Summary

Requirements Summary

Partner with the CISO and the security leadership to translate long-term security goals into a multi-quarter, prioritized roadmap. You lead the departmental planning cycles,

Technical Tools

SecurityOtherCybersecurity Programs & Delivery

Why should you join dLocal?

dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world’s fastest-growing, emerging markets.

By joining us you will be a part of an amazing global team that makes it all happen. Being a part of dLocal means working with 1000+ teammates from 30+ different nationalities and developing an international career that impacts millions of people’s daily lives. We are builders, we never run from a challenge, we are customer-centric, and if this sounds like you, we know you will thrive in our team.

We do not do “check-box” security, and we don’t do corporate fluff. The Security Department at dLocal is lean, forward-thinking, and operates at the intersection of a hyper-growth fintech and the world's most complex emerging markets. We believe security is a business enabler—not a gatekeeper—and we build our team accordingly.

This is a newly created, senior IC role sitting directly in the CISO's office. We are looking for a Cybersecurity Programs & Delivery Lead who will serve as the strategic execution engine of the security department—someone who takes the CISO's vision and translates it into structured, measurable, and relentlessly driven delivery.

You will work as a peer alongside the Department Heads. Where they own the technical and domain depth, you own the operational backbone that connects everything: strategy to execution, ambiguity to structure, initiative to outcome.

This is not a coordination role. We are not looking for a project manager who tracks tasks. We are looking for a cybersecurity professional who has decided they want to use their subject-matter expertise to drive strategy, own programs end-to-end, and act as a force multiplier across the entire department—without needing direct reports to make things happen.

You will have the CISO and security leadership as your executive umbrella: the sponsorship, the political cover, and the pragmatic air support to make trade-offs and remove blockers. What we need from you is the street-smart execution to take that mandate and run with it.

Requirements

~1 min read

Requirements

~3 min read

Systematize Everything: Identify manual, repetitive program management and reporting processes and define the workflows clearly enough that our Security Engineering team can automate them. You don't just spot inefficiency—you eliminate it at the root.

AI-Augmented Execution: Leverage modern AI tools to accelerate documentation, stakeholder communications, gap analysis, and program planning—while maintaining strict accuracy and governance over AI-generated outputs.

You Are a Cyber Professional First: You have a solid foundation in cybersecurity—whether from a technical, GRC, or security consulting background. You understand the domain deeply enough to earn the respect of engineers, architects, and compliance professionals without needing a title to back it up.

You Own Outcomes, Not Tasks: You are highly self-driven, proactive, and allergic to ambiguity by choice. You don't wait for a detailed brief—you read between the lines, define the problem, and drive to a solution.

Exceptional Organizational Navigation: High EQ and IQ are non-negotiable. You move seamlessly across organizational levels and functions—from engineering leads to the C-suite—building trust, managing tension, and aligning competing interests with diplomacy and precision.

Disciplined Multi-Threading: You are ruthlessly organized. You manage multiple complex programs simultaneously without losing grip on any of them. Deadlines, dependencies, and stakeholders never slip through the cracks.

Communication is Your Superpower: You write and speak with clarity, economy, and impact. You can distill a complex, multi-quarter security program into a two-minute executive briefing—or a two-page board slide—without losing the substance.

Pragmatic & Street-Smart: You understand the tension between security idealism and business reality, and you know how to find the right trade-off. You are not a bureaucrat; you are a pragmatist who keeps the business moving while managing risk intelligently.

Zero Ego, Full Versatility: You are strategic and senior—and you will still chase people down over Slack, build a tracking spreadsheet from scratch, and sit in a vendor call to take notes when that’s what the moment requires. You don’t confuse seniority with delegation. The work gets done because you make it get done, at whatever altitude is needed.

AI Fluency: You are comfortable using AI tools as a co-pilot for drafting, planning, and analysis. You know how to leverage these capabilities at speed while ensuring strict data accuracy and hallucination governance.

Background in a fast-paced fintech, payments, or technology scale-up environment.

Familiarity with security frameworks (PCI DSS, ISO 27001, SOC 2, NIST)—not as a compliance checkbox, but as a language you speak fluently with auditors and regulators.

Experience with formal program/portfolio management methodologies (PMI, SAFe, OKRs) or relevant certifications (PMP, CISSP, CISM)—valued but not required.

Experience operating in emerging markets or global, multi-jurisdictional environments.

Prior experience as a chief-of-staff, security strategy lead, or CISO advisor.

You will operate with a high degree of autonomy, sitting at the center of the CISO's office and touching every dimension of the security department. This is a visible, high-trust role. You will be expected to take ownership with minimal hand-holding, make judgment calls under ambiguity, and proactively raise issues before they escalate.

You will not manage a team—but you will influence, align, and mobilize everyone. Your authority comes from expertise, credibility, and the CISO's mandate. If that energizes you rather than frustrates you, this role is built for you.