Senior Cyber Assurance Partner - Third-Party Risk

dLocal Limited

Job Overview

Location

Sao Paulo (Hybrid)

Job Type

Full-time

Full Job Description

📋 Description

• Senior Cyber Assurance Partner - Third-Party Risk is a strategic leadership role responsible for safeguarding dLocal’s global payment infrastructure by assessing, monitoring, and mitigating cyber risks associated with third-party vendors and partners across 40+ emerging markets. This role is critical to maintaining trust with global enterprise clients who rely on dLocal to securely process payments in high-growth regions, ensuring compliance with international security standards while enabling seamless market expansion.
• The incumbent will lead the end-to-end third-party cyber risk management lifecycle, including vendor onboarding, continuous monitoring, risk scoring, incident response coordination, and remediation tracking. They will partner closely with Legal, Procurement, Engineering, and Compliance teams to embed cyber assurance into dLocal’s vendor lifecycle, ensuring that all third parties — from cloud providers to local payment processors — meet stringent security benchmarks aligned with ISO 27001, SOC 2, PCI DSS, and regional regulations such as LGPD and GDPR.
• Day-to-day responsibilities include developing and refining third-party risk assessment frameworks tailored to emerging market contexts, conducting deep-dive cybersecurity due diligence on prospective and existing vendors using automated tools and manual reviews, maintaining a dynamic risk register, and reporting key cyber risk metrics to executive leadership and the Board. The role involves leading cross-functional workshops to educate stakeholders on evolving threats like supply chain attacks, ransomware, and data localization risks, and driving adoption of standardized security questionnaires (e.g., SIG, CAIQ) and continuous monitoring platforms.
• The Senior Cyber Assurance Partner will also serve as dLocal’s primary liaison with external auditors and regulators during third-party risk examinations, preparing evidence packs, responding to findings, and ensuring audit readiness. They will mentor junior team members, foster a culture of proactive risk awareness, and contribute to the evolution of dLocal’s enterprise risk management strategy by integrating threat intelligence, geopolitical risk factors, and technological trends into risk models.
• This role offers the opportunity to shape cybersecurity best practices in one of the most complex and dynamic payment ecosystems in the world — where innovation meets regulatory diversity. The successful candidate will gain deep exposure to global fintech operations, emerging market infrastructure challenges, and cutting-edge GRC technologies, positioning them as a trusted advisor in cyber risk at the intersection of payments, compliance, and international business.
• By excelling in this role, the individual will directly contribute to dLocal’s reputation as a secure, trustworthy partner for Fortune 500 merchants expanding into Latin America, Africa, and Asia. They will develop expertise in cross-border cyber risk governance, build a high-impact professional network across global security and payments communities, and leave a lasting legacy in strengthening the resilience of digital commerce in emerging economies.

🎯 Requirements

• Minimum 8 years of progressive experience in cybersecurity, information security, or IT risk management, with at least 3 years focused specifically on third-party or vendor risk management in a global, regulated environment (e.g., fintech, payments, banking, or technology).
• Proven expertise in designing and implementing third-party risk management frameworks, including risk assessment methodologies, due diligence processes, continuous monitoring, and remediation tracking, aligned with standards such as ISO 27001, NIST CSF, SOC 2, and PCI DSS.
• Strong understanding of emerging market regulatory landscapes, particularly data protection laws (LGPD, GDPR, POPIA, etc.) and payment industry regulations, with experience navigating jurisdictional complexities in Latin America, Africa, or Asia.
• Excellent communication and stakeholder management skills, with demonstrated ability to translate technical cyber risks into clear business implications for executive, legal, and non-technical audiences.
• Hands-on experience with GRC platforms (e.g., RSA Archer, ServiceNow GRC, OneTrust, or similar) and familiarity with security assessment tools (e.g., Qualys, Tenable, BitSight, SecurityScorecard) and automated vendor risk monitoring solutions.
• Bachelor’s degree in Computer Science, Information Security, Risk Management, or a related field; relevant certifications such as CISM, CISSP, CRISC, or CISA are strongly preferred.

🏖️ Benefits

• Competitive global compensation package with performance-based bonuses, equity participation, and comprehensive health, dental, and vision coverage extending to dependents.
• Hybrid work model based in São Paulo with flexibility to work remotely part-time, supported by a modern office environment designed for collaboration and well-being.
• Access to dLocal’s global learning and development budget, including sponsorship for industry certifications (e.g., CISSP, CISM), attendance at international security conferences (e.g., RSA, Black Hat), and internal leadership training programs.
• Opportunity to work with a diverse, multicultural team of over 1,000 teammates from 30+ nationalities, fostering an inclusive culture where diverse perspectives drive innovation in payments and security.
• Generous paid time off, including vacation, sick leave, and company-wide wellness days, plus parental leave policies that exceed local benchmarks to support work-life integration.
• Exposure to high-impact, mission-critical projects that directly enable global brands to scale securely in emerging markets, offering unparalleled career growth in the intersection of fintech, cybersecurity, and international business.

Skills & Technologies

Senior

Hybrid

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

dLocal Limited

Visit Website

About dLocal Limited

dLocal Limited is a Uruguay-based fintech that provides cross-border payment infrastructure for emerging markets. It enables global merchants to accept and disburse funds in over 40 countries across Latin America, Africa, and Asia using local payment methods, currencies, and regulatory compliance through a single API integration.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.