DevSecOps Engineer

Deel2 weeks ago

Location

Brazil

Workplace

Remote

Type

Full Time

Level

Mid

Role

DevSecOps Engineer

Posted

Feb 25, 2026

Full TimeRemoteMid

The role

Summary

Deel is seeking a DevSecOps Engineer to strengthen security practices across their global payroll and HR platform infrastructure. The role focuses on implementing security automation, designing secure cloud infrastructure, and fostering collaboration between development, operations, and security teams. This position requires 3+ years of security experience with strong skills in infrastructure as code, CI/CD security integration, and cloud security practices.

What you'll do

Security Automation: Develop and maintain automated security tools and processes to identify vulnerabilities, perform code analysis, monitor systems and conduct security testing

CI/CD Security Integration: Integrate security scanners, static code analysis tools, and vulnerability assessment tools into the CI/CD pipeline

Secure Infrastructure Design: Work with infrastructure and operations teams to design and implement secure cloud infrastructure, network architecture, and deployment processes

Access Control Implementation: Ensure proper access controls, encryption, and monitoring are in place across all systems

Continuous Security Monitoring: Implement security monitoring tools and processes to proactively identify and respond to security events and anomalies

Intrusion Detection: Perform log analysis, intrusion detection, and comprehensive system monitoring

Cross-Team Collaboration: Foster collaboration and communication between development, operations, and security teams

Security Requirements Integration: Act as a liaison to ensure that security requirements are understood and integrated into the development process

Compliance Management: Assist in compliance assessments and audits to ensure adherence to regulatory requirements and industry standards

Documentation and Evidence: Collaborate with auditors and provide necessary documentation and evidence of security controls

What we look for

Technical

Infrastructure as Code SecurityHands-on experience creating, identifying and fixing infrastructure misconfigurations using policy-as-code and IaC security scanning tools

Security Scanning ToolsProficiency with Checkov, tfsec, Terrascan, and similar infrastructure security tools

Programming SkillsBasic programming skills in JavaScript, TypeScript, Python with version control (Git) experience

CI/CD Pipeline ManagementExperience with continuous integration and deployment pipeline security integration

WAF and Firewall ConfigurationAbility to manage and tune WAF and firewall configurations using Cloudflare or equivalent platforms

Security PrinciplesFamiliarity with security principles, standards, and best practices, including OWASP Top 10 vulnerabilities

Container SecurityProficiency with Docker, Kubernetes, and container security best practices

Security Testing ToolsKnowledge of SAST, DAST, vulnerability management systems, and log analysis tools

Risk AssessmentAbility to assess risks and apply security controls, including threat modeling and vulnerability management

Education

Security CertificationsRelevant security certifications preferred but not mandatory (enhances credibility and demonstrates commitment)

Experience

Security Experience3+ years in Security, SecOps, or DevSecOps roles

Cross-Functional CollaborationEffective collaboration experience with cross-functional teams including developers, security, and operations teams

Security IntegrationExperience promoting security practices and integrating security seamlessly into development processes

Skills

Required skills

Security AutomationDevelopment and maintenance of automated security tools and processes

Infrastructure as CodePolicy-as-code and IaC security scanning using Checkov, tfsec, or Terrascan

ProgrammingBasic skills in JavaScript, TypeScript, Python with Git version control

CI/CD SecurityIntegration of security tools into continuous integration and deployment pipelines

Cloud SecurityDesign and implementation of secure cloud infrastructure and network architecture

WAF ManagementManagement and tuning of WAF and firewall configurations using Cloudflare or equivalent

Security MonitoringImplementation of security monitoring tools for proactive threat detection

OWASP KnowledgeUnderstanding of common vulnerabilities including OWASP Top 10

Container OrchestrationProficiency with Docker, Kubernetes, and infrastructure automation

Nice to have

Security CertificationsRelevant security certifications to enhance credibility and demonstrate expertise

Threat ModelingExperience with threat modeling and risk assessment techniques

Incident ResponseKnowledge of incident response planning and execution

Compliance ExperienceExperience with regulatory compliance assessments and industry standards

Security TestingAdvanced knowledge of SAST, DAST, and comprehensive security testing methodologies

Compensation & benefits

Stock options

Available

Benefits

Stock Options

Stock grant opportunities dependent on your role, employment status and location

Remote Work Flexibility

The flexibility of remote work, including optional WeWork access

Location-Based Perks

Additional perks and benefits based on your employment status and country

Scalable Benefits

Scalable benefits, rewards, and perks reflecting commitment to inclusivity and access

Competitive Compensation

Fair and competitive pay that meets employees where they are

Interview process

1
Application Review — Initial screening of application materials and technical background assessment
2
Phone/Video Screen — Initial conversation with talent acquisition team to discuss experience and role fit
3
Technical Interview — Deep dive into security automation experience, infrastructure as code knowledge, and problem-solving abilities
4
Role-Related Assessment — Practical assessment of DevSecOps skills including security tool integration and automation scenarios
5
Team Interview — Collaboration discussion with potential team members and cross-functional stakeholders
6
Final Interview — Leadership interview focusing on cultural fit, career goals, and long-term potential