Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
dLocal

GRC Leader – Governance, Awareness, TPRM

dLocal

GRC Leader overseeing Governance and Third-Party Risk Management at dLocal, a leading fintech company. Collaborate with global teams to enhance security and compliance processes.

Posted 5/26/2026full-timeBuenos Aires • 🇦🇷 ArgentinaSeniorWebsite

About the role

Key responsibilities & impact
  • Operationalize Governance: Policies only have value if people know they exist and can realistically follow them. Your job is to align documented policy with day-to-day practice. That means renegotiating existing policies and standards to make them practical, risk-calibrated, and enforceable. You will run the stakeholder process across security, engineering, and the business to land on controls that reduce risk without grinding operations to a halt. Once agreed, you own the rollout and track whether adoption is real.
  • Drive Security Awareness & Champions: Redefine how security expectations are communicated across the organization. No generic broadcasts. You will build targeted, high-ROI interventions using modern tools (including AI-assisted delivery) that actually change behavior. Alongside this, you will build and run a Security Champions program: recruiting motivated individuals embedded in engineering and business teams who act as the first line of security awareness and a feedback loop back to the security team.
  • Own TPRM & Payment Processor Risk: Take direct ownership of our global Third-Party Risk Management program, including the Payment Processor Assessment Framework. You will implement tiered, context-based reviews, eliminate unnecessary overhead, and clearly communicate residual risk positions to business stakeholders in language they can act on.
  • Run the Risk Register & Shift Left: Identify risks, quantify them in business terms, assign owners, and track remediation to closure. You will be in regular contact with business and engineering stakeholders to ensure risks are understood and actioned. When a risk needs to be formally accepted or escalated, you draft the paperwork and ensure the business owner (the first line of defense) actually signs it.
  • Lead Your Team & Execute Hands-On: Lead and mentor a sub-team across governance, awareness, and TPRM. You set a high delivery standard and own your team's output. When audit season hits or the workload requires it, you roll up your sleeves alongside your team to execute manual framework mapping across PCI DSS, SOX, and DORA.

Requirements

What you’ll need
  • Pragmatic Operator Mentality: You move fast and fix broken processes. You know the difference between what genuinely needs to change and what is noise. You are not a methodology presenter; you get things done where ambiguity and speed are the norm.
  • Stakeholder Navigation (High EQ & IQ): You read people and complex situations perfectly. You negotiate with VP-level commercial leaders, engineering directors, and external vendors. You find pragmatic compromises between security requirements and business velocity, and you know how to bring people along rather than impose.
  • Disciplined Multi-Threading: You are ruthlessly organized. You can manage a Payment Processor security review, a policy overhaul, and a team of direct reports simultaneously without dropping the ball.
  • AI Fluency: Deeply comfortable using LLMs to automate administrative governance work and move your team faster, expertly leveraging AI capabilities while ensuring strict data accuracy and hallucination governance.
  • Regulatory Knowledge: Strong working knowledge of PCI DSS, SOX, DORA, ISO 27001, and SOC 2. You can map controls, prepare audit evidence, and hold a credible conversation with an examiner.
  • Exceptional Communication: Fluent English is mandatory. You distill complex risk and governance topics into clear language for non-technical executive audiences and are equally comfortable in a policy workshop and a board-level risk briefing.

Benefits

Comp & perks
  • Flexibility: we have flexible schedules and we are driven by performance.
  • Fintech industry: work in a dynamic and ever-evolving environment, with plenty to build and boost your creativity.
  • Referral bonus program: our internal talents are the best recruiters - refer someone ideal for a role and get rewarded.
  • Social budget: you'll get a monthly budget to chill out with your team (in person or remotely) and deepen your connections!
  • dLocal Houses: want to rent a house to spend one week anywhere in the world coworking with your team? We’ve got your back!

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Third-Party Risk ManagementPayment Processor Assessment FrameworkRisk Register ManagementFramework MappingPolicy OverhaulAudit Evidence PreparationControl MappingAI AutomationData Accuracy GovernanceRisk Quantification
Soft Skills
Pragmatic Operator MentalityStakeholder NavigationHigh Emotional IntelligenceHigh Intelligence QuotientDisciplined Multi-ThreadingExceptional CommunicationNegotiationLeadershipMentoringOrganizational Skills
Certifications
PCI DSSSOXDORAISO 27001SOC 2