DevSecOps Engineer

Latam · Remote · Full Time · Individual Contributor · +4 Years of Experience

At Yuno, we are building the payment infrastructure that allows all companies to participate in the global market. Founded by seasoned experts from the payments and tech industries, our technology provides access to leading payment capabilities, enabling companies to engage customers confidently and maintain global operations through seamless integrations.

We empower high-performing teams at brands like InDrive, McDonald’s, Rappi, and Viva Aerobus to integrate over 1,000 payment methods via a single API. By leveraging advanced AI and the latest technologies, we orchestrate smart routing and fraud prevention across 80+ countries.

We are orchestrating the best high-performing team!

As a DevSecOps Engineer at Yuno, you will be responsible for embedding security by default across our development and operations workflows. In this role, you will work closely with Engineering and DevOps teams to design, implement, and maintain secure cloud infrastructure, CI/CD pipelines, and containerized environments. You will play a key role in strengthening our security posture across AWS and GCP, automating security controls through infrastructure as code, and ensuring compliance with industry standards such as PCI DSS and SOC 2, enabling Yuno to scale securely in the global payments ecosystem.

• Design, implement, and maintain security controls integrated into the SDLC, CI/CD pipelines, and cloud environments, ensuring security by default across development and operations.
• Collaborate closely with Engineering and DevOps teams to secure cloud infrastructure, Kubernetes clusters, and containerized workloads.
• Implement and maintain security configurations in AWS and GCP (e.g., IAM, WAF, GuardDuty, Security Groups), continuously strengthening the cloud security posture.
• Automate security processes and controls using scripting and infrastructure as code to improve efficiency and scalability.
• Ensure DevSecOps practices align with compliance frameworks such as PCI DSS, ISO 27001/27701, and SOC 2, supporting audits and internal security assessments.
• Explore and evaluate emerging technologies and architectures (e.g., Kubernetes enhancements, AI integrations) to ensure secure adoption.

• 4+ years of hands-on experience in DevSecOps, security engineering, or similar technical security roles.
• Strong experience integrating security controls into CI/CD pipelines and development workflows.
• Solid knowledge of AWS and GCP and its security services (e.g., IAM, WAF, GuardDuty, Security Hub, Security Groups).
• Experience with containerization and orchestration technologies such as Docker and Kubernetes.
• Hands-on experience with infrastructure as code (e.g., Terraform, CloudFormation).
• Proficiency in programming or scripting languages such as Python and/or Golang.
• Practical experience applying compliance frameworks (e.g., PCI DSS, ISO 27001/27701, SOC 2) to cloud and CI/CD environments.
• Strong problem-solving skills and the ability to collaborate effectively with cross-functional teams.
• Verbal and written English fluency.

• Experience with application security testing and familiarity with OWASP Top 10.
• Experience with security automation and internal tooling.
• Familiarity with observability, logging, and monitoring tools in cloud environments.
• Security certifications (e.g., AWS Certified Security – Specialty, Security+, CISSP, OSCP).

• Competitive Compensation.
• Remote Work – You can work from everywhere!
• Home Office Bonus – A one-time allowance to help you create your ideal home office.
• Work Equipment.
• Stock Options.
• Health Plan wherever you are.
• Flexible Days Off.
• Language, Professional, and Personal Growth courses.