Principal DevEx Engineer
RecargaPay
Come Make an Impact on Millions of Brazilians!
At RecargaPay, we’re on a mission to deliver the best payment experience for Brazilian consumers and small businesses — by building a powerful digital ecosystem where the banked and unbanked connect, and where consumers and merchants have a one-stop shop for all their financial needs.
We serve over 10 million users and process more than USD 4 billion annually. We’ve been profitable since 2022 and operate our own credit business. We are an AI-first, 100% remote team, scaling in the rapidly changing Brazilian financial market.
Our goal? Deliver the best payment experience in Brazil for people and small businesses alike.
We value autonomy, ownership, and a bias for action. We’re looking for people who are curious, hands-on, and driven by impact — who want to solve real problems, work with strong teams, and rethink what’s possible.
If you’re ready to do your best work, at scale, with purpose — this is your place.
Position Overview
As a Principal DevEx Engineer, your primary mandate is to improve the developer experience end to end, eliminating friction, accelerating onboarding to first contribution, and lifting productivity across the entire software delivery lifecycle. You will still drive modernization and platform initiatives and steward high-leverage practices (DevEx, SRE, DevSecOps, event-driven architectures, and AI-assisted engineering), operating both hands-on and strategically while partnering with executive leadership and guiding Staff/Senior engineers to deliver scalable, reliable, compliant, and cost-efficient solutions on AWS. Crucially, you will translate day-to-day developer needs into golden paths, opinionated tooling, and policy-backed workflows, and you will enable adoption through clear documentation, targeted training, office hours, and lightweight change-management.
Responsibilities
- Define and steer medium- and long-term architectural strategies aligned with company goals.
- Lead technological transformations and modernizations of critical systems, ensuring efficiency, scalability and reliability.
- Serve as the technical authority for the Engineering and Architecture Chapters, championing best practices and quality standards.
- Mentor senior engineers and technical leaders, fostering a culture of technical excellence and continuous learning.
- Promote the adoption of AI-assisted engineering practices within your squad and chapter, leveraging tools for code generation, automated refactoring, test case creation, and technical documentation. Identify opportunities where AI can enhance developer productivity, code quality, and team velocity.
- Codify architecture into practice, delivering reference implementations and golden-path templates that teams can scaffold in minutes.
- Own API governance end to end, with contract-first workflows, OpenAPI/AsyncAPI linting, compatibility rules, schema-registry usage, and large-scale consumer contract testing.
- Institutionalize reliability by defining SLIs and SLOs with teams, establishing error-budget policies, enabling burn-rate alerting, and automating the tracking of post-incident actions.
- Make observability the default through standardized traces, metrics, and logs; consistent span and attribute conventions, dashboards, and log correlation with golden dashboards per service.
- Lead policy-as-code adoption across CI/CD, Kubernetes admission and IaC.
- Engineer safe delivery with trunk-based flows, reusable GitHub Actions, progressive rollouts (canary/blue-green), automated rollback, and health- or SLO-gated deployments.
- Raise the security bar in services via OAuth2 scopes, JWT validation, mTLS, secrets lifecycle management (Vault/KMS), key rotation, and least-privilege IAM patterns.
- Design event topologies covering Kafka partitioning and keying, compaction and retention policies, consumer-group strategies, ordering and idempotency, and exactly-once semantics where required.
- Drive cost-aware architecture through capacity models, autoscaling policies, storage and egress optimization, cost allocation per service, and cost-to-serve guardrails.
- Harden platform resilience with multi-AZ patterns, backup and restore drills, disaster-recovery objectives (RPO/RTO), chaos/game-day exercises, and dependency fallback strategies.
- Deliver one-click developer environments, using DevContainers/Codespaces, Docker Compose, and seeded data, to reduce onboarding and setup time through standardized tooling and scripts.
- Measure what matters by publishing DevEx and SRE scorecards, setting targets and running continuous improvement cycles with squads.
- Run lightweight technical-governance rhythms, such as design and API clinics, ADR/RFC hygiene, and a platform council to prioritize enablers and eliminate systemic friction.
Soft Skills
- Excellent communication and collaboration skills, with the ability to influence stakeholders across technical and non-technical teams.
- Strategic mindset with the ability to translate complex business goals into long-term technical direction.
- Proven leadership in cross-functional environments, fostering alignment, ownership, and a high-performance culture.
- Ability to mentor and elevate senior engineers, promoting a culture of continuous learning and technical excellence.
- Strong decision-making and prioritization abilities under ambiguity, balancing immediate needs with long-term architectural vision.
- Active contributor to a constructive feedback culture, capable of both giving and receiving feedback to drive improvement.
- High degree of autonomy and accountability, with a bias for action and results-oriented problem solving.
- Comfort operating at both strategic and hands-on levels, flexing between system design and stakeholder engagement as needed.
- Ability to learn rapidly and adapt to new technologies in fast-paced, large-scale environments.
- Academic background oriented toward Computer Science, Engineering, or Software Development disciplines.
- Extensive hands-on experience in software engineering roles, with solid proficiency in Java (Spring Boot) and working knowledge of Python and asynchronous programming.
- Strong foundation in Object-Oriented Programming and relational database systems.
- Solid understanding of web and mobile application architectures, including security, session management, and development best practices.
- Expertise in Domain-Driven Design and microservices architecture, with proven ability to design high-performance, scalable, and reliable distributed systems.
- Demonstrated experience defining and executing architectural roadmaps aligned with business and developer-experience goals.
- Deep, practical experience with AWS cloud-native development.
- Expert-level knowledge of AWS core services: EC2, ECS/EKS, Lambda, API Gateway, CloudFront, S3, DynamoDB, RDS, SNS/SQS, CloudFormation, IAM, Secrets Manager, Parameter Store, CloudWatch, CloudTrail, Config, GuardDuty, Security Hub, and WAF.
- Proven ability to design and operate multi-account AWS organizations, leveraging Control Tower, Service Catalog, SCPs, and cross-account IAM roles to enforce governance and isolation.
- Advanced experience architecting VPC topologies, including Transit Gateway, private/public subnet design, NAT/GW cost optimization, and egress control for regulated environments.
- Deep knowledge of networking in AWS.
- Hands-on experience implementing observability pipelines at scale, integrating NewRelic, CloudWatch, Prometheus, Grafana, Datadog with OpenTelemetry collectors.
- Familiarity with EKS internals: node group management, autoscaling, and Kubernetes cost/latency optimization.
- Proven experience managing multi-region and multi-environment deployments.
- Expertise in AWS security hardening and compliance controls, including IAM least-privilege modeling, KMS envelope encryption, CloudTrail auditing, GuardDuty detections, and automatic remediation with Lambda/Step Functions.
- Deep understanding of container security, image signing, ECR scanning, and OPA/Rego policy design for admission controllers.
- Advanced experience with Infrastructure as Code using Terraform (modules, workspaces, policy enforcement) and Pulumi (multi-language stacks, secrets providers, CI integration).
- Proven ability to implement GitOps workflows, ensuring deterministic deployments and drift detection.
- Strong policy-as-code practice to codify security/SRE guardrails across CI/CD and Kubernetes admission controllers.
- Expertise automating application stack provisioning (app resources, service accounts, IAM bindings, egress controls) through reusable IaC modules and pipelines.
- Deep understanding of progressive delivery (canary, blue/green, shadow traffic, automated rollback) and service mesh (Istio/Linkerd/App Mesh) for safe deployment strategies.
- Mastery of resilience and reliability patterns: timeouts, bounded retries with jitter, circuit breakers, bulkheads, back-pressure, outbox/saga orchestration, and graceful degradation.
- Deep knowledge of event-driven and streaming architectures (Kafka and others), including partitioning strategies, compaction/retention policies, rebalancing, ordering guarantees, exactly-once semantics, and schema evolution via registries.
- Strong background in data performance engineering: caching (read-through/write-behind), connection pool tuning, pagination/cursoring, latency budgeting, and throughput modeling.
- Proficiency in OpenTelemetry design (trace topology, span taxonomy, semantic conventions) and application of RED/USE methodologies embedded as code templates.
- Experience with SLO-driven reliability: defining SLIs, error budgets, and reducing alert fatigue via multi-signal correlation.
- Proficiency with production monitoring tools (NewRelic, Grafana, Datadog, CloudWatch) and advanced observability instrumentation.
- Proven experience building self-service developer platforms (Backstage, Internal Developer Portals) that expose golden paths for application scaffolding, environment provisioning, and secure deployments.
- Experience implementing event-driven DevEx tooling (e.g., ephemeral environments, automated CI insights, preview deployments).
- Strong knowledge of API lifecycle management and governance (OpenAPI/AsyncAPI, contract testing, versioning, idempotency, error modeling).
- Expertise in CI/CD automation and DevSecOps (GitHub Actions, CodeBuild/CodePipeline, artifact provenance, environment promotion, changelog automation).
- Proficiency in feature-flag governance (lifecycles, kill switches, TTLs) and safe configuration rollout practices.
- Experience integrating AI-assisted workflows (GitHub Copilot Enterprise, LLM-based linters and others) into development and CI pipelines, with measurable productivity impact.
- Deep knowledge of identity and transport security: OAuth2, JWT validation, mTLS, KMS/HSM key rotation, and secrets lifecycle management.
- Practical compliance-by-design experience translating PCI-DSS, KYC/AML, GDPR, and LGPD controls into technical patterns (tokenization, segmentation, audit trails, retention/erasure).
- Experience leading AWS Well-Architected Framework reviews across all pillars (Security, Reliability, Performance, Cost, Operational Excellence, Sustainability).
- Strong FinOps mindset: capacity modeling, load curve analysis, right-sizing, storage/egress optimization, and cost attribution by service.
- Experience designing cost-aware architectures, balancing performance, resilience, and financial efficiency.
- Practical understanding of service catalogs and dependency mapping for ownership visibility (e. g. Backstage).
- Exposure to edge computing and CDN optimization (Lambda@Edge, CloudFront Functions, custom caching policies).
- Competitive and market-aligned salary.
- Remote work — wherever you are, you’re part of the team!
- Home office allowance through a monthly deposit in the RecargaPay app.
- Health and dental plans with no co-pay.
- Life insurance.
- Flexible meal allowance (via Flash).
- TotalPass membership to take care of your health.
- Spanish or Portuguese classes.
Industry-Specific Knowledge
You have broad, real-world experience establishing and scaling Developer Experience practices in complex, regulated environments, with a strong preference for fintech contexts; you turn developer needs into clear golden paths, lightweight standards, and supportive tooling that improve flow and quality and productivity without adding friction, and guide organizations through the cultural and operational shifts required for sustained adoption.
Diversity & Inclusion at RecargaPay
At RecargaPay, you’ll have the freedom to be who you are because we believe that diverse perspectives and experiences make us more creative and stronger. Here, everyone is welcome to express themselves authentically. We value the richness of each journey and the multiple ways of seeing the world, without distinctions of gender, race, sexual orientation, age, religion, or any other characteristic that makes us unique.
About the use of your Data
By sharing your resume with us, you authorize the use of your data for analysis during the selection process and possibly for other opportunities within the RecargaPay group. You can request the update or deletion of your information at any time, in accordance with LGPD (General Data Protection Law).