Cloud Security Engineer

About Addi

We are a leading financial platform building the future of payments shopping and bankinga world where consumers and merchants can transact effortlessly grow together and where we create abundance and generate pride in them. Today we serve over 2 million customers and partner with more than 20000 merchants making Addi Colombias fastest-growing marketplace.

We provide banking solutions (deposits payments unsecured credit) and commerce services (e-commerce marketing) using state-of-the-art technology bridging the financial gap for millions and redefining how people experience financial freedom. As the countrys leading Buy Now Pay Later provider we have secured regulatory approval to operate as a bank unlocking even greater opportunities for our the past year we have also achieved profitability reinforcing the strength of our business model and our ability to scale sustainably.

Our mission has earned the trust of world-class investors including Andreessen Horowitz Architect Capital GIC Goldman Sachs Greycroft Monashees Notable Capital Quona Capital Union Square Ventures Victory Park Capital and more who back our vision for the future. With their support we are not just growingwe are transforming Latin Americas financial ecosystem and shaping the next generation to shop pay and bank in Colombia.

But what truly sets us apart is how we build. We are a conscious company driven by deep experience in scaling technology services and products and we live by our values every day.

About the Role

This is where you come in. Below youll find what this role is all aboutthe impact youll drive the challenges youll tackle and what it takes to thrive at Addi. If youre ready to be part of something big keep reading.

Whats the mission youll drive

Own and drive cloud security across Addis AWS infrastructure laying the technical foundation for a mature scalable cloud security program. Over the next 12 months this person will build CNAPP from scratch harden the cloud environment and establish secure infrastructure-as-code standards using Terraform reducing cloud risk while enabling the team to move fast.

What you will do

• Conduct a comprehensive cloud security assessment across all AWS accounts within the first 60 days producing a prioritized findings inventory and a remediation roadmap ensuring 100% of critical and high-severity findings are remediated in the SLA.

• Design configure and operationalize CrowdStrike CNAPP from the ground up achieving full AWS environment coverage and enabling continuous posture monitoring misconfiguration detection and threat detection across cloud workloads.

• Assess the current Terraform codebase and define secure IaC standards and best practices including policy-as-code controls secrets management and least privilege enforcement with 80% of new infrastructure deployments following the defined standards.

• Own and maintain the cloud security controls required to sustain ISO 27001 certification ensuring zero critical gaps in cloud-related control domains and delivering the necessary evidence and documentation for ongoing audits.

• Establish continuous cloud security monitoring and alerting within CrowdStrike NG-SIEM ensuring all critical cloud events are correlated and actionable with defined SLAs for response to cloud-originated alerts.

What were looking for

• Deep AWS Security Expertise (Must-Have)

  • Hands-on experience securing AWS environments including IAM VPC S3 CloudTrail GuardDuty Security Hub and KMS.

  • Strong understanding of the AWS shared responsibility model attack surface management and cloud-native threat vectors.

  • Proven ability to assess and harden AWS environments against CIS Benchmarks AWS Well-Architected Security Pillar and ISO 27001 controls.

• CNAPP / CSPM Operational Experience (Must-Have)

  • Experience operating CNAPP or CSPM platforms (CrowdStrike Falcon Cloud Security Wiz Prisma Cloud or equivalent) in production environments.

  • Ability to configure detection rules suppress false positives and translate posture findings into actionable remediation tasks for engineering teams.

  • Comfortable building cloud security dashboards and reporting for technical and non-technical audiences.

• Cloud Vulnerability & Risk Management (Must-Have)

  • Experience managing cloud security findings end to end from identification and prioritization through remediation tracking and closure.

  • Ability to assess risk based on exploitability exposure and business impact rather than CVSS score alone.

  • Track record of driving cross-functional remediation with engineering and platform teams.

• Collaboration & Communication (Must-Have)

  • Comfortable working as an individual contributor embedded in a cybersecurity team partnering closely with platform and engineering teams.

  • Able to translate complex cloud security risks into clear prioritized recommendations for both technical and business stakeholders.

• Terraform & Secure IaC (Nice to Have)

  • Hands-on experience writing and reviewing Infrastructure as Code in production AWS environments.

  • Experience implementing security controls within IaC pipelines including static analysis tools (e.g. Checkov tfsec) secrets detection and least privilege IAM patterns.

  • Ability to assess existing infrastructure code identify security gapsand drive adoption of secure coding standards across engineering teams.

• Compliance & Audit Support (Nice-to-Have)

  • Familiarity with ISO 27001 requirements as they apply to cloud environments.

  • Experience gathering and maintaining evidence for cloud-related control domains in support of audits and certifications.

Why join us

• Work on a problem that truly matters We are redefining how people shop pay and bank in Colombia breaking down financial barriers and empowering millions. Your work will directly impact customers lives by creating more accessible seamless and fair financial services.

• Be part of something big from the ground up This is your chance to help shape a company influencing everything from our technology and strategy to our culture and values. You wont just be an employeeyoull be an owner

• Unparalleled growth opportunity The market were tackling is massive and were growing faster than almost any fintech lender at our stage. If youre looking for a high-impact role in a company thats scaling fast this is it.

• Join a world-class team Work alongside top-tier talent from around the world in an environment where excellence ownership and collaboration are at the core of everything we do. We care deeply about what we build and how we build itand we want you to be a part of it.

• Competitive compensation & meaningful ownership We believe in rewarding our talent. Youll receive a generous salary equity in the company and benefits that go beyond the basics to support your growth.

How the hiring process looks like

We believe in a fast transparent and engaging hiring experience that allows both you and us to determine if theres a great fit. Heres what our process looks like:

• Step 1: People Interview (30 min)
  A conversation with a recruiter or hiring manager to get to know you your experience and what youre looking for. Well also share more about Addi our culture and the role.

• Step 2: Initial Interview (45 min)
  A more in-depth conversation with our Engineering Manager where we explore your skills experience and problem-solving approach. We want to understand how you think and work.

• Step 3: Case Study (3-5 Days)
  You may receive a real-world challenge or case study to complete. This is a chance to showcase your expertise and how you approach key problems relevant to the role.

• Step 4: Deep Dive Interview (30 min)
  Youll meet future colleagues and cross-functional team members to get a feel for how we work together. Were looking for strong contributors and cultural fits so bring your questions too!

• Step 5: Co-Founder Interview
  If theres a strong match youll have a final conversation with our Founder to align on expectations cultural fit and ensure mutual excitement. From there well move quickly to an offer and discuss next steps.

We value efficiency and respect for your time so we aim to complete the process as quickly as possible. Our goal is to make this experience insightful and exciting for you just as much as it is for us. Regardless of the outcome we are committed to always providing feedback ensuring that you walk away with valuable insights from your experience with us.

Required Experience:

IC