openashbyhqa16z
Cloud Security Engineer
ADDI
LocationLatAm
WorkplaceRemote
EmploymentFullTime
Posted2026-05-08T13:32:08.964+00:00
Last observed2026-06-16 14:52:46.017614
Job ida16z-addi:ashbyhq:6cc0e477-80b4-4728-b5ae-b49a4d8b14b7
ABOUT ADDI We are a leading financial platform, building the future of payments, shopping, and banking—a world where consumers and merchants can transact effortlessly, grow together and where we create abundance and generate pride in them. Today, we serve over 2 million customers and partner with more than 20,000 merchants, making Addi Colombia’s fastest-growing marketplace. We provide banking solutions (deposits, payments, unsecured credit) and commerce services (e-commerce, marketing) using state-of-the-art technology, bridging the financial gap for millions and redefining how people experience financial freedom. As the country’s leading Buy Now, Pay Later provider, we have secured regulatory approval to operate as a bank, unlocking even greater opportunities for our customers. In the past year, we have also achieved profitability, reinforcing the strength of our business model and our ability to scale sustainably. Our mission has earned the trust of world-class investors, including Andreessen Horowitz, Architect Capital, GIC, Goldman Sachs, Greycroft, Monashees, Notable Capital, Quona Capital, Union Square Ventures, Victory Park Capital, and more, who back our vision for the future. With their support, we are not just growing—we are transforming Latin America’s financial ecosystem and shaping the next generation to shop, pay, and bank in Colombia. But what truly sets us apart is how we build. We are a conscious company, driven by deep experience in scaling technology, services and products, and we live by our values https://co.addi.com/trabaja-con-nosotros#:~:text=%E2%80%A2%20We%20are%20owners,dentro%20del%20equipo. every day. ABOUT THE ROLE This is where you come in. Below, you’ll find what this role is all about—the impact you’ll drive, the challenges you’ll tackle, and what it takes to thrive at Addi. If you’re ready to be part of something big, keep reading. WHAT’S THE MISSION YOU’LL DRIVE Own and drive cloud security across Addi's AWS infrastructure, laying the technical foundation for a mature, scalable cloud security program. Over the next 12 months, this person will build CNAPP from scratch, harden the cloud environment, and establish secure infrastructure-as-code standards using Terraform, reducing cloud risk while enabling the team to move fast. WHAT YOU WILL DO - Conduct a comprehensive cloud security assessment across all AWS accounts within the first 60 days, producing a prioritized findings inventory and a remediation roadmap, ensuring 100% of critical and high-severity findings are remediated in the SLA. - Design, configure, and operationalize CrowdStrike CNAPP from the ground up, achieving full AWS environment coverage and enabling continuous posture monitoring, misconfiguration detection, and threat detection across cloud workloads. - Assess the current Terraform codebase and define secure IaC standards and best practices, including policy-as-code controls, secrets management, and least privilege enforcement, with ≥80% of new infrastructure deployments following the defined standards. - Own and maintain the cloud security controls required to sustain ISO 27001 certification, ensuring zero critical gaps in cloud-related control domains and delivering the necessary evidence and documentation for ongoing audits. - Establish continuous cloud security monitoring and alerting within CrowdStrike NG-SIEM, ensuring all critical cloud events are correlated and actionable, with defined SLAs for response to cloud-originated alerts. WHAT WE’RE LOOKING FOR - Deep AWS Security Expertise (Must-Have) - Hands-on experience securing AWS environments, including IAM, VPC, S3, CloudTrail, GuardDuty, Security Hub, and KMS. - Strong understanding of the AWS shared responsibility model, attack surface management, and cloud-native threat vectors. - Proven ability to assess and harden AWS environments against CIS Benchmarks, AWS Well-Architected Security Pillar, and ISO 27001 controls. - CNAPP / CSPM Operational Experience (Must-Have
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.