Cloud Security Engineer

🕒 May 8

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Addi

Addi

201 - 500 employees

Addi es una empresa de tecnología que busca impulsar y habilitar el comercio digital en Latinoamérica. En Addi queremos que las personas compren lo que quieran, cuando quieran, de forma fácil, rápida y transparente. Como debe ser.

📋 Description

• Own and drive cloud security across Addi's AWS infrastructure, laying the technical foundation for a mature, scalable cloud security program. • Conduct a comprehensive cloud security assessment across all AWS accounts within the first 60 days, producing a prioritized findings inventory and a remediation roadmap, ensuring 100% of critical and high-severity findings are remediated in the SLA. • Design, configure, and operationalize CrowdStrike CNAPP from the ground up, achieving full AWS environment coverage and enabling continuous posture monitoring, misconfiguration detection, and threat detection across cloud workloads. • Assess the current Terraform codebase and define secure IaC standards and best practices, including policy-as-code controls, secrets management, and least privilege enforcement, with ≥80% of new infrastructure deployments following the defined standards. • Own and maintain the cloud security controls required to sustain ISO 27001 certification, ensuring zero critical gaps in cloud-related control domains and delivering the necessary evidence and documentation for ongoing audits. • Establish continuous cloud security monitoring and alerting within CrowdStrike NG-SIEM, ensuring all critical cloud events are correlated and actionable, with defined SLAs for response to cloud-originated alerts.

🎯 Requirements

• Deep AWS Security Expertise (Must-Have) • Hands-on experience securing AWS environments, including IAM, VPC, S3, CloudTrail, GuardDuty, Security Hub, and KMS. • Strong understanding of the AWS shared responsibility model, attack surface management, and cloud-native threat vectors. • Proven ability to assess and harden AWS environments against CIS Benchmarks, AWS Well-Architected Security Pillar, and ISO 27001 controls. • CNAPP / CSPM Operational Experience (Must-Have) • Experience operating CNAPP or CSPM platforms (CrowdStrike Falcon Cloud Security, Wiz, Prisma Cloud, or equivalent) in production environments. • Ability to configure detection rules, suppress false positives, and translate posture findings into actionable remediation tasks for engineering teams. • Comfortable building cloud security dashboards and reporting for technical and non-technical audiences. • Cloud Vulnerability & Risk Management (Must-Have) • Experience managing cloud security findings end to end, from identification and prioritization through remediation tracking and closure. • Ability to assess risk based on exploitability, exposure, and business impact rather than CVSS score alone. • Track record of driving cross-functional remediation with engineering and platform teams. • Collaboration & Communication (Must-Have) • Comfortable working as an individual contributor embedded in a cybersecurity team, partnering closely with platform and engineering teams. • Able to translate complex cloud security risks into clear, prioritized recommendations for both technical and business stakeholders. • Terraform & Secure IaC (Nice to Have) • Hands-on experience writing and reviewing Infrastructure as Code in production AWS environments. • Experience implementing security controls within IaC pipelines, including static analysis tools (e.g., Checkov, tfsec), secrets detection, and least privilege IAM patterns. • Ability to assess existing infrastructure code, identify security gaps, and drive adoption of secure coding standards across engineering teams. • Compliance & Audit Support (Nice-to-Have) • Familiarity with ISO 27001 requirements as they apply to cloud environments. • Experience gathering and maintaining evidence for cloud-related control domains in support of audits and certifications.

🏖️ Benefits

• Competitive compensation & meaningful ownership • Generous salary • Equity in the company • Benefits that go beyond the basics to support your growth

Apply Now

Similar Jobs

🕒 May 6

Miratech

501 - 1000

Network Security Architect at Miratech leads security architecture for a large-scale network consolidation program for a US-based Tier-2 Telco. Focuses on firewall transformations and security policy optimization.

🇨🇴 Colombia – Remote

💰 Private Equity Round on 2022-04

⏰ Full Time

🟠 Senior

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🕒 April 29

J.S. Held LLC

1001 - 5000

💸 Finance

AI Security Engineer responsible for designing and operationalizing AI security at J.S. Held. Ensuring secure design, implementation, and operation of AI technologies across enterprise.

🇨🇴 Colombia – Remote

💰 Private Equity Round on 2015-10

⏰ Full Time

🟠 Senior

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Azure

Cloud

Cyber Security

Python

🕒 April 14

J.S. Held LLC

1001 - 5000

💸 Finance

AI Security Engineer responsible for designing and operationalizing AI security at J.S. Held, a global consulting firm providing technical and scientific advisory services.

🇨🇴 Colombia – Remote

💰 Private Equity Round on 2015-10

⏰ Full Time

🟠 Senior

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Azure

Cloud

Cyber Security

🕒 March 28

AppGate

501 - 1000

🔒 Cybersecurity

☁️ SaaS

🏢 Enterprise

Security Researcher conducting web application audits and penetration tests. Collaborating with teams to deliver detailed reports and enhance security measures across industries.

AWS

Python

🕒 February 10

Canals

11 - 50

🤖 Artificial Intelligence

🏢 Enterprise

Senior Security Engineer ensuring high-impact security for Canals' AI-driven global supply chain platform. Leading security strategy, incident response, and collaborating across teams in a remote-first environment.