Cloud Security Engineer (AWS)

TL;DR

Cloud Security Engineer (AWS): Own and drive cloud security across hirify.global's AWS infrastructure, laying the technical foundation for a mature, scalable cloud security program by building CNAPP from scratch, hardening the cloud environment, and establishing secure infrastructure-as-code standards using Terraform. Focus on conducting comprehensive assessments, operationalizing CrowdStrike CNAPP for continuous monitoring, defining secure IaC practices, sustaining ISO 27001 certification, and establishing continuous alerting in CrowdStrike NG-SIEM.

Location: Colombia-based company, team from around the world

Company

Leading Buy Now, Pay Later provider and financial platform in Colombia, serving over 2 million customers and 20,000 merchants with banking and commerce solutions.

What you will do

• Conduct comprehensive cloud security assessment across all AWS accounts, produce prioritized findings and remediation roadmap, remediate 100% of critical/high findings per SLA.
• Design, configure, and operationalize CrowdStrike CNAPP for full AWS coverage, continuous posture monitoring, misconfiguration detection, and threat detection.
• Assess Terraform codebase, define secure IaC standards including policy-as-code, secrets management, least privilege, with 80%+ new deployments compliant.
• Own cloud security controls for ISO 27001 certification, ensure zero critical gaps, provide audit evidence.
• Establish continuous cloud security monitoring and alerting in CrowdStrike NG-SIEM with defined SLAs for critical events.

Requirements

• Deep AWS security expertise: hands-on with IAM, VPC, S3, CloudTrail, GuardDuty, Security Hub, KMS; AWS shared responsibility model, CIS Benchmarks, Well-Architected Security Pillar, ISO 27001.
• CNAPP/CSPM operational experience: CrowdStrike Falcon Cloud Security, Wiz, Prisma Cloud; configure rules, suppress false positives, build dashboards.
• Cloud vulnerability & risk management: end-to-end findings handling, risk assessment beyond CVSS, cross-functional remediation.
• Collaboration: individual contributor partnering with platform/engineering teams, communicate risks to stakeholders.

Nice to have

• Terraform & secure IaC: writing/reviewing IaC, security in pipelines (Checkov, tfsec), secrets detection, IAM patterns.
• Compliance & audit: ISO 27001 for cloud, evidence gathering.

Culture & Benefits

• High-impact role in fast-scaling fintech redefining payments and banking in Colombia.
• Ownership culture with equity, competitive compensation, growth opportunities.
• World-class team emphasizing excellence, collaboration, and values-driven building.

Hiring process

• People Interview (30 min) with recruiter/hiring manager.
• Initial Interview (45 min) with Engineering Manager on skills and approach.
• Case Study (3-5 days) real-world challenge.
• Deep Dive Interview (30 min) with colleagues.
• Co-Founder Interview for final alignment.