We are a leading financial platform, building the future of payments, shopping, and banking—a world where consumers and merchants can transact effortlessly, grow together and where we create abundance and generate pride in them. Today, we serve over 2 million customers and partner with more than 20,000 merchants, making Addi Colombia’s fastest-growing marketplace.

We provide banking solutions (deposits, payments, unsecured credit) and commerce services (e-commerce, marketing) using state-of-the-art technology, bridging the financial gap for millions and redefining how people experience financial freedom. As the country’s leading Buy Now, Pay Later provider, we have secured regulatory approval to operate as a bank, unlocking even greater opportunities for our customers. In the past year, we have also achieved profitability, reinforcing the strength of our business model and our ability to scale sustainably.

Our mission has earned the trust of world-class investors, including Andreessen Horowitz, Architect Capital, GIC, Goldman Sachs, Greycroft, Monashees, Notable Capital, Quona Capital, Union Square Ventures, Victory Park Capital, and more, who back our vision for the future. With their support, we are not just growing—we are transforming Latin America’s financial ecosystem and shaping the next generation to shop, pay, and bank in Colombia.

But what truly sets us apart is how we build. We are a conscious company, driven by deep experience in scaling technology, services and products, and we live by our values every day.

About the Role

This is where you come in. Below, you’ll find what this role is all about—the impact you’ll drive, the challenges you’ll tackle, and what it takes to thrive at Addi. If you’re ready to be part of something big, keep reading.

What’s the mission you’ll drive

Own the execution and continuous improvement of operational security by leading the Application Security and Security Operations teams, ensuring security controls are effectively designed, implemented, and operated to protect Addi’s applications, infrastructure, and customer data at scale. Drive measurable risk reduction while enabling the business to move quickly and securely.

What you will do

Complete the migration to a unified XDR platform covering ≥90% of endpoints and relevant network telemetry within 12 months, reducing false positives by ≥30% and improving Mean Time to Detect (MTTD) for high-severity incidents to under 1 hour through mature detection engineering and operational ownership.
Implement and operationalize SASE and DLP controls to secure user access, SaaS usage, and sensitive data flows, including a secure and scalable strategy for exposing internal applications, reducing high-risk data exposure events by ≥40%, enforcing DLP policies across ≥95% of users, and maintaining user-reported access issues within agreed operational thresholds.
Establish and operate a risk-based vulnerability management program with SAST fully integrated into the SDLC, ensuring ≥95% of critical vulnerabilities are remediated within SLAs, achieving ≥90% SAST coverage across production applications, and demonstrating a sustained reduction in recurring critical findings over time.
Build a brand protection and external threat intelligence capability, including phishing detection, impersonation monitoring, and takedown processes, detecting and remediating ≥90% of confirmed cases within SLAs, reducing time-to-takedown by ≥50%, and providing regular reporting on brand abuse trends and customer impact.
Design and deploy a centralized SIEM with prioritized detection use cases and an initial SOAR strategy, automating response for high-volume incident types, reducing Mean Time to Respond (MTTR) by ≥50%, and automating ≥30% of repetitive security response workflows within the first year.

What we’re looking for

Proven Experience Leading Security Engineering Teams
- 4+ years of experience leading and scaling security engineering teams in high-growth, fast-paced environments such as startups, fintech, or SaaS organizations.
- Demonstrated ability to deliver complex, multi-year security initiatives while balancing speed, quality, and risk.
- Experience operating in regulated or risk-sensitive environments (e.g., fintech, payments, financial services).
Demonstrates Strong Technical Leadership & Security Architecture Judgment
- Deep hands-on understanding of modern security architectures across application security, cloud, identity, and security operations.
- Ability to translate security strategy and architecture into practical, scalable implementations executed by engineering teams.
- Experience integrating and operating platforms such as XDR, SIEM, SAST, DLP, mobile security, and container security solutions.
Track Record of Risk-Based Delivery & Business Alignment
- Proven ability to prioritize security initiatives based on risk, business impact, and threat context rather than theoretical best practices.
- Understands how security controls support product delivery, customer trust, and regulatory obligations.
- Makes pragmatic trade-offs, clearly articulates residual risk, and escalates issues appropriately when constraints exist.
Possesses Strong People Leadership & Operational Ownership
- Leads, coaches, and develops security engineers, setting clear expectations, accountability, and growth paths.
- Establishes execution rhythms, operational processes, and on-call practices to ensure reliable and predictable security outcomes.
- Fosters a culture of ownership, continuous improvement, and collaboration across security teams.
Experienced in Cross-Functional Leadership & Executive Communication
- Communicates security risks, decisions, and trade-offs clearly to engineering, IT, product, and leadership stakeholders.
- Partners effectively with application, infrastructure, and business teams to embed security into day-to-day operations.
- Provides concise, metrics-driven updates to leadership focused on outcomes, trends, and measurable risk reduction.

Why join us?

Work on a problem that truly matters – We are redefining how people shop, pay, and bank in Colombia, breaking down financial barriers and empowering millions. Your work will directly impact customers' lives by creating more accessible, seamless, and fair financial services.
Be part of something big from the ground up – This is your chance to help shape a company, influencing everything from our technology and strategy to our culture and values. You won’t just be an employee—you’ll be an owner
Unparalleled growth opportunity – The market we’re tackling is massive, and we’re growing faster than almost any fintech lender at our stage. If you’re looking for a high-impact role in a company that’s scaling fast, this is it.
Join a world-class team – Work alongside top-tier talent from around the world, in an environment where excellence, ownership, and collaboration are at the core of everything we do. We care deeply about what we build and how we build it—and we want you to be a part of it.
Competitive compensation & meaningful ownership – We believe in rewarding our talent. You’ll receive a generous salary, equity in the company, and benefits that go beyond the basics to support your growth.

How the hiring process looks like

We believe in a fast, transparent, and engaging hiring experience that allows both you and us to determine if there's a great fit. Here’s what our process looks like:

Step 1: People Interview (30 min)
A conversation with a recruiter or hiring manager to get to know you, your experience, and what you're looking for. We’ll also share more about Addi, our culture, and the role.
Step 2: Initial Interview (60 min)
A more in-depth conversation with our Head of Cybersecurity, where we explore your skills, experience, and problem-solving approach. We want to understand how you think and work.
Step 3: Role Play (60 min)
You'll navigate a leadership scenario with an Engineering Manager and a Recruiter, focusing on people management, and handling challenges within the team. Be prepared to showcase your people management skills.
Step 4: Case Study (3-5 Days)
You may receive a real-world challenge or case study to complete. This is a chance to showcase your expertise and how you approach key problems relevant to the role.
Step 5: Co-Founder Interview
If there’s a strong match, you’ll have a final conversation with our Founder to align on expectations, cultural fit and ensure mutual excitement. From there, we’ll move quickly to an offer and discuss next steps.

We value efficiency and respect for your time, so we aim to complete the process as quickly as possible. Our goal is to make this experience insightful and exciting for you, just as much as it is for us. Regardless of the outcome, we are committed to always providing feedback, ensuring that you walk away with valuable insights from your experience with us.

Apply now

See more open positions at Addi

Privacy policy Cookie policy