Nelo is a leading consumer fintech and e-commerce platform in Mexico, with >$500MM in annualized GMV and >$70MM in annualized revenue. Our mission is to increase the buying power of consumers in Latin America by building a modern alternative to credit cards.
We’ve raised over $40M in venture capital from Homebrew, Two Sigma Ventures, and Susa Ventures, and secured a $100M asset credit facility from Victory Park Capital. Our lean team includes leaders from Uber, Amazon, Rappi, and DiDi, with offices in Mexico City and New York City.
About the RoleSecurity has been built into how we build software from day one, but as we scale we are creating a dedicated security engineering role with broad ownership across application security, infrastructure, and internal controls.
This role is built for someone who wants real ownership:
You will prioritize where to invest time and resources
You will implement controls yourself, not delegate them
You will be trusted to balance risk, velocity, and pragmatism
You will work closely with leaders including the CEO and CTO
This role is in-person in our NYC office (Tribeca).
What You’ll DoBuild Secure-by-Default SystemsDesign and implement security guardrails across cloud infrastructure and developer workflows
Improve IAM, secrets management, endpoint management and access controls across production systems
Harden AWS infrastructure using Terraform and policy-as-code
Increase observability for security-relevant events and anomalies
Write code, configs, and tooling to enforce security controls
Reduce reliance on manual reviews through automation
Make the secure path the easiest path
Own and run penetration tests and bug bounty program
Triage findings and partner with engineers to fix issues
Turn findings into systemic improvements
Take Nelo through SOC2 (Type 1 and Type 2)
Implement automated evidence collection
Set standards by example through high-quality implementations
Review designs and PRs with a security-first mindset
5+ years of engineering experience, with a meaningful focus on security
Strong hands-on experience with cloud security fundamentals
Comfortable working with Terraform or similar infrastructure-as-code tooling
You’ve taken a company through SOC2, ISO 27001, or similar certification
You’ve run bug bounty programs or managed pentests directly
You have strong experience with AWS (eg. GuardDuty, CloudTrail, IAM, security groups)
You use Claude Code or other agentic coding tools
You need a separate team to implement your ideas
You prefer static environments over fast-moving systems
Competitive compensation and meaningful equity
100% medical, dental, and vision coverage (50% for dependents)
Unlimited PTO and generous parental leave
401(k)
Conversation with the hiring manager
Case study
On-site Interview
Fast decision
Top Skills
Nelo New York, New York, USA Office
New York, New York, United States, 10013
Similar Jobs
.png)
What you need to know about the NYC Tech Scene
Key Facts About NYC Tech
- Number of Tech Workers: 549,200; 6% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Capgemini, Bloomberg, IBM, Spotify
- Key Industries: Artificial intelligence, Fintech
- Funding Landscape: $25.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Greycroft, Thrive Capital, Union Square Ventures, FirstMark Capital, Tiger Global Management, Tribeca Venture Partners, Insight Partners, Two Sigma Ventures
- Research Centers and Universities: Columbia University, New York University, Fordham University, CUNY, AI Now Institute, Flatiron Institute, C.N. Yang Institute for Theoretical Physics, NASA Space Radiation Laboratory
