Who's Hiring Cybersecurity Professionals in Colombia in 2026?

In This Guide

• Introduction: Colombia’s cybersecurity metro
• Reading the cybersecurity job map in Colombia
• Multinationals and cloud security
• Banks and fintech security
• Government, defense, and national security
• Critical infrastructure and OT/SCADA security
• Healthcare and insurance security
• Telecom and connectivity security
• Bogotá and Medellín as security hubs
• Remote-first and nearshore security roles
• Hiring channels, training pipelines, and transitions
• Choosing your line: match profile to sector
• A 90-day action plan to enter or upgrade cyber
• Conclusion: Your map and next steps
• Frequently Asked Questions

Reading the cybersecurity job map in Colombia

Once you stop seeing “cybersecurity” as a single destination and start seeing it as a metro map, the chaos begins to make sense. Each sector becomes a line (banks, multinationals, OT/energy, healthcare, telecom, government, startups); each employer is a station with its own entry doors, and Bogotá and Medellín are the big interchanges where most tracks meet.

How big is the opportunity?

Market analyses of Colombia’s cybersecurity sector describe sustained double-digit annual growth, driven by cloud adoption, digitization and national security concerns. Banking alone absorbs close to 30% of total security spend, while healthcare is projected to grow above 12% CAGR through 2031, according to industry research summarized by Alcor’s overview of Colombia’s tech industry. Yet staffing reports converge on a stubborn gap: an estimated 3,000-5,000 cybersecurity roles remain unfilled, while only about 1,000-1,500 professionals each year have the mix of skills employers actually need.

Bogotá and Medellín as main hubs

Job data from platforms like LinkedIn and Glassdoor show roughly 60% of cybersecurity roles concentrated in Bogotá, about 25% in Medellín, and the remaining 15% spread across cities like Cali, Barranquilla and Bucaramanga. Bogotá hosts headquarters for major banks, EPS and central government, plus regional offices of Microsoft, Google, AWS, IBM, Accenture and others, so equivalent roles often pay 15-25% more than in regional cities. Medellín, anchored by Ruta N and universities like EAFIT, trades slightly lower salaries for a strong engineering pipeline and lower living costs.

Policy as a hiring signal

Colombia’s updated national cybersecurity strategy, highlighted by BNamericas’ coverage of the new cyber strategy, plus Ley 1581 on data protection and stricter Superintendencia Financiera rules, are reshaping demand. The CNSC has announced around 30,000 new public vacancies, with a share earmarked for IT and security, and an OECD study on Latin America’s cyber workforce stresses that countries like Colombia must rapidly expand both university and vocational training to close the gap.

In practice, that means your job search should follow the map, not the noise:

• Anchor your hunt in Bogotá or Medellín (even for remote roles).
• Pick a line - banks, cloud, OT/energy, healthcare, telecom, government, or startups.
• Watch new regulations: 6-12 months after a rule lands, hiring spikes in the affected sector.

Multinationals and cloud security

Think of multinationals and cloud providers as the express line that cuts straight through Bogotá and Medellín: high speed, high salaries, and very little room for passengers who aren’t prepared.

Who is actually hiring?

Global players using Colombia as a LATAM and nearshore hub include Microsoft Colombia, Google Cloud LATAM, AWS, IBM Security and Accenture Security, plus consultancies like Globant and Mercado Libre’s platform teams. Searches like the dedicated cloud security roles in Colombia on Indeed routinely show dozens of openings for Bogotá, Medellín and remote.

Typical in-country roles include:

• SOC Analyst and Threat Detection Engineer
• Cloud Security Engineer (AWS/Azure/GCP)
• Identity & Access Management (IAM) Specialist
• Security Architect or Technical Lead

Roles, salaries, and what they protect

Representative ranges sit around $3,500,000-$8,000,000 COP/month for SOC analysts; $6,000,000-$9,000,000 for mid-level cloud security engineers and $8,000,000-$14,000,000 for senior; $5,500,000-$8,500,000 for IAM specialists; and $9,000,000-$14,000,000+ for architects. For senior cloud and AI-security leads working on global accounts, consolidated guides like Unihackers’ salary report place compensation around $18,000,000-$25,000,000+ COP/month.

Day to day, these teams secure large Azure, AWS and GCP environments, harden identity platforms such as Microsoft Entra ID and Google Workspace, embed security in CI/CD pipelines, and increasingly design controls for AI pipelines - protecting training data, models and inference APIs. Analysts at C4 Tech Services’ 2026 trends report note that AI-driven security has become a core expectation, not a nice-to-have, in these teams.

How to be competitive on this line

Multinationals typically expect strong English (B2+), 2-3 years in systems, networking or software, one major cloud certification (AWS Security Specialty, AZ-500 or Google Cloud Security Engineer), a baseline like CompTIA Security+, and evidence of automation skills with Python, PowerShell or Terraform. The smartest entry is often via SOC or junior cloud security roles, then growing toward architect or lead positions with certs like CISSP or CISM over 4-6 years.

Banks and fintech security

On Colombia’s cybersecurity metro, the banking and fintech line is the longest train on the network: crowded, noisy, but powered by the biggest security budgets in the country. Every transaction, from a Nequi transfer to a RappiPay purchase, flows through systems that criminal groups probe thousands of times a day.

Who sits on this line?

Traditional players like Bancolombia, Grupo Aval (Banco de Bogotá, Occidente, Popular, AV Villas), Davivienda, Scotiabank Colpatria and BBVA Colombia run large in-house security teams in Bogotá and Medellín. On the fintech side, RappiPay, RappiCard, Nequi and a wave of lending and BNPL startups hire security and fraud talent aggressively, often with more flexible remote options and equity.

According to salary benchmarks compiled by platforms such as Magneto’s cybersecurity specialist salary guide, typical monthly ranges are:

• $4,500,000-$7,500,000 COP for fraud / behavioral analytics analysts
• $4,000,000-$7,000,000 COP for SOC and monitoring analysts in banks
• $7,000,000-$12,000,000 COP for application security engineers
• $6,000,000-$10,000,000 COP for GRC and compliance officers
• $10,000,000-$18,000,000+ COP for security managers and architects

Fintechs frequently add a 10-20% premium on top of that for equivalent roles, plus stock options.

What exactly are they defending?

Banking and fintech security teams live in permanent red alert. Their work spans:

• Real-time fraud detection on cards, PSE and wallets
• Securing APIs and mobile apps against credential stuffing and mobile malware
• Hardening identity flows to reduce account takeover and SIM-swap attacks
• Maintaining strict alignment with Superintendencia Financiera and SARLAFT rules

Analysts at events like CyberSecurity Bank & Government Colombia emphasize that local banks are now treated as critical infrastructure, with board-level pressure to avoid the reputational damage seen in high-profile regional breaches. For you, that translates into intense but stable demand, especially if you can speak both “data” and “regulation.”

Government, defense, and national security

On Colombia’s cybersecurity metro, the government and defense line is less visible than banks or cloud - but it underpins the whole system. Here, the “passengers” are ministries, armed forces and regulatory agencies defending elections, tax systems, and critical state infrastructure.

Who’s on this line?

The main security employers are the Ministerio de Defensa (cyber defense units for the armed forces), the Policía Nacional - Centro Cibernético inside DIJIN, national CSIRTs such as ColCERT under MinTIC, and high-impact agencies like DIAN and the Registraduría. Civilian hiring is usually funneled through CNSC’s merit-based processes and its SIMO platform, which, as the CNSC explains in its vacancy announcements, will keep channeling large waves of public-sector roles over the coming years.

Roles, salaries, and missions

Salary bands are defined by public scales rather than pure market pressure, but specialized cyber profiles still sit in the upper tiers. Typical ranges are around $5,000,000-$7,000,000 COP/month for cyber defense or threat analysts and $5,000,000-$9,000,000 COP/month for digital forensics, incident responders or cyberintelligence specialists. Their work covers:

• Defending military and police networks from espionage and nation-state attacks
• Investigating cybercrime, ransomware and large-scale data theft
• Protecting electoral processes and democratic institutions from interference
• Coordinating national incident response across sectors via CSIRTs

A real military-to-civilian bridge

For many soldiers and police officers, cyber is the cleanest path into a civilian tech career. The Policía’s internal master’s and postgraduate programs in cybersecurity formalize skills earned in investigations, intelligence and communications. Combined with SENA or university diplomas and baseline certs like Security+ or CEH, that experience translates smoothly into roles in banking, energy, telecom and private MSSPs.

An OECD report on Latin America’s cyber workforce stresses that building public-sector capacity is essential for the whole ecosystem, noting that governments must expand both vocational and university pathways to sustain growth. For you, this line offers mission-driven work, strong stability, and a powerful story when you eventually pivot into the private sector.

Critical infrastructure and OT/SCADA security

On Colombia’s cybersecurity metro, the critical infrastructure line runs far from the flashy cloud towers. It weaves through refineries, hydro dams, gas pipelines and high-voltage substations where a misconfigured firewall can literally turn the lights off in Medellín or contaminate water for an entire region.

Who rides this line?

The main “stations” are Ecopetrol (oil and gas, HQ Bogotá), ISA (high-voltage grid, HQ Medellín), EPM (utilities for Medellín/Antioquia) and EMGESA/Enel (generation plants nationwide). Sector salary snapshots, including Ecopetrol’s pay data, consistently place these companies among Colombia’s best-paying employers for technical roles, with security specialists earning well above average IT salaries.

Roles, salaries, and what’s at stake

Typical ranges in this line are around $6,000,000-$12,000,000 COP/month for OT/SCADA security engineers, $7,000,000-$11,000,000 COP/month for Industrial Control Systems specialists, and $15,000,000-$30,000,000+ COP/month for cybersecurity managers or directors overseeing energy portfolios. Global forecasts like the Cybersecurity Ventures 2026 market report flag critical infrastructure and OT/SCADA as one of the fastest-growing targets for attackers worldwide, and Colombian operators have taken note.

Unlike classic IT, these teams defend hybrid environments where Windows domains sit next to decades-old PLCs and HMIs. They focus on:

• Isolating and hardening legacy SCADA systems in refineries, pipelines and power plants
• Protecting grid stability to avoid cascading blackouts that hit hospitals, telecoms and cities
• Securing water treatment and distribution so service continues safely during cyber incidents
• Designing controls where a breach can cause physical damage or loss of life

Who is a good fit for OT/SCADA security?

This line is ideal for engineers who already understand plants and field operations. Electrical, mechanical, mechatronics and industrial engineers often pivot into OT security faster than pure software profiles, especially when they layer security courses and IEC 62443 or GIAC ICS certifications on top. When you compare these packages to the average industrial engineer salary in Colombia, the upside of moving into OT security becomes obvious. In a market short on people who can speak both “process” and “packet,” you are not just another analyst - you’re scarce infrastructure.

Healthcare and insurance security

Far from the trading floors and cloud data centers, another critical line on Colombia’s cybersecurity metro runs quietly through hospitals, clinics and EPS headquarters. Here, attackers are not just after money - they are after the medical histories, diagnoses and identity documents that follow a person for life.

Why healthcare is suddenly on the map

As hospitals and EPS move from paper folders to electronic health records and telemedicine, they’ve become prime ransomware and data-theft targets. Market analyses of Colombia’s digital sector consistently rank healthcare as the fastest-growing cybersecurity vertical, driven by stricter enforcement of Ley 1581 de 2012 and Habeas Data, plus rising public outrage when patient data leaks. In parallel, traditional health roles - like occupational safety specialists - sit around mid-range salaries, as shown in studies such as the Universidad Autónoma de Occidente’s overview of health and safety pay, making security-focused positions increasingly attractive inside the sector.

Who is hiring and for what

Large institutions such as Fundación Cardioinfantil in Bogotá, San Vicente Fundación in Medellín, and EPS/insurers like Sura, Sanitas and Salud Total are building out security and privacy teams. Typical monthly ranges look like:

• $4,500,000-$8,500,000 COP for Health Data Privacy Officers / DPOs
• $3,000,000-$5,000,000 COP for cybersecurity or network analysts in hospitals
• $4,000,000-$7,000,000 COP for security engineers at EPS or insurers
• $4,500,000-$7,500,000 COP for GRC officers focused on Ley 1581 and Habeas Data

What these teams actually defend

Unlike banks, where you can reset a card, healthcare teams protect data that cannot be “reissued.” Their scope includes hardening EHR platforms, segmenting medical devices on hospital networks, designing incident response so surgeries continue during a ransomware attack, and proving continuous compliance to regulators. A feature in Infobae’s analysis of Colombian cybersecurity careers notes that privacy and data-protection expertise is now one of the clearest differentiators for specialists trying to stand out in this space.

For IT staff already working in hospitals or EPS, or for lawyers and compliance officers fluent in data protection, this line offers meaningful work, relatively balanced on-call demands, and a chance to become the person who keeps both patients and institutions out of the headlines.

Telecom and connectivity security

On the cybersecurity metro, the telecom line is the invisible backbone: if Claro, Movistar or Tigo go down, every other sector’s trains stop. These are the teams quietly defending the fiber, antennas and core routers that keep your banking app, Rappi order and hospital VPN alive.

Three operators dominate Colombia’s internet access. According to business daily La República’s analysis of the internet market, Claro, Tigo and Movistar concentrate about 92% of connections nationwide, and are leading 5G rollouts and fiber expansion. That concentration means a handful of security teams sit directly in front of most of the country’s traffic, DDoS attempts and SIM-swap fraud.

Inside these operators (and regional players like ETB and Emcali), typical monthly ranges look like:

• $5,500,000-$11,000,000 COP for Network / 5G Security Engineers
• $3,500,000-$7,000,000 COP for SOC or MSSP analysts in carrier environments
• $4,500,000-$7,000,000 COP for fraud specialists focused on SIM swapping and telecom fraud
• $8,000,000-$13,000,000 COP for security managers and architects

The threat model is pure internet backbone. Teams work on:

• Mitigating large-scale DDoS and BGP hijacks against backbone routers
• Securing 5G cores, network slices and edge computing nodes
• Detecting and blocking SIM swapping and identity theft feeding bank fraud
• Balancing lawful interception obligations with data protection rules

For network and systems engineers, this line is a natural upgrade. Cisco-heavy profiles (CCNA/CCNP), plus a baseline like Security+ or CEH, transition into carrier SOCs and 5G security teams. At events like the Claro Tech Summit on enterprise transformation, executives frame telecom operators as strategic security partners for every Colombian company going digital - meaning if you can secure the pipes, you rarely have to worry about demand.

Bogotá and Medellín as security hubs

Step off any TransMilenio in downtown Bogotá or any metro stop near El Poblado and you feel it: these two cities are where Colombia’s security lines converge. Most serious cyber teams, from banks to SaaS startups, either sit in these metros or hire remotely into them.

In Bogotá, security roles cluster around financial districts and northern business corridors, where regional hubs for global tech, consultancies and nearshore providers share the same towers as EPS and ministries. Medellín concentrates its hiring around the innovation district and engineering campuses, where energy companies and product startups tap a dense pool of developers and data scientists.

Both metros also share a critical advantage for career changers: dense education and training options. Beyond traditional universities and local bootcamps, international providers like Nucamp run live online AI, cybersecurity and software programs priced between COP 8,496,000 and COP 15,920,000, with community meetups in Bogotá and Medellín that plug you directly into local tech circles.

On the hiring side, a quick scan of specialized boards such as the Elempleo cybersecurity listings for Bogotá and Medellín shows why these hubs matter: more roles per keyword, more remote-friendly offers, and more exposure to employers serving U.S. and European clients. Regional press like El Colombiano’s salary rankings consistently place security architects and CISOs among the top-paid professionals, and most of those jobs sit in these two metros.

If you’re in Cali, Barranquilla or a smaller city, that doesn’t mean you must move tomorrow. But it does mean choosing Bogotá or Medellín as your “virtual location,” networking into their ecosystems, and treating their metros as your main transfer hubs - whether you ever buy a physical ticket or not.

Remote-first and nearshore security roles

Not every Colombian security role sits in a tower on Calle 72 or a piso alto in El Poblado. A fast-growing share now lives in Slack channels and Zoom rooms, where your “office” is a laptop in Bucaramanga or Pereira, but your team is in Miami, Toronto or Madrid. These are the remote-first and nearshore roles: foreign companies hiring Colombians specifically because of the time zone, talent, and cost balance.

International job boards show the pattern clearly. Searches for senior and mid-level roles on platforms like cybersecurity openings in Colombia on Glassdoor regularly include “LATAM remote” or “Colombia - remote” in the location field, with employers ranging from niche MSSPs to OT/ICS consultancies and cyber-insurance platforms. Aggregators such as Naukri’s cybersecurity jobs in Colombia list thousands of vacancies tagged to the country, many of them remote-friendly, as U.S. and European firms expand nearshore teams instead of onshoring everything.

Compensation here is hybrid. Some companies offer local contracts with a 20-40% premium over typical Colombian salaries for the same title; others pay fully or partially in USD, effectively “dollarizing” part of your income. In exchange, expectations jump: English at B2-C1, comfort presenting to foreign stakeholders, and readiness for multi-stage interviews with live labs, behavioral rounds, and case studies that mirror U.S. or EU hiring processes.

To even get considered, your profile usually needs more than a list of tools. Remote-first employers hunt for people who can own a niche - cloud detection engineering, OT incident response, AppSec for SaaS products - and prove it. That often means:

• A CV in English tailored to the role and region
• Public evidence of skills (GitHub, HackTheBox/TryHackMe, blog posts, talks)
• At least one strong certification aligned with your niche (cloud, OT, GRC, offensive)

For Colombians willing to invest in English and a clear specialization, this line effectively turns Bogotá and Medellín into launchpads, not destinations: you plug into their ecosystems, then ride a remote train that never actually requires you to tap a metro card.

Hiring channels, training pipelines, and transitions

You can’t board a metro without a ticket, and in Colombia’s cybersecurity market those “tickets” are degrees, technical diplomas, certifications and visible projects. The good news is that there isn’t just one track: there are public programs, university routes, private bootcamps (including international options), and on-the-job pivots for people already in IT, engineering or the public sector.

On the public side, SENA’s técnico programs in information security and incident management give you a low-cost entry point in 6-12 months. Graduates typically land junior SOC or IT security assistant roles around $2,500,000-$3,500,000 COP/month, then stack experience and certifications. In parallel, MinTIC has been rolling out free online training through initiatives like Senatic’s digital skills programs, which increasingly weave in cybersecurity, cloud and AI basics for career switchers and unemployed professionals.

Universities provide the more traditional pipelines. Universidad Nacional, Universidad de los Andes, EAFIT and Universidad del Valle all run engineering degrees and postgraduate programs with security tracks or diplomas. Their graduates are heavily recruited into banks, multinationals and public agencies, and many later specialize further with master’s degrees in security or governance to move into architect, GRC or CISO paths.

Then there is the private bootcamp and platform ecosystem. Platzi’s subscription model lets you follow full security, ethical hacking or cloud paths at a relatively low monthly cost. Cohort-based bootcamps like Coderhouse run 4-month offensive and defensive programs in Spanish that come with job placement support. International providers such as Nucamp add another layer: a 15-week Cybersecurity Bootcamp or a 16-week Back End, SQL and DevOps program at around COP 8,496,000, or AI-focused paths priced between COP 14,328,000 and COP 15,920,000, often with payment plans, ~78% employment and ~75% graduation rates.

For transitions, the pattern is similar whether you come from the military, police, IT support or a non-technical career. You combine one of these pipelines with a baseline cert (Security+, CEH or cloud), build a small but concrete portfolio of labs or projects, and then use the right hiring channels for your target line: LinkedIn, Elempleo and Glassdoor for private roles, and CNSC/SIMO when you want to compete for public cybersecurity and IT posts.

Choosing your line: match profile to sector

Standing in San Antonio at rush hour, sprinting after every train is a recipe for ending up in the wrong barrio. The same is true in cybersecurity: chasing any “cyber” job that appears in your feed usually leads to frustration. The move that works is matching who you are today with the line that gives you the best first station and a realistic transfer two or three stops later.

Research on Latin America’s workforce from organizations like the OECD’s cybersecurity skills report points out that the biggest barrier isn’t interest, it’s misalignment: people train in one area and apply in another, while employers keep raising requirements for mismatched profiles. At the same time, hiring advisors such as Lorien’s guidance for cyber leaders warn that organizations must rethink rigid checklists and consider non-linear paths. You can use that gap to your advantage - if you pick the right entry line.

The goal is not to pick a line for life, but to choose the one that makes your first move easiest and your second move valuable. Use your background as your unfair advantage: lean on what you already know (networks, plants, investigations, data) to get on the train, then deliberately plan where you’ll transfer once you’ve ridden it for a few years.

A 90-day action plan to enter or upgrade cyber

Ninety days is about the distance between staring at the metro map and actually riding your first line. You won’t become a senior architect in three months, but you can become a credible junior or mid-level candidate who interviews with confidence and has a story that matches the roles you’re applying for.

Days 1-30: Pick your line and lay foundations

• Choose one target sector (banks, cloud, OT, healthcare, telecom, government, startups) and stick to it.
• Complete an intro security course (Platzi, SENA or similar) and start preparing for a vendor-neutral cert like Security+.
• Review a salary guide such as Unihackers’ role-by-role breakdown to validate that your chosen line fits your financial goals.
• Rewrite your CV and LinkedIn so your title and summary clearly reflect your target role (e.g., “Junior SOC Analyst” or “Aspiring OT Security Engineer”).

Days 31-60: Prove skills with small, visible projects

• Build 2-3 focused labs that match your line: secure a small cloud environment, analyze fake transaction logs, or map and harden a home “OT” network with VLANs.
• Document each lab in a short write-up or GitHub README that explains the problem, what you did, and the results.
• Start applying to 5-10 highly relevant roles per week instead of blasting generic applications.

Days 61-90: Iterate with feedback and interview practice

• Do at least one mock interview per week (with a friend, mentor, or recorded self-practice).
• For every rejection, adjust one concrete thing: a bullet in your CV, a project description, or how you answer a specific question.
• Use success stories like the “no zero days” journey documented in Josh Madakor’s 100-day cybersecurity transformation as a template: do something - however small - for your cyber career every single day.

By the end of 90 days, the biggest change won’t just be your skills; it will be narrative coherence. Your projects, CV, and applications will all point to the same line and first station, making it far easier for hiring managers to picture you on their train.

Conclusion: Your map and next steps

Picture San Antonio station again at 6:30 a.m. The trains, the noise, the crush of people haven’t changed - but you have. Instead of seeing a blur of colors, you recognize the blue banking line, the green cloud multinationals, the orange OT and energy, the smaller branches to healthcare, telecom, government and startups, all intersecting in Bogotá and Medellín. The chaos didn’t disappear; you just learned to read the map.

In Colombia’s cybersecurity market, the real advantage is no longer simply “being in cyber.” It is knowing which sector you’re defending, for which type of employer, and against what kinds of threats. Banks and fintechs fight fraud at massive scale, energy companies guard turbines and pipelines, healthcare defends the most intimate data, telecoms hold the backbone, and government teams secure democracy itself. A growing constellation of local consultancies and product companies - many of them highlighted in rankings of top cybersecurity firms operating in Colombia - shows that the country is no longer just a client; it is a builder.

Your next steps do not require a perfect plan, just a coherent one. Choose one line that fits your background, pick a realistic first station (SOC analyst, OT junior, fraud analyst, AppSec-minded developer), and commit 90 days to aligning your courses, labs and applications with that story. Use public tracks like SENA and university diplomas, and, if you need flexibility or a career change, consider structured bootcamps - local platforms or international options like Nucamp’s AI and cybersecurity programs - that combine affordability, community and clear outcomes.

From there, every small action is like walking toward the right platform: a rewritten CV, a completed lab, a mock interview, a single targeted application. The trains will still arrive fast and crowded, but you don’t need all of them. You just need the one that matches your line, your station, and the next stop in the career you are choosing to build.

Frequently Asked Questions