Senior Security Engineer

<div class="content-intro"><p data-pm-slice="1 1 []"><strong>Kikoff: The Fintech Powering Financial Security at Scale</strong><br>Kikoff is a profitable, pre-IPO fintech company on a mission to empower everyone to achieve financial security. With record revenue growth in 2025 and a unicorn valuation, we've built a suite of products that help millions of people build credit, access liquidity, and save money.<br>We're scaling fast. Join us if you want to build something meaningful and help millions of people move forward financially.</p> <p>&nbsp;</p> <p><strong>Why Kikoff:</strong></p> <p>This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact.</p></div><h3>About the Role</h3> <p>This is a mission-critical role at the heart of how Kikoff protects millions of customers and their financial data. You'll own a wide mandate — from securing our cloud infrastructure and developer workflows to hardening our software supply chain and protecting how data moves across our stack. This isn't a compliance checkbox role. You'll have real ownership, and the work you do will be felt by every engineer at Kikoff and every customer we serve.</p> <h3>In This Role, You Will</h3> <p><strong>Build &amp; Secure</strong></p> <ul> <li>Design and maintain secure-by-default infrastructure patterns — IaC modules, container configurations, IAM policy baselines, and secrets management — so the secure path is the easy path for developers</li> <li>Own our cloud security posture across AWS: continuous coverage, guardrails, drift detection, and remediation workflows</li> <li>Harden our CI/CD pipelines and lead our software supply chain security strategy, including dependency scanning, artifact signing, and pipeline integrity</li> </ul> <p><strong>Protect Data</strong></p> <ul> <li>Own security across our data infrastructure — classification, access controls, encryption, and securing data flows across cloud storage and internal pipelines</li> <li>Build detection and audit logging capabilities that give us visibility at scale</li> </ul> <p><strong>Enable Engineering</strong></p> <ul> <li>Partner with product and platform engineers to embed security into the development lifecycle through code review, threat modeling, and reusable secure patterns</li> <li>Build internal tooling that scales security and our engineering teams</li> <li>Be the person engineers come to for a clear, practical answers</li> </ul> <p><strong>Improve &amp; Respond</strong></p> <ul> <li>Participate in incident response and postmortems</li> <li>Track and drive remediation of vulnerabilities across infrastructure and applications</li> <li>Help shape our security program as an early, senior hire on the team</li> </ul> <h3>Qualifications</h3> <ul> <li>5+ years in security engineering with meaningful experience in cloud-native environments (AWS strongly preferred)</li> <li>Hands-on with infrastructure-as-code security — you've written and reviewed Pulumi or Terraform and know where things go wrong</li> <li>Strong command of AWS security primitives</li> <li>Experience securing containerized workloads</li> <li>Fluency in at least one scripting or programming language for automation (Python, Go, Ruby, or similar)</li> <li>Comfortable in a regulated environment — you've worked through PCI-DSS, SOC 2, or similar</li> <li>Experience with industry leading CNAPP or CSPM tooling</li> </ul> <p><strong>Bonus points for:</strong></p> <ul> <li>Supply chain security depth: dependency confusion mitigations, artifact provenance.</li> <li>Data security expertise — tokenization, column-level access controls, audit logging at scale</li> <li>Fintech or consumer financial services background</li> <li>You've built internal security tooling from scratch, not just deployed vendor products</li> </ul> <h3>What Good Looks Like</h3> <p>You think in defaults, not policies. You'd rather fix the infrastructure module than write a runbook. You're comfortable telling an engineer <em>"here's the secure version, just use this"</em> — and they actually do.</p> <p></p> <p>&nbsp;</p><div class="content-pay-transparency"><div class="pay-input"><div class="title">Base Range</div><div class="pay-range"><span>$244,000</span><span class="divider">&mdash;</span><span>$292,000 USD</span></div></div></div><div class="content-conclusion"><p><u>Equal Employment Opportunity Statement</u></p> <p>Kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.</p> <p>Please reference the following for <a href="https://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf" target="_blank">more information</a>.</p></div>