[Remote] Senior Security Engineer

Note: The job is a remote job and is open to candidates in USA. Kikoff is a profitable, pre-IPO fintech company on a mission to empower everyone to achieve financial security. In this role, you will be responsible for securing cloud infrastructure, protecting customer data, and embedding security practices into engineering workflows.

Responsibilities

• Design and maintain secure-by-default infrastructure patterns — IaC modules, container configurations, IAM policy baselines, and secrets management — so the secure path is the easy path for developers
• Own our cloud security posture across AWS: continuous coverage, guardrails, drift detection, and remediation workflows
• Harden our CI/CD pipelines and lead our software supply chain security strategy, including dependency scanning, artifact signing, and pipeline integrity
• Own security across our data infrastructure — classification, access controls, encryption, and securing data flows across cloud storage and internal pipelines
• Build detection and audit logging capabilities that give us visibility at scale
• Partner with product and platform engineers to embed security into the development lifecycle through code review, threat modeling, and reusable secure patterns
• Build internal tooling that scales security and our engineering teams
• Be the person engineers come to for a clear, practical answers
• Participate in incident response and postmortems
• Track and drive remediation of vulnerabilities across infrastructure and applications
• Help shape our security program as an early, senior hire on the team

Skills

• 5+ years in security engineering with meaningful experience in cloud-native environments (AWS strongly preferred)
• Hands-on with infrastructure-as-code security — you've written and reviewed Pulumi or Terraform and know where things go wrong
• Strong command of AWS security primitives
• Experience securing containerized workloads
• Fluency in at least one scripting or programming language for automation (Python, Go, Ruby, or similar)
• Comfortable in a regulated environment — you've worked through PCI-DSS, SOC 2, or similar
• Experience with industry leading CNAPP or CSPM tooling
• Supply chain security depth: dependency confusion mitigations, artifact provenance
• Data security expertise — tokenization, column-level access controls, audit logging at scale
• Fintech or consumer financial services background
• You've built internal security tooling from scratch, not just deployed vendor products

Company Overview

Company H1B Sponsorship