Senior Security Engineer

Kikoff: The Fintech Powering Financial Security at Scale
Kikoff is a profitable, pre-IPO fintech company on a mission to empower everyone to achieve financial security. With record revenue growth in 2025 and a unicorn valuation, we've built a suite of products that help millions of people build credit, access liquidity, and save money.
We're scaling fast. Join us if you want to build something meaningful and help millions of people move forward financially.

Why Kikoff:

This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact.

About the Role

This is a mission-critical role at the heart of how Kikoff protects millions of customers and their financial data. You'll own a wide mandate — from securing our cloud infrastructure and developer workflows to hardening our software supply chain and protecting how data moves across our stack. This isn't a compliance checkbox role. You'll have real ownership, and the work you do will be felt by every engineer at Kikoff and every customer we serve.

In This Role, You Will

Build & Secure

• Design and maintain secure-by-default infrastructure patterns — IaC modules, container configurations, IAM policy baselines, and secrets management — so the secure path is the easy path for developers


• Own our cloud security posture across AWS: continuous coverage, guardrails, drift detection, and remediation workflows


• Harden our CI/CD pipelines and lead our software supply chain security strategy, including dependency scanning, artifact signing, and pipeline integrity

Protect Data

• Own security across our data infrastructure — classification, access controls, encryption, and securing data flows across cloud storage and internal pipelines


• Build detection and audit logging capabilities that give us visibility at scale

Enable Engineering

• Partner with product and platform engineers to embed security into the development lifecycle through code review, threat modeling, and reusable secure patterns


• Build internal tooling that scales security and our engineering teams


• Be the person engineers come to for a clear, practical answers

Improve & Respond

• Participate in incident response and postmortems


• Track and drive remediation of vulnerabilities across infrastructure and applications


• Help shape our security program as an early, senior hire on the team

Qualifications

• 5+ years in security engineering with meaningful experience in cloud-native environments (AWS strongly preferred)


• Hands-on with infrastructure-as-code security — you've written and reviewed Pulumi or Terraform and know where things go wrong


• Strong command of AWS security primitives


• Experience securing containerized workloads


• Fluency in at least one scripting or programming language for automation (Python, Go, Ruby, or similar)


• Comfortable in a regulated environment — you've worked through PCI-DSS, SOC 2, or similar


• Experience with industry leading CNAPP or CSPM tooling

Bonus points for:

• Supply chain security depth: dependency confusion mitigations, artifact provenance.


• Data security expertise — tokenization, column-level access controls, audit logging at scale


• Fintech or consumer financial services background


• You've built internal security tooling from scratch, not just deployed vendor products

What Good Looks Like

You think in defaults, not policies. You'd rather fix the infrastructure module than write a runbook. You're comfortable telling an engineer "here's the secure version, just use this" — and they actually do.

Equal Employment Opportunity Statement

Kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.

Please reference the following for more information.