Senior Security Engineer

Kikoff: A FinTech Unicorn Powering Financial Progress with AI At Kikoff, our mission is to provide radically affordable financial tools to help consumers achieve financial security. We're a profitable, high growth FinTech unicorn serving millions of people, many of whom are building credit or navigating life paycheck to paycheck. With innovative technology and AI, we simplify credit building, reduce debt, and expand access to financial opportunities to those who need them the most. Founded in 2019, Kikoff is headquartered in San Francisco and backed by top-tier VC investors and NBA star Stephen Curry. Why Kikoff: This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact. About the Role This is a mission-critical role at the heart of how Kikoff protects millions of customers and their financial data. You'll own a wide mandate — from securing our cloud infrastructure and developer workflows to hardening our software supply chain and protecting how data moves across our stack. This isn't a compliance checkbox role. You'll have real ownership, and the work you do will be felt by every engineer at Kikoff and every customer we serve. In This Role, You Will Build Secure Design and maintain secure-by-default infrastructure patterns — IaC modules, container configurations, IAM policy baselines, and secrets management — so the secure path is the easy path for developers Own our cloud security posture across AWS: continuous coverage, guardrails, drift detection, and remediation workflows Harden our CI/CD pipelines and lead our software supply chain security strategy, including dependency scanning, artifact signing, and pipeline integrity Protect Data Own security across our data infrastructure — classification, access controls, encryption, and securing data flows across cloud storage and internal pipelines Build detection and audit logging capabilities that give us visibility at scale Enable Engineering Partner with product and platform engineers to embed security into the development lifecycle through code review, threat modeling, and reusable secure patterns Build internal tooling that scales security and our engineering teams Be the person engineers come to for a clear, practical answers Improve Respond Participate in incident response and postmortems Track and drive remediation of vulnerabilities across infrastructure and applications Help shape our security program as an early, senior hire on the team Qualifications 5+ years in security engineering with meaningful experience in cloud-native environments (AWS strongly preferred) Hands-on with infrastructure-as-code security — you've written and reviewed Pulumi or Terraform and know where things go wrong Strong command of AWS security primitives Experience securing containerized workloads Fluency in at least one scripting or programming language for automation (Python, Go, Ruby, or similar) Comfortable in a regulated environment — you've worked through PCI-DSS, SOC 2, or similar Experience with industry leading CNAPP or CSPM tooling Bonus points for: Supply chain security depth: dependency confusion mitigations, artifact provenance. Data security expertise — tokenization, column-level access controls, audit logging at scale Fintech or consumer financial services background You've built internal security tooling from scratch, not just deployed vendor products What Good Looks Like You think in defaults, not policies. You'd rather fix the infrastructure module than write a runbook. You're comfortable telling an engineer "here's the secure version, just use this" — and they actually do. Base Range $244,000 $292,000 USD Equal Employment Op ... (truncated, view full listing at source)