Security Engineer • Mid-Level

Who you are

You are an experienced security professional with a strong background in managing security operations and compliance programs. You have hands-on experience with AWS and are comfortable writing code to implement security controls. Your expertise includes SOC 2 and PCI DSS compliance, and you understand the importance of balancing security with engineering agility.

You have a proven track record in vulnerability management, having established programs that define SLAs and remediation workflows. You are skilled in building security automation using Infrastructure as Code tools like Terraform and Pulumi, and you are familiar with implementing PAM and JIT access workflows.

Your experience includes managing external penetration testing programs and conducting internal assessments of applications, APIs, and infrastructure. You are adept at developing SIEM detection rules and security dashboards, and you have a solid understanding of incident response processes.

You thrive in a building role where you can directly contribute to the security posture of the organization. You are proactive in identifying potential threats and have experience conducting threat modeling for critical systems. You are also comfortable collaborating with auditors and external vendors to ensure compliance and security standards are met.

Desirable

Experience with security frameworks and standards beyond SOC 2 and PCI DSS is a plus. Familiarity with additional security tools and technologies will enhance your ability to succeed in this role.

What you'll do

In this role, you will be responsible for managing the security operations at Kikoff. You will build and automate security controls, ensuring that the engineering teams can operate efficiently while maintaining a strong security posture. You will establish a vulnerability management program that includes identifying, assessing, prioritizing, and driving remediation efforts across the organization.

You will oversee the external penetration testing program, working closely with third-party vendors to scope assessments and track remediation efforts. Additionally, you will perform internal penetration testing and security assessments to identify potential vulnerabilities in applications and infrastructure.

Your role will also involve developing and testing incident response runbooks, ensuring that the team is prepared to respond effectively to security incidents. You will create security dashboards and alert triage processes to enhance the visibility of security events across the organization.

As the first dedicated security leader, you will have the opportunity to shape the security culture at Kikoff and build a team as the security program matures. You will collaborate with engineering teams to ensure that security is integrated into the development lifecycle, enabling rapid innovation without compromising security.

What we offer

Kikoff offers a dynamic work environment where you can make a significant impact on the company's security posture. You will have the opportunity to work with cutting-edge technologies and contribute to the development of a robust security program. We encourage you to apply even if your experience doesn't match every requirement, as we value diverse perspectives and backgrounds.

You will be part of a collaborative team that values security as a key component of our engineering efforts. We provide opportunities for professional growth and development, allowing you to expand your skills and advance your career in the cybersecurity field.