Kikoff
About The Role
You'll be our first dedicated security leader, owning the technical execution of our security and compliance program.
You’ll drive SOC 2 and PCI DSS compliance, manage our vulnerability program, and build security capabilities that enable our engineering teams to move fast while staying secure. This is a hands‑on role—you’ll design controls, write policies, respond to incidents, and work directly with auditors.
This is initially an individual contributor role with high impact and visibility. As our security program matures, you’ll have the opportunity to build and lead a security team.
Own Compliance
Lead SOC 2 Type II and PCI DSS programs through successful audit
Design and implement security controls without blocking velocity
Serve as primary technical contact for external auditors and assessors
Manage third‑party vendor security assessments and ongoing monitoring
Build automated evidence collection and continuous compliance monitoring
Report security metrics and program status to executive leadership
Manage Security Operations
Establish vulnerability management program with defined SLAs and remediation workflows
Own end‑to‑end vulnerability management: identify, assess, prioritize, and drive remediation to completion across infrastructure and applications
Manage external penetration testing program with third‑party vendors, including scoping, assessment review, and remediation tracking
Perform internal penetration testing and security assessments of applications, APIs, and infrastructure
Build SIEM detection rules, security dashboards, and alert triage processes
Develop and test incident response runbooks
Conduct threat modeling for critical systems and architectural changes
Lead security assessments of new technologies and third‑party integrations
Enable & Collaborate
Partner with platform engineering to implement security roadmap: AWS landing zone design, PAM/JIT workflows, account segmentation, disaster recovery testing
Enforce enterprise security controls (SSO, secrets management, RBAC)
Build and deliver security awareness training program for all employees
Develop and maintain security policies, standards, and procedures
Translate compliance requirements into actionable engineering tasks and drive completion
You Have Security & Compliance
5+ years in information security, with 2+ years in fintech or a highly regulated industry
CISSP certification (or actively pursuing – must obtain within 12 months of hire)
Hands‑on experience leading SOC 2 and PCI DSS audits from start to finish
Strong incident response background – you've led real security incidents
Experience with vulnerability management platforms (Wiz, Snyk, Tenable)
Technical Skills
Solid understanding of AWS security: IAM, Security Hub, GuardDuty, CloudTrail, KMS
Experience with SIEM platforms (Splunk, Datadog, Elastic) – you can write detection rules and build dashboards
Hands‑on experience with vulnerability assessment and penetration testing tools (Burp Suite, Nessus, Qualys, or similar)
Ability to read code (Ruby, JavaScript, Python) and assess security implications
Knowledge of web application security, API security, and OWASP Top 10
Understanding of access control patterns (PAM, SSO, RBAC, least privilege)
Core Competencies
Strong communication – you can explain risks to engineers and executives alike
Pragmatic risk management in fast‑paced environments
Self‑starter who builds programs from scratch
Collaborative mindset – security as enabler, not blocker
Ability to drive remediation to completion across teams
Nice to Have
Additional certifications (CISM, CISA, CCSP, CEH, OSCP, CRISC)
Experience managing WAF deployments (Palo Alto, Cloudflare, AWS WAF)
Infrastructure‑as‑code experience (Pulumi, Terraform)
Kubernetes security knowledge
SOAR platform experience
DevSecOps or security automation background
Scripting skills (Python, Bash) for security tooling and automation
Kikoff Kikoff is a FinTech unicorn powering financial progress with AI. Our mission is to provide radically affordable financial tools to help consumers achieve financial security. Founded in 2019, we serve millions of people, many building credit or navigating life paycheck to paycheck. We simplify credit building, reduce debt, and expand access to financial opportunities.
Why Kikoff This is a consumer fintech startup where you will work with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and relationships.
Benefits
Medical, dental, and vision coverage – Kikoff covers the full cost of health insurance for the employee
Meaningful equity in the form of RSUs
Flexible vacation policy
Competitive pay based on experience (base + equity + benefits)
Hybrid location – 3 days onsite in San Francisco, CA
Visa sponsorship available for H1‑B visas and U.S. green cards for exceptional talent
Equal Employment Opportunity Statement kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and consider qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
If you need reasonable accommodation for a job opening, please connect with us at talent@kikoff.com and describe the specific accommodation requested for a disability-related limitation.
San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, Kikoff will consider for employment qualified applicants with arrest and conviction records.
#J-18808-Ljbffr
This is initially an individual contributor role with high impact and visibility. As our security program matures, you’ll have the opportunity to build and lead a security team.
Own Compliance
Lead SOC 2 Type II and PCI DSS programs through successful audit
Design and implement security controls without blocking velocity
Serve as primary technical contact for external auditors and assessors
Manage third‑party vendor security assessments and ongoing monitoring
Build automated evidence collection and continuous compliance monitoring
Report security metrics and program status to executive leadership
Manage Security Operations
Establish vulnerability management program with defined SLAs and remediation workflows
Own end‑to‑end vulnerability management: identify, assess, prioritize, and drive remediation to completion across infrastructure and applications
Manage external penetration testing program with third‑party vendors, including scoping, assessment review, and remediation tracking
Perform internal penetration testing and security assessments of applications, APIs, and infrastructure
Build SIEM detection rules, security dashboards, and alert triage processes
Develop and test incident response runbooks
Conduct threat modeling for critical systems and architectural changes
Lead security assessments of new technologies and third‑party integrations
Enable & Collaborate
Partner with platform engineering to implement security roadmap: AWS landing zone design, PAM/JIT workflows, account segmentation, disaster recovery testing
Enforce enterprise security controls (SSO, secrets management, RBAC)
Build and deliver security awareness training program for all employees
Develop and maintain security policies, standards, and procedures
Translate compliance requirements into actionable engineering tasks and drive completion
You Have Security & Compliance
5+ years in information security, with 2+ years in fintech or a highly regulated industry
CISSP certification (or actively pursuing – must obtain within 12 months of hire)
Hands‑on experience leading SOC 2 and PCI DSS audits from start to finish
Strong incident response background – you've led real security incidents
Experience with vulnerability management platforms (Wiz, Snyk, Tenable)
Technical Skills
Solid understanding of AWS security: IAM, Security Hub, GuardDuty, CloudTrail, KMS
Experience with SIEM platforms (Splunk, Datadog, Elastic) – you can write detection rules and build dashboards
Hands‑on experience with vulnerability assessment and penetration testing tools (Burp Suite, Nessus, Qualys, or similar)
Ability to read code (Ruby, JavaScript, Python) and assess security implications
Knowledge of web application security, API security, and OWASP Top 10
Understanding of access control patterns (PAM, SSO, RBAC, least privilege)
Core Competencies
Strong communication – you can explain risks to engineers and executives alike
Pragmatic risk management in fast‑paced environments
Self‑starter who builds programs from scratch
Collaborative mindset – security as enabler, not blocker
Ability to drive remediation to completion across teams
Nice to Have
Additional certifications (CISM, CISA, CCSP, CEH, OSCP, CRISC)
Experience managing WAF deployments (Palo Alto, Cloudflare, AWS WAF)
Infrastructure‑as‑code experience (Pulumi, Terraform)
Kubernetes security knowledge
SOAR platform experience
DevSecOps or security automation background
Scripting skills (Python, Bash) for security tooling and automation
Kikoff Kikoff is a FinTech unicorn powering financial progress with AI. Our mission is to provide radically affordable financial tools to help consumers achieve financial security. Founded in 2019, we serve millions of people, many building credit or navigating life paycheck to paycheck. We simplify credit building, reduce debt, and expand access to financial opportunities.
Why Kikoff This is a consumer fintech startup where you will work with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and relationships.
Benefits
Medical, dental, and vision coverage – Kikoff covers the full cost of health insurance for the employee
Meaningful equity in the form of RSUs
Flexible vacation policy
Competitive pay based on experience (base + equity + benefits)
Hybrid location – 3 days onsite in San Francisco, CA
Visa sponsorship available for H1‑B visas and U.S. green cards for exceptional talent
Equal Employment Opportunity Statement kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and consider qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
If you need reasonable accommodation for a job opening, please connect with us at talent@kikoff.com and describe the specific accommodation requested for a disability-related limitation.
San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, Kikoff will consider for employment qualified applicants with arrest and conviction records.
#J-18808-Ljbffr