Staff Trust & Assurance Engineer

Kikoff: The Fintech Powering Financial Security at Scale Kikoff is a profitable, pre-IPO fintech company on a mission to empower everyone to achieve financial security. With record revenue growth in 2025 and a unicorn valuation, we've built a suite of products that help millions of people build credit, access liquidity, and save money. We're scaling fast. Join us if you want to build something meaningful and help millions of people move forward financially. Why Kikoff: This is a consumer fintech startup, and you will be working with serial entrepreneurs who have built strong consumer brands and innovative products. We value extreme ownership, clear communication, a strong sense of craftsmanship, and the desire to create lasting work and work relationships. Yes, you can build an exciting business AND have real-life real-customer impact. About the Role As the Staff Trust & Assurance Engineer, you will report to the Lead of Security and be the first dedicated hire establishing Kikoff's Trust & Assurance function within Security. You will own the design, operation, and attestation of the cybersecurity controls that external auditors, regulators, and B2B customers rely on. The function is engineering-led, with a strong emphasis on automation, code-backed control operations, and AI-assisted evidence workflows. You will partner closely with the SOX Manager in the CFO org as a cybersecurity control owner, while owning the cyber compliance program end-to-end for SOC 2 and PCI. You will lead three connected work streams: security compliance (SOC 2, PCI, and IT general controls supporting SOX), customer assurance (questionnaires, trust portal, sub-processor inventory), and third-party risk management. What You Will Do Own Kikoff's SOC 2 Type II program end-to-end, including scoping, control design, evidence collection, walkthroughs, and external auditor management. Maintain Kikoff's PCI DSS self-attestation, including annual SAQ completion, scope analysis to ensure cardholder data remains with our payment processors, payment-vendor oversight, and monitoring product and engineering changes that could expand scope. Serve as the cybersecurity control owner for IT general controls supporting the SOX program, partnering with the SOX Manager on logical access, change management, and related areas. Operationalize the GLBA Safeguards Rule technical controls across the program elements. Source and steward the substantive cybersecurity content behind SEC Regulation S-K Item 106 disclosures, working with Legal on language and with the SOX Manager on disclosure controls. Own the customer and vendor security questionnaire pipeline, including reusable evidence libraries and a self-serve trust portal. Design and operate the internal cybersecurity control testing and continuous monitoring program in partnership with Security Engineering. Build policy-as-code, compliance-as-code, and AI-driven evidence automation that scales with the engineering organization. Serve as the primary cybersecurity audit contact for SOC 2, PCI, and customer-driven cyber assessments. About You 7+ years of experience in security compliance, GRC, or technical audit, with a primary focus on cloud-native environments. Has owned at least one SOC 2 Type II cycle end-to-end, including design, evidence, walkthroughs, and auditor defense. Hands-on experience with PCI DSS, including SAQ environments and tokenization-driven scope reduction. Able to read and modify code, infrastructure-as-code, and IAM policies. Comfortable working in Git-based engineering workflows and shipping changes through CI/CD. Understanding of cloud infrastructure and modern AI-native technologies. Demonstrated experience managing external auditors and translating control requirements into engineering deliverables. Excellent written communication, with the ability to produce auditor-ready documentation and engineering-ready specifications. Comfortable operating across functional boundaries, including Engineering, Legal, and Finance. Preferred Qualifications Prior experience as a control owner supporting SOX IT general controls audits in a pre-IPO or newly public company. Experience building or operating AI- or LLM-driven GRC automation, including custom agents, MCP servers, or evidence-collection pipelines. Background in IPO readiness or newly public company environments. Familiarity with ISO 27001, ISO 42001, FedRAMP, CMMC 2.x, or NIST 800-53. Base Range $260,700 — $304,700 USD Equal Employment Opportunity Statement Kikoff Inc. is an equal opportunity employer. We are committed to complying with all federal, state, and local laws providing equal employment opportunities and considers qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. Please reference the following for more information .

{
  "content_hash": "845a1bbb282877bf07b5b27f85500cf23f651a33cc3937c35a33f291cea013f8",
  "source_hash": "cb018d9a9d4c2e9a4dc5d8ad69f356e059477b134d6613c2cd2ae7dc025bd02f",
  "last_changed_at": "2026-06-02T12:10:31.835Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "San Francisco",
    "city": "San Francisco",
    "region": "CA",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.75
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T07:35:24.144Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "San Francisco",
      "city": "San Francisco",
      "region": "CA",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.75
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": null,
  "workplace_type": null,
  "salary_currency": null
}

{}

{
  "title": "Staff Trust & Assurance Engineer",
  "offices": [
    {
      "id": 4030839009,
      "name": "San Francisco Office",
      "location": "San Francisco, California, United States",
      "child_ids": [],
      "parent_id": null
    }
  ],
  "language": "en",
  "location": {
    "name": "San Francisco"
  },
  "metadata": [
    {
      "id": 5892040009,
      "name": "Base Range",
      "value": {
        "unit": "USD",
        "max_value": "304700.0",
        "min_value": "260700.0"
      },
      "value_type": "currency_range"
    }
  ],
  "updated_at": "2026-06-01T18:59:06-04:00",
  "departments": [
    {
      "id": 4031264009,
      "name": "Engineering",
      "child_ids": [
        4031271009,
        4031797009
      ],
      "parent_id": null
    }
  ],
  "company_name": "Kikoff",
  "requisition_id": 4156012009,
  "first_published": "2026-06-01T18:56:50-04:00",
  "application_deadline": null
}