Remote (Global)

Kojo is hiring a Security Specialist

About the Role

Kojo is looking for a Security Specialist to lead and scale our security and compliance efforts. This individual contributor role sits within the Infrastructure team and blends hands-on technical work with audit readiness, policy management, and risk oversight. You’ll be the go-to expert for SOC 2, AWS security, incident response, and access control as we grow.

What You'll Do

Own and lead our SOC 2 Type I & II readiness, audits, and ongoing compliance.
Develop and enforce internal security policies and controls.
Improve and monitor AWS security posture, including IAM, GuardDuty, and encryption.
Manage secrets, access, and vulnerability remediation using tools like Vault and AWS Secrets Manager.
Triage real-time security alerts and lead incident response efforts.
Support secure CI/CD practices, infrastructure as code, and engineering reviews.
Partner with leadership and auditors for security reviews and vendor risk management.

What We're Looking For

5+ years in security, infrastructure, or DevOps roles.
Proven ownership of SOC 2 Type II audit cycles at a SaaS company.
Hands-on AWS security experience.
Familiarity with Terraform and CI/CD pipelines.
Experience with tools like Datadog, Snyk, or other SIEM platforms.
Strong written communication for policies, incident logs, and audit evidence.
Startup-minded: proactive, self-sufficient, pragmatic, and collaborative.

Nice to Have

Familiarity with Vanta, Drata, ISO 27001, or similar compliance tools.
Basic secure coding knowledge or experience with code review support.
Experience supporting phishing simulations or employee security training.

Technical Stack

AWS
Terraform
Vault
AWS Secrets Manager
Datadog
Snyk

Team & Environment

This individual contributor role sits within the Infrastructure team.

Benefits & Compensation

New hire equity grant
Full suite of perks and benefits for US-based full time employees
Compensation is dependent upon experience level, skillset, market dynamics, and internal equity.

Work Mode

This role is open to candidates in North America and South America.

Kojo values diverse perspectives and is committed to building an inclusive workplace. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status.

Required Skills

AWSTerraformVaultAWS Secrets ManagerDatadogSnykCybersecurityCloud SecurityInfrastructure as CodeSecrets ManagementMonitoringVulnerability ManagementComplianceIncident Response AWSTerraformVaultAWS Secrets ManagerDatadogSnykCybersecurityCloud SecurityInfrastructure as CodeSecrets ManagementMonitoringVulnerability ManagementComplianceIncident Response

Need to work legally in Thailand?

Work permits without the paperwork nightmare

Thai immigration rules are strict and easy to get wrong. SVBL handles the bureaucracy — correct visa type, proper documentation, timely submissions. You focus on your work.

Right visa type for your situation

Document preparation & submission

Deadline tracking & renewals

Direct liaison with immigration

Talk to an expert

10+ years experience

About company

Kojo is a construction technology company making buildings cheaper and easier to build by transforming the way commercial construction companies buy their materials.

All jobs at Kojo Visit website

Job Details

Category security

Posted 9 months ago