Security Specialist

Kojo Logo

Kojo

πŸ“Remote - Mexico

Summary

Join Kojo, a fast-growing construction technology company, as their Security Specialist. This individual contributor role blends hands-on technical work with audit readiness, policy management, and risk oversight. You will be responsible for SOC 2 compliance, AWS security, incident response, and access control. The position requires significant experience in security, infrastructure, or DevOps, including proven ownership of SOC 2 Type II audit cycles at a SaaS company. You will directly influence how security is built, enforced, and maintained across Kojo's infrastructure. Kojo offers a full suite of perks and benefits for US-based full-time employees, including a new hire equity grant and 100% remote work across North and South America.

Requirements

  • 5+ years in security, infrastructure, or DevOps roles
  • Proven ownership of SOC 2 Type II audit cycles at a SaaS company
  • Hands-on AWS security experience; familiarity with Terraform, CI/CD pipelines
  • Experience with tools like Datadog, Snyk, or other SIEM platforms
  • Strong written communication for policies, incident logs, and audit evidence
  • Startup-minded: proactive, self-sufficient, pragmatic, and collaborative

Responsibilities

  • Own and lead our SOC 2 Type I & II readiness, audits, and ongoing compliance
  • Develop and enforce internal security policies and controls
  • Improve and monitor AWS security posture (IAM, GuardDuty, encryption, etc.)
  • Manage secrets (Vault, AWS Secrets Manager), access, and vulnerability remediation
  • Triage real-time security alerts and lead incident response efforts
  • Support secure CI/CD practices, infrastructure as code, and engineering reviews
  • Partner with leadership and auditors for security reviews and vendor risk management

Preferred Qualifications

  • Familiarity with Vanta, Drata, ISO 27001, or similar compliance tools
  • Basic secure coding knowledge or experience with code review support
  • Experience supporting phishing simulations or employee security training

Benefits

  • This position is also eligible for a new hire equity grant and all US-based full time employees are eligible for our full suite of perks and benefits
  • Kojo’s team members work from home 100% of the time across North and South America

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.