Senior Security Engineer (Remote)

Toronto, Canada /
Engineering & Tech /
Full-Time
About KOHO
KOHO is a quickly scaling FinTech company backed by leading investors and advisors from around the world. We started KOHO because we believe in doing two things:

Democratizing access to the best financial products and giving everyone a great financial foundation.

Since our journey began 5 years ago, we’ve raised more the $60M, grown the KOHO Collective to over 100 employees and created accounts for more than 250,000 Canadians.

About the Role
The KOHO team is changing financial services in Canada and we are looking for a Senior Security Engineer to help manage KOHO’s infrastructure.  You come with knowledge of the current and emerging security capabilities of AWS and GCP.  In this role, you are expected to stay up-to-date on the evolution of both the defensive and offensive fronts of cybersecurity.

Please Note: This is a remote position based in Canada that is available to those who are legally entitled to work in Canada.

Responsibilities

    • SecOps
    • Build and support Cloud Infrastructure Security
    • Lead engineering teams in identifying and addressing security issues
    • Monitor product cybersecurity threats and vulnerabilities
    • Support planned and ad-hoc Risk Assessment (e.g. Threat and Risk Analysis) of cloud and systems
    • Deliver design and technical architecture and tactical support focusing on Cloud Platforms and Application Services Security
    • Build up and maintain capabilities to support privacy requirements for sensitive data

Desired Skills & Experience

    • 5+ years of relevant experience in AWS and/or GCP
    • Strong problem solving skills and attention to detail
    • Coding experience in Bash, Python, Golang or JavaScript
    • Strong hands-on experience with the security features of components like CDN, WAF, Kubernetes, IAM, Cloudtrail, Trusted Advisor, KMS, Secrets Manager, Guard Duty, Container scanning, Bastion hosts, DLP
    • DevOps tools and CI/CD
    • Understanding of standard network protocols: HTTP, DNS, TCP IP, UDP, SSH
    • Security monitoring and intrusion detection
    • Incident identification and handling
    • Network protocols and secure network design
    • Operating system internals and hardening (e.g. Windows, Linux, OS X, Android)
    • Web application and browser security
    • Authentication and access control
    • Applied cryptography and security protocols

Nice-to-Have Skills

    • Relevant Administrative and Security certifications from AWS or GCP
    • Previous experience as SecOps, DevOps, SRE or Systems Engineer
    • Experience embedding security in the Software Development Lifecycle (SDLC)
Joining the (lovely!) KOHO Team

We invest time and resources into making sure KOHO is as good as the people we hire. Our culture is one of collaboration, creativity, and diverse perspective. Here are some of the reasons we attract the best people:

Balance Your Life - Unlimited PTO, generous vacation, and a lifestyle spending account
Level Up - Access to an in-house certified performance coach
Reach Your Goals - Salary assessments twice a year, annual training allowance
The KOHO Culture - We have won 5 "Great Place to Work ®" awards since 2019


The Fine Print

We are an equal opportunity employer and value diversity and uniqueness at our company.

KOHO is trusted with highly sensitive information. Upon joining the team, you may be asked to undergo security screening including a criminal record check.