Senior Product Security Engineer

Kin is on a mission to change home insurance from what it is to what it should be. Whether we’re leveraging data to create customizable coverage or providing claims service that goes above and beyond expectations, our members are at the heart of everything we do. In the face of ever-growing climate risk, they deserve an insurance company that cares about them. We aim to stick with our members through thick and thin.

We use efficient technology that lets homeowners buy directly from us to keep costs down. This is the essence of Kin. Our approach has fostered amazing growth, attracted marquee investors, and earned us accolades, including being named to:

• Built In Chicago's Best Places to Work, Midsize Companies (2021-2024).

• Forbes' America's Best Startup Employers (2021- 2023).

• Inc. 5000 Fastest-Growing Private Companies.

• Forbes’ Fintech 50.

Simply put, our people are what make us great – we need forward-thinking, inspired game-changers like you to join us in our mission.

So, what’s the role?

As a Senior Product Security Engineer, you’ll play a key role in shaping and strengthening our security posture. You’ll collaborate with engineering teams to design secure architectures, implement security controls, and drive DevSecOps best practices. Your work will balance security and business needs, ensuring scalable and resilient security solutions.

A day in the life could include: 

• Designing and implementing security solutions across cloud infrastructure, applications, and data protection.

• Partnering with developers, DevOps, and data teams to drive secure software development practices.

• Leading security architecture reviews, conducting threat modeling, and providing actionable risk assessments.

• Overseeing and optimizing GitHub Advanced Security (GHAS) adoption, ensuring teams effectively manage secret scanning, dependency security, and code scanning.

• Monitoring and evaluating emerging threats, security trends, and compliance requirements.

• Mentoring engineers on threat modeling, secure coding, and cloud security best practices.

• Acting as a Security Champion, advocating for security best practices across the organization.

• Engaging teams across the company to foster a security first mindset and embed security in day to day operations.

I’ve got the skills… but do I have the necessary ones?

• 5+ years of experience in security engineering, cloud security, or DevSecOps.

• Strong expertise in AWS security, Terraform, CI/CD pipelines, and automation.

• Experience with Docker, Kubernetes (EKS), and cloud security controls (IAM, VPCs, WAF, etc.).

• Proficiency in at least one programming language (Python, Ruby, etc.).

• Familiarity with security frameworks (NIST, ISO 27001) and regulatory compliance.

• Proven experience in threat modeling and identifying security risks early in the development process.

• Ability to hold engineering teams accountable for security findings and drive vulnerability management efforts.

• Hands on experience with GitHub Advanced Security (GHAS) and secure development practices.

• Excellent communication and problem-solving skills.

• Bachelor’s degree + certifications, technical training, or other audit and compliance relevant work experience

#LI-REMOTE

For Sales Agents and Customer Service Agents: These roles sit in any of the following 30 states: AL, AZ, CO, FL, ID, IL, IN, KS, KY, MA, MD, ME, MI, MN, MO, MT, NC, NE, NM, NV, NY, OH, OK, PA, SC, TN, TX, UT, VT, VA, WA, and WI.

For all other positions, these roles can sit in any of the following 40 states: AL, AR, AZ, CA (exempt only), CO, CT, FL, GA, ID, IL, IN, IA, KS, KY, MA, ME, MD, MI, MN, MO, MT, NC, NE, NJ, NM, NV, NY, OH, OK, OR, PA, SC, SD, TN, TX, UT, VT, VA, WA, and WI. Please only apply if you are able to live and work full-time in one of the states listed above.

State locations and specifics are subject to change as our hiring requirements shift.

About Kin

Kin is the only pure-play, direct-to-consumer digital insurer focused on the growing home insurance market. We make policies convenient and affordable through a technology platform that delivers a seamless user experience, customized options for coverage, and fast, high-quality claims service. Kin is a fully licensed carrier that offers coverage through its reciprocal exchanges which are owned by its policyholders. To learn more, visit www.kin.com.

EEOC Statement

Kin is proud to be an Equal Employment Opportunity and Affirmative Action Employer. We don't just accept difference – we honor it, nurture it, and celebrate it. We don’t discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.