Security Analyst

Kin is redesigning insurance to be smarter, faster, and centered on the customer. We use intelligent pricing, offer seamless bundling, and make every step (from purchasing, servicing to claims) simple and friction-free, especially in the places traditional insurers often ignore.

We empower people to protect what matters most, starting with their homes and expanding to all they value, in a world where climate risks, rising costs, and outdated systems leave too many behind. Our approach has fostered amazing growth, attracted marquee investors, and earned us accolades, including being named to:

• Built In Chicago's Best Places to Work, Midsize Companies (2021-2025).

• Forbes' America's Best Startup Employers (2021- 2024, Ranked #37 in 2024).

• Inc. 5000 Fastest-Growing Private Companies.

• Forbes’ Fintech 50.

Simply put, our people are what make us great – we need forward-thinking, inspired game-changers like you to join us in our mission.

So, what’s the role?

Kin is seeking a Security Analyst to join our growing cybersecurity team. This role is ideal for someone with a few years of hands-on experience in governance, risk, and compliance (GRC) or security operations, who’s ready to step into more responsibility while continuing to learn and grow. You’ll focus on strengthening our cybersecurity controls testing, vendor risk management, and risk assessment processes, working closely with stakeholders across the business to support and scale our security program.

Cybersecurity Controls Testing

• Lead and support testing of internal controls across frameworks such as NIST CSF, SOC2, and PCI DSS.

• Manage control evidence gathering and validation to support audits and continuous compliance.

• Document results, track remediation efforts, and collaborate with teams to address gaps.

Cybersecurity Risk Management

• Maintain and update Kin’s cybersecurity risk register, supporting timely tracking and mitigation of key risks.

• Conduct risk assessments for new technologies, vendors, and business processes.

• Communicate risk findings effectively to technical and non-technical stakeholders.

Vendor Risk Management

• Own the vendor security review process, including assessing security documentation, assigning risk ratings, and following up on open items.

• Partner with legal, procurement, and business units to ensure vendors meet Kin’s security standards.

• Support automation and documentation of the third-party risk process in GRC tooling.

GRC Tooling and Operations

• Configure and optimize GRC platforms (e.g., Drata, OneTrust) to manage controls, assessments, and risk workflows.

• Help integrate GRC tooling with other systems to improve visibility and reduce manual work.

• Cloud Security & Control Validation

• Work with infrastructure and DevOps teams to validate cloud security controls in AWS, including IAM, networking, and logging.

• Assist in maintaining documentation and mapping of technical controls to compliance requirements.

Awareness & Enablement

• Develop internal resources, communications, and training to help teams understand and meet security and compliance expectations.

• Serve as a resource for security-related questions from teams across the business.

• 3–5 years of experience in a cybersecurity, GRC, IT audit, or risk-focused security role.

• Hands-on experience with controls testing, vendor security reviews, and cybersecurity risk assessments.

• Familiarity with frameworks like NIST CSF, SOC2, PCI DSS, and relevant audit processes.

• Experience with GRC tools (e.g., Drata, OneTrust, or similar platforms).

• Basic working knowledge of cloud platforms like AWS.

• Excellent communication and documentation skills.

Preferred, but not required

• Certifications such as Security+, CISA, CCSK, AWS Cloud Practitioner or related GRC/security credentials.

• Experience with data privacy compliance (e.g., GDPR, CCPA).

• Familiarity with DevSecOps practices, BCP/DR planning, or SIEM tooling.

Oh, and don’t worry, we’ve got you covered! 

We offer a comprehensive benefits program, allowing you to choose the benefits that are best for you and your family including: Medical, Dental, Vision, Life Insurance and Disability Insurance options, Employee Assistance Program, as well as elective voluntary benefits such as accident insurance, hospital indemnity, critical illness, legal assistance and pet insurance.  

In addition to these benefits, we also are excited to offer the following: 

• Competitive salary and equity  

• 401K with company match of up to 4%  

• Flexible PTO for exempt employees, along with 8 company-observed holidays 

• A paid parental leave program that provides 100% salary continuation of up to 14 weeks for birthing parents and 8 weeks for non birthing parents 

• Continuing education and professional development opportunities

Kin will accept applications for this role until June 30, 2025

For Sales Agents and Customer Service Agents: These roles sit in any of the following 30 states: AL, AZ, CO, FL, ID, IL, IN, KS, KY, MA, MD, ME, MI, MN, MO, MT, NC, NE, NM, NV, NY, OH, OK, PA, SC, TN, TX, UT, VT, VA, WA, and WI.

For all other positions, these roles can sit in any of the following 40 states: AL, AR, AZ, CA (exempt only), CO, CT, FL, GA, ID, IL, IN, IA, KS, KY, MA, ME, MD, MI, MN, MO, MT, NC, NE, NJ, NM, NV, NY, OH, OK, OR, PA, SC, SD, TN, TX, UT, VT, VA, WA, and WI. Please only apply if you are able to live and work full-time in one of the states listed above.

State locations and specifics are subject to change as our hiring requirements shift.

About Kin

Kin is the only pure-play, direct-to-consumer digital insurer focused on the growing home insurance market. We make policies convenient and affordable through a technology platform that delivers a seamless user experience, customized options for coverage, and fast, high-quality claims service. Kin is a fully licensed carrier that offers coverage through its reciprocal exchanges which are owned by its policyholders. To learn more, visit www.kin.com.

EEOC Statement

Kin is proud to be an Equal Employment Opportunity and Affirmative Action Employer. We don't just accept difference – we honor it, nurture it, and celebrate it. We don’t discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.