Security Engineer

Tin Can is building a safer, simpler way for kids to connect — without smartphones. We're creating screen-free, delightful devices and services that let families call the people who matter most, free from the noise of today's digital world.

Parents trust us to keep their kids safe, which makes security not just a requirement, but a core part of our mission. As we continue to grow from a small prototype into a movement reaching families across the country, we're investing deeply in security as a foundation of trust for every family we serve.

The Security Engineer will be the guardian of Tin Can's safety and trust. You'll define, design, implement, and maintain the systems that protect our infrastructure, devices, and data that families rely on every day.

This is a role for someone who loves solving complex technical problems, anticipates risks before they become issues, and thrives on building a culture of safety across everything we make. You'll set the security vision while staying close to the code and infrastructure — balancing strategy with hands-on execution.

• Own Tin Can's security strategy and execution — from policies to implementation.

• Design and maintain secure cloud systems across our serverless architecture and supporting services.

• Ensure that our applications are designed and implemented to the highest security and privacy standards, maintaining and enhancing user trust.

• Identify and mitigate threats across cloud, API, and device layers — everything from misconfigurations to firmware or endpoint risks.

• Review and analyze designs, architectures, and systems — including services, networks, and applications — from a security perspective through testing, code review, threat modeling, and research.

• Discover and address emerging security issues, support incident response, and lead forensics, remediation, and cross-functional resolution efforts.

• Define and enforce access controls, key management, and identity strategies for internal and external services.

• Establish security standards, incident response plans, and data retention policies that keep our data and systems safe and secure.

• Partner with Engineering and Product to bake security into every new feature, API, and device lifecycle.

• Ensure Tin Can remains compliant with regulations and standards (e.g., COPPA, GDPR, SOC 2 down the road).

• Build team awareness and best practices, helping non-security engineers think securely.

• 5+ years of experience in security engineering, infrastructure, or related fields.

• Proven experience securing AWS and serverless environments (IAM, policies, encryption, CI/CD, monitoring).

• Strong understanding of application, API, and network security principles — particularly for distributed and event-driven systems.

• Advanced knowledge across multiple disciplines — including web and mobile application security, network security, secure system architecture, encryption, and cloud computing.

• Familiarity with IoT, MQTT, SIP, or WebRTC security concerns is a major plus.

• Hands-on experience implementing identity and access controls, token-based authentication, and data encryption.

• Ability to build from scratch — set up tooling, define processes, and establish secure-by-default patterns.

• Knowledge of or willingness to work toward compliance frameworks (COPPA, SOC 2, GDPR).

• A mix of strategic and hands-on — you can write the playbook and the policy.

• A passion for human-centered security — designing protection that enables connection, not friction.

• Mission: We're on a quest to give kids a more analog childhood—one with real conversations, real connection, and way less screen time. No doomscrolling, data mining, or dopamine traps—just a simpler, better way for kids to stay in touch. At Tin Can, security isn't a checkbox — it's how we earn and keep the trust of every family we serve. This is a rare opportunity to build something that truly matters: technology that protects what's most precious.

• Impact & Autonomy: This is the dream role for an engineer who wants to fully own building and scaling secure systems from the ground up — with the full backing of the founding team. You'll have both the autonomy and the responsibility to shape Tin Can's security vision, tools, and culture as we scale.

• Collaboration: Every company says "team," but at Tin Can it means something different. We're a small, mission-driven group that genuinely has each other's backs — professionally and personally. You'll be joining a tight-knit crew where your ideas and instincts matter from day one.

• Creative Freedom: You'll have the space to explore new ideas, challenge assumptions, and build secure systems that reflect our values of trust, simplicity, and care.

If you're driven by the idea of building technology families can trust — and you love the challenge of scaling secure systems that truly matter — we'd love to hear from you.