Engineering Manager, Security Engineering

Float is on a mission to simplify finance for Canadian businesses, empowering them to eliminate complexity and unlock new opportunities. Through our innovative platform, Float enables businesses to streamline financial operations and optimize cash flow, so they can focus on what matters most: growth.

As one of Canada’s fastest growing companies and top-rated startups in 2024 and 2023, Float is customer-obsessed, passionate and entrepreneurial, with a team that includes leaders from Uber, Shopify, Top Hat, TouchBistro, and Ada.

At Float, everyone is an owner, bringing their unique perspective to our team and product. Your voice is important, and we take having a culture based on feedback seriously. We openly share our thoughts and differing opinions so we can continue to improve. We do our best to keep our decision-making decentralized so that all team members feel ownership in our success.

Float is Canada’s complete business finance platform, combining modern financial services and software to help businesses spend, save, and grow. Trusted by 5000+ Canadian companies, Float provides high-limit corporate cards, automated expense management, next-day bill payments, high-yield accounts and fast, friendly support—all built in Canada, for Canada. Float is backed by world-class venture and fintech investors, including Growth Equity at Goldman Sachs Alternatives and OMERS Ventures, partners behind our $70 million Series B raise.

Our team is a collection of ambitious, collaborative and mission-driven people from all walks of life but with one goal: helping Canadian companies not just survive but thrive. And we’re looking for bold innovators to help shape the future of business finance in Canada.

Security is foundational to earning and keeping customer trust. As the Security Engineering Manager, you will lead Float’s security engineering function with a primary focus on Application Security and DevSecOps, while partnering closely with Infrastructure, IT, and Operations teams on broader security outcomes.

You will guide a technical, high-impact team that enables Float to ship new financial features quickly, safely, and with confidence by embedding secure-by-default practices into engineering workflows. This role blends people leadership, hands‑on security engineering, and architectural decision‑making in a fast-moving fintech environment.

This is a hands‑on role. You should expect to spend approximately 60% of your time on direct technical contribution, especially as the security function continues to mature, with the remaining time focused on coaching, strategy, and cross‑functional leadership.

• Build, mentor, and lead a high‑performing security engineering team with a strong emphasis on Application Security and DevSecOps.
• Develop and execute the security engineering roadmap, balancing long‑term architecture with near‑term delivery needs.
• Partner with engineering and product leadership to ensure security is integrated into planning, design, and execution.

• Own and enhance CI/CD and developer‑workflow security, including OIDC signing, pipeline hardening, artifact integrity, secret distribution, and container security.
• Define secure architecture patterns and baseline configurations for cloud services, backend systems, and infrastructure‑as‑code (Terraform).
• Build scalable, measurable controls that enforce least privilege and prevent misconfigurations.
• Embed secure SDLC practices across engineering through automated code scanning, dependency scanning, secrets management, and threat modeling.
• Develop secure patterns for authentication, authorization, API design, and sensitive data handling.
• Support engineers in evaluating high‑risk features and designing effective mitigation strategies.
• Partner with Infrastructure and Operations teams to mature detection and response capabilities, including alerting, logging, tuning, and automation.
• Lead incident response readiness through simulations, playbooks, and post‑incident improvements.
• Automate vulnerability management, cloud posture monitoring, and compliance evidence collection for SOC 2 and PCI DSS 4.0.
• Partner with IT to maintain strong endpoint, identity, and device‑trust baselines across the organization.
• Support third‑party risk management efforts as they relate to application and platform security.

You’ll lead with empathy, clarity, and ownership—core to how we operate at Float. You’ll foster a culture where security engineers feel empowered to make decisions, challenge assumptions, and take pride in their impact. Most importantly, you’ll ensure security is viewed not as a gate, but as an enabler—helping teams move fast while managing risk intelligently.

• Experience leading security engineering teams with a strong focus on Application Security and DevSecOps, and exposure to infrastructure and operational security.
• Strong technical depth in AWS security, IAM, network design, CI/CD hardening, and cloud‑native architectures.
• Hands‑on experience with infrastructure‑as‑code, cloud posture tooling, and vulnerability management workflows.
• Deep understanding of secure software development practices and common application‑layer risks (e.g., OWASP Top 10).
• Familiarity with PCI DSS 4.0, SOC 2, and automating evidence or control enforcement.
• Experience with identity platforms such as Auth0, Okta, and OIDC.
• Proficiency in scripting (Python preferred) for automation, metrics, and integrations.
• Excellent communication and stakeholder management skills.
• Experience in fintech, payments, or other correctness‑critical domains is strongly preferred but not required.

• Take ownership and enjoy building systems, teams, and scalable processes from the ground up.
• Communicate complex security concepts clearly and pragmatically.
• Balance deep technical execution with strategic thinking.
• Are comfortable operating in ambiguity and evolving environments.
• Enjoy coaching and elevating engineers.
• Prioritize ruthlessly and execute with focus.
• Use automation wherever possible to reduce manual work.

• You prefer policy over hands‑on engineering.
• You are uncomfortable being deeply technical.
• You struggle with ambiguity or rapid change.
• You don’t enjoy cross‑functional collaboration or developing engineers.
• You prefer rigid structure and fully defined tasks.

• Work at one of Canada’s fastest‑growing fintech companies.
• Make a real impact in a high‑autonomy, high‑growth role.
• Collaborate with an ambitious and supportive team.
• Competitive compensation, equity options, and benefits.
• Hybrid work model – we are based in Toronto with in‑office days for connection and collaboration.
• Enjoy catered team lunches every Tuesday, Wednesday and Thursday.
• Bring your pup to our dog‑friendly office.
• Thrive in a high‑trust, high‑performance culture where your work truly matters.

At Float, you’ll thrive if you’re bold, curious, and eager to make a real impact. We're building something special—and having a lot of fun along the way. If you’re excited to build, grow, and win together, we’d love to meet you.

We’re committed to building a workplace that’s welcoming and accessible for everyone. If you need any accommodations during the hiring process or once you join Float, just let us know! You can reach out to Vic (victoria@floatcard.com), and we’ll work with you to make sure you have what you need to succeed.