Senior Security Engineer

Float is on a mission to simplify finance for Canadian businesses, empowering them to eliminate complexity and unlock new opportunities. Through our innovative platform, Float enables businesses to streamline financial operations and optimize cash flow, so they can focus on what matters most: growth.

As one of Canada’s fastest growing companies and top‑rated startups in 2024 and 2023, Float is customer‑obsessed, passionate and entrepreneurial, with a team that includes leaders from Uber, Shopify, Top Hat, TouchBistro, Bill, Stripe, and Ada.

At Float, everyone is an owner, bringing their unique perspective to our team and product. Your voice is important, and we take having a culture based on feedback seriously. We openly share our thoughts and differing opinions so we can continue to improve. We do our best to keep our decision‑making decentralized so that all team members feel ownership in our success.

Float is Canada’s complete business finance platform, combining modern financial services and software to help businesses spend, save, and grow. Trusted by 5000+ Canadian companies, Float provides high‑limit corporate cards, automated expense management, next‑day bill payments, high‑yield accounts and fast, friendly support—all built in Canada, for Canada. Float is backed by world‑class venture and fintech investors, including Growth Equity at Goldman Sachs Alternatives and OMERS Ventures, partners behind our $70 million Series B raise.

Our team is a collection of ambitious, collaborative and mission‑driven people from all walks of life but with one goal: helping Canadian companies not just survive but thrive. And we’re looking for bold innovators to help shape the future of business finance in Canada.

We use technology, including artificial intelligence (AI), to support parts of our hiring process. This may include AI‑assisted scheduling and candidate communications, and AI‑generated interview notes, guides or summaries to help our team focus on the conversation. All hiring decisions are made by our hiring team.

Float is building modern financial tools for businesses, and security is at the heart of earning customer trust. As a Senior Security Engineer, you’ll help us build and enforce the guardrails that let Float ship fintech features faster and with confidence. You’ll lead initiatives that turn “tooling installed” into controls enforced and measured, working hands‑on across Float’s infrastructure tool stack.

This role combines technical depth with a builder’s mindset. You’ll design secure patterns for infrastructure and application teams, automate evidence for PCI DSS 4.0 and SOC 2, and reduce risk through practical, measurable controls. You’ll partner closely with Platform, Engineering, IT, and Risk & Compliance to make security part of how Float operates every day.

• Owning and improving AWS and GitHub security guardrails, including IAM, OIDC, network segmentation, and CI/CD hardening.
• Leading automation for vulnerability management and cloud posture using our security tools and infrastructure‑as‑code.
• Partnering with developers to embed secure SDLC practices, including dependency scanning, secret management, and threat modeling for high‑risk features.
• Helping mature endpoint and identity security while ensuring full coverage and strong baselines.
• Tuning and expanding detection and response capabilities, developing playbooks, alert pipelines, and response automation.
• Contributing to evidence automation for PCI DSS 4.0 and SOC 2, ensuring “compliance by default.”
• Championing security metrics that matter: coverage, time‑to‑remediate, and control effectiveness.

• You Put Customers First, Always. You care deeply about delivering meaningful value. Whether you're building internal systems or customer‑facing features, you’re always thinking about how to make life better for our users.
• You Act Like an Owner. You take responsibility for outcomes, step up to challenges, and seek solutions proactively—doing what’s best for the business, not just your role.
• You Think Big and Move Fast. You’re energized by building from 0 to 1. You’re not afraid to challenge the status quo, experiment quickly, and learn as you go.
• You Constantly Learn and Grow. You’re hungry to improve your craft and open to feedback. You bring a growth mindset to everything you do.
• You Raise the Bar. You care about doing things well and efficiently. You balance speed with rigor and always look for ways to improve how we work.
• You Win as a Team. You’re a generous collaborator who values communication, context, and shared wins. You lift others up and help make the team stronger.

• Technical Skills and Experience
  • Strong background in security, authentication, infrastructure, and cloud technologies, including vulnerability management and threat detection/remediation.
  • Familiarity with integrating security practices into CI/CD pipelines, ideally using tools such as Buildkite.
  • Understanding of Infrastructure as Code (IaC) security, particularly with Terraform.
  • Knowledge of compliance frameworks such as SOC 2 and ISO 27001.
  • Experience with risk assessment and management in cloud environments, as well as network monitoring and intrusion detection/prevention.
  • Hands‑on experience with vulnerability scanning tools and methods for identifying, prioritizing, and remediating vulnerabilities.
  • Strong grasp of common security vulnerabilities (e.g., OWASP Top Ten) and security testing techniques.
  • Experience with Auth0 and Okta for user management, SSO, and MFA.
  • Familiarity with implementing and managing IAM policies, RBAC, and user lifecycle best practices.
  • Experience securing PostgreSQL databases (access control, encryption, auditing).
  • Proficiency in Python for scripting, automation, and API integrations, including developing and maintaining security automation tools.
• Personal Attributes and Mindset
  • You can explain complex technical problems in simple terms, adapting your communication for different stakeholders.
  • You understand the business context and how your role supports the company’s vision and strategy.
  • You’re strategic yet detail‑oriented, capable of balancing long‑term goals with immediate tactical execution.
  • You ruthlessly prioritize competing demands and manage multiple responsibilities effectively.
  • You’re curious and committed to continuous learning, seeking to understand the “why” behind every solution and engaging thoughtfully in technical discussions.
  • You adapt quickly to change and maintain focus in a dynamic, evolving environment.

• You’re not extremely detail oriented
• You aren’t a self‑starter and don’t like to work independently
• You’re not comfortable wearing multiple hats
• You don’t like change and adapting to new ways of doing things
• You aren’t comfortable with ambiguity
• You aren’t able to translate technical jargon into simple language
• You lack patience for iterative work
• You want detailed to‑dos for your tasks and projects
• You’re not keen on learning new things
• You don’t have strong stakeholder management skills
• You don’t like regular feedback on your work

We believe in flexible work supported by meaningful in‑person collaboration. Team members within commuting distance of our Toronto office work in a hybrid model, while those based farther away primarily work remotely with occasional travel to Toronto for in‑person time. Specific expectations can vary by role and will be discussed during the interview process.

• Work at one of Canada’s fastest‑growing fintech companies
• Make a real impact in a high‑autonomy, high‑growth role
• Collaborate with an ambitious and supportive team
• Competitive compensation, equity options, and benefits
• Hybrid work model – we are based in Toronto with in‑office days for connection and collaboration
• Enjoy catered team lunches every Tuesday, Wednesday and Thursday
• Bring your pup to our dog‑friendly office
• Thrive in a high‑trust, high‑performance culture where your work truly matters

At Float, you’ll thrive if you’re bold, curious, and eager to make a real impact. We’re building something special—and having a lot of fun along the way. If you’re excited to build, grow, and win together, we’d love to meet you.

We’re committed to building a workplace that’s welcoming and accessible for everyone. If you need any accommodations during the hiring process or once you join Float, just let us know! You can reach out to Vic (victoria@floatcard.com), and we’ll work with you to make sure you have what you need to succeed.