Lead security engineering team at Float, focusing on application security and DevSecOps. Collaborate across teams to enhance security practices and ensure safe feature delivery.
Responsibilities
Build, mentor, and lead a high-performing security engineering team with a strong emphasis on Application Security and DevSecOps.
Develop and execute the security engineering roadmap, balancing long-term architecture with near-term delivery needs.
Partner with engineering and product leadership to ensure security is integrated into planning, design, and execution.
Own and enhance CI/CD and developer-workflow security, including OIDC signing, pipeline hardening, artifact integrity, secret distribution, and container security.
Define secure architecture patterns and baseline configurations for cloud services, backend systems, and infrastructure-as-code (Terraform).
Build scalable, measurable controls that enforce least privilege and prevent misconfigurations.
Embed secure SDLC practices across engineering through automated code scanning, dependency scanning, secrets management, and threat modeling.
Develop secure patterns for authentication, authorization, API design, and sensitive data handling.
Support engineers in evaluating high-risk features and designing effective mitigation strategies.
Partner with Infrastructure and Operations teams to mature detection and response capabilities, including alerting, logging, tuning, and automation.
Lead incident response readiness through simulations, playbooks, and post-incident improvements.
Automate vulnerability management, cloud posture monitoring, and compliance evidence collection for SOC 2 and PCI DSS 4.0.
Partner with IT to maintain strong endpoint, identity, and device-trust baselines across the organization.
Support third-party risk management efforts as they relate to application and platform security.
Requirements
Experience leading security engineering teams with a strong focus on Application Security and DevSecOps, and exposure to infrastructure and operational security.
Strong technical depth in AWS security, IAM, network design, CI/CD hardening, and cloud-native architectures.
Hands-on experience with infrastructure-as-code, cloud posture tooling, and vulnerability management workflows.
Deep understanding of secure software development practices and common application-layer risks (e.g., OWASP Top 10).
Familiarity with PCI DSS 4.0, SOC 2, and automating evidence or control enforcement.
Experience with identity platforms such as Auth0, Okta, and OIDC.
Proficiency in scripting (Python preferred) for automation, metrics, and integrations.
Excellent communication and stakeholder management skills.
Experience in fintech, payments, or other correctness-critical domains is strongly preferred but not required.
Benefits
Competitive compensation, equity options, and benefits
Hybrid work model – we are based in Toronto with in-office days for connection and collaboration
Enjoy catered team lunches every Tuesday, Wednesday and Thursday
Bring your pup to our dog-friendly office
Thrive in a high-trust, high-performance culture where your work truly matters
Manager, Client Care Services oversees Client Care Coordinators and patient schedules to ensure efficient service delivery for government and private programs.
Senior Supplier Manager needed to lead vendor negotiations and contract execution in financial services. Focus on governance, risk mitigation, and stakeholder collaboration.
Engineering Manager managing AI capabilities behind GitLab Duo Chat. Leading a team to deliver AI - powered experiences across the GitLab DevSecOps platform.
Manager/Senior Manager, Cell Infrastructure at GitLab driving the technical direction and operational model for multi - cloud solutions. Establishing a high - impact team to enhance reliability and cost visibility.
Senior Organizational Change Manager needed for Government of Alberta remote contract. Develop change strategies, stakeholder analysis, and support transformation initiatives.
CNL is hiring a Manager, Enterprise Architecture for a 12 - month remote contract. Requires 10+ years IT experience, EA expertise, and TOGAF certification is an asset.
Manager of Engineering leading a high - performing team in Drill Autonomy and Technology at Caterpillar. Overseeing engineering activities and collaborating with cross - functional teams.
Principal Product Manager for GitLab, leading engineering insight strategy and analytics platform development. Collaborating with teams to enhance decision - making with data - driven insights.