Float Financial Solutions Inc. Simplify your business finance with smart corporate cards, fast bill payments, and expense management software. Get started today for free. Float is on a mission to simplify finance for Canadian businesses, empowering them to eliminate complexity and unlock new opportunities. Through our innovative platform, Float enables businesses to streamline spending and optimize cash flow, so they can focus on what matters most: growth. As one of Canada’s fastest growing companies and top-rated startups in 2024 and 2023, Float is customer-obsessed, passionate, and entrepreneurial, with a team that includes leaders from Uber, Shopify, Top Hat, Ritual, Ada, and more.
At Float, everyone is an owner, bringing their unique perspective to our team and product. Your voice is important, and we take having a culture based on feedback seriously. We openly share our thoughts and differing opinions so we can continue to improve. We do our best to keep our decision-making decentralized so that all team members feel ownership in our success.
About the Security Engineer role:
In this role, you will be responsible for protecting Float’s data and platforms from cyber threats, ensuring the security and integrity of our financial services platform. You will work closely with cross-functional teams, including engineering, product management, Infrastructure, and compliance, to design and implement robust security measures that align with industry best practices and regulatory requirements.
As a Security Engineer at Float, you will:
Develop, implement, and maintain security policies, standards, and procedures to safeguard sensitive financial data.
Conduct risk assessments and vulnerability assessments to identify security weaknesses and recommend remediation strategies.
Collaborate with engineering teams to integrate security controls into the software development lifecycle (SDLC) and promote secure coding practices.
Monitor security systems and incident response tools to detect and respond to potential security breaches in real-time.
Perform regular security audits, penetration testing, and threat modeling to ensure the ongoing security posture of applications and infrastructure.
Stay up-to-date with the latest security trends, vulnerabilities, and regulatory requirements affecting the fintech industry.
Provide security awareness training and support to employees and stakeholders to promote a culture of security across the organization.
Assist in the development and execution of disaster recovery and business continuity plans to mitigate risks associated with data loss.
Requirements:
Familiarity with integrating security practices into CI/CD pipelines, ideally using tools compatible with your existing setup (such as Buildkite).
Understanding of Infrastructure as Code (IaC) security, particularly with Terraform.
Knowledge of relevant compliance frameworks (e.g., SOC 2, ISO 27001).
Experience with risk assessment and management in cloud environments.
Experience with network monitoring and intrusion detection/prevention.
Experience with vulnerability scanning tools and methods for identifying, prioritizing, and remediating vulnerabilities (e.g. Wiz).
Understanding of common security vulnerabilities (e.g., OWASP Top Ten) and experience in security testing techniques.
Hands-on experience with Auth0 and Okta for user management, single sign-on (SSO), and multi-factor authentication (MFA).
Familiarity with implementing and managing IAM policies, RBAC, and best practices for user lifecycle management.
Experience with securing PostgreSQL databases (e.g., access control, encryption, auditing).
Proficiency in Python for scripting, automation, and API integrations.
Ability to create and maintain security automation tools and scripts.
Strong analytical and problem-solving skills.
Excellent communication skills for collaboration across teams.
You’ll be great in this role if:
You’re an owner. You love a challenge and take great satisfaction in tackling them head-on. You love being a pioneer and taking on any task (big or small) and driving it through to completion.
You’re able to explain complex problems in simple terms. Your ability to present a solution in an understandable way is vital.
You have solid technical skills. Strong skills in Security, Authentication, Infrastructure, Cloud technologies, Development, Vulnerability Management, and Threat detection and remediation.
You understand the business context. You'll be more effective if you understand how your role supports the business and where you can influence the vision and strategy of Float.
You’re comfortable with a fast-paced environment. Float is a dynamic environment and things can change quickly.
You have a strategic mindset. You act in the now but plan for the future.
You can balance attention to detail and strategic thinking. While it's important to delve into the details of your data, it's equally important to keep the big picture in mind.
You ruthlessly prioritize. Being able to effectively manage your workload and meet deadlines is crucial.
You’re eager to continue your own learning. You want to know the ‘why’ behind every answer.
This role won’t be a fit if:
You’re not extremely detail-oriented.
You are not open to a hybrid role.
You aren’t a self-starter and don’t like to work independently.
You’re not comfortable wearing multiple hats.
You don’t like change and adapting to new ways of doing things.
You aren’t comfortable with ambiguity.
You aren’t able to translate technical jargon into simple language.
You lack patience for iterative work.
You want detailed to-dos for your tasks and projects.
You’re not keen on learning new things.
You don’t have strong stakeholder management skills.
You don’t like regular feedback on your work.
Don’t meet every single requirement? If you’re excited about this role, and you strongly align with our values but your past experience doesn’t align perfectly, we encourage you to apply anyway. You may be the right candidate for this, or other future positions.
Perks of working at Float:
Flexible work hours and time off when you need to recharge.
Small team = lots of autonomy to make an impact.
Opportunity to work with and learn from a world-class team.
A personal Float card with a quarterly stipend to spend on what matters most to you.
A dog-friendly office.
Being able to say you empowered Canadian businesses, the heartbeat of our economy, to thrive and grow.
#J-18808-Ljbffr