Senior Security Engineer

About the Company
A fast-growing Canadian fintech on a mission to simplify business finance, helping companies streamline financial operations, optimize cash flow, and focus on growth. The company offers a full-suite business finance platform trusted by thousands of Canadian businesses, including corporate cards, automated expense management, next-day bill payments, high-yield accounts, and fast, friendly support. With backing from top venture and fintech investors, this is an opportunity to join a team of ambitious, collaborative, and mission-driven innovators shaping the future of business finance in Canada.

About the Role
Security is central to delivering trust in fintech. As a Senior Security Engineer, you will design, implement, and enforce security guardrails that allow engineering teams to ship features faster and with confidence. You’ll work hands-on across infrastructure and application systems, automating compliance evidence, embedding secure patterns, and reducing risk through practical, measurable controls.

You will partner closely with Platform, Engineering, IT, and Risk & Compliance teams to ensure security is woven into everyday operations. This role blends technical depth with a builder’s mindset and offers the chance to shape how a high-growth fintech approaches security at scale.

What You'll Be Responsible For

• Own and improve security guardrails across cloud infrastructure and CI/CD pipelines, including IAM, OIDC, network segmentation, and workflow hardening.

• Lead automation for vulnerability management, cloud posture, and security monitoring using infrastructure-as-code practices.

• Partner with development teams to embed secure SDLC practices, including dependency scanning, secret management, and threat modeling for high-risk features.

• Enhance endpoint and identity security, ensuring robust baselines and coverage.

• Develop detection and response capabilities, including playbooks, alert pipelines, and response automation.

• Contribute to compliance automation for SOC 2 and PCI DSS 4.0, ensuring “compliance by default.”

• Champion meaningful security metrics, such as coverage, time-to-remediate, and control effectiveness.

About You

• Strong background in security, authentication, infrastructure, and cloud technologies, with experience in vulnerability management and threat detection/remediation.

• Skilled at integrating security into CI/CD pipelines and familiar with Infrastructure as Code (IaC) security practices, ideally with Terraform.

• Knowledge of compliance frameworks such as SOC 2 and ISO 27001, and experience with risk assessment and cloud security monitoring.

• Hands-on experience with IAM policies, RBAC, SSO/MFA (Auth0, Okta), and securing PostgreSQL databases.

• Proficiency in Python for scripting, automation, and API integration.

• Ability to communicate complex technical problems clearly to diverse stakeholders.

• Strategic yet detail-oriented, capable of balancing long-term goals with immediate execution.

• Self-starter comfortable with ambiguity, iterative work, and cross-functional collaboration.

Why You Should Join

• Work at a leading Canadian fintech on a mission to transform business finance.

• High-autonomy, high-impact role where your work directly influences security and growth.

• Collaborative and supportive team culture.

• Competitive compensation with equity options and benefits.

• Hybrid work model with in-office days for team connection and collaboration.

• Dog-friendly office and catered team lunches twice a week.

Comp:

Competitive base + equity options and benefits