VP, Infrastructure and Security

FloatMeSan Antonio, TX
$200,000 - $250,000

About The Position

We're hiring a VP of Infrastructure and Security to own and elevate our infrastructure strategy and security program at FloatMe. This role is an exciting opportunity for a security leader looking to grow into a CISO position. The ideal candidate should be very hands-on, not just a “policy manager”. We need someone who can sit in a compliance review one hour and be configuring security tooling themselves the next. Infrastructure - This candidate will have stewardship over our infrastructure including individual computer hardware, office infrastructure, cloud infrastructure, code security and infrastructure, app architecture and security, AI security, and critical partnerships architectures. Security - This candidate’s stewardship requires expertise in securing all of the above areas, help us pursue SOC2 compliance, and maintain the highest security for our users and staff. You’ll own our security roadmap, our compliance certifications, our partner security reviews, and the day-to-day technical operations that keep our members’ data safe. Hands-On Required - We’re a small, nimble team, which means this role requires the flexibility to switch gears between tactical execution and strategic planning. This role reports to our SVP of Engineering. If you’re excited to join a fast-moving fintech where you can build something meaningful, we’d love to hear from you!

Requirements

  • 10+ years’ of progressive experience in information security, with at least 2 years in a senior IC or leadership role. Prior leadership experience in a role adjacent to “VP of Infrastructure and Security” preferred. The key here is that you can both be the thinker and leader we need, but also still feel very comfortable being hands-on.
  • Demonstrated hands-on experience leading SOC 2 Type I/II audits from scoping through certification.
  • Practical knowledge of GLBA, PCI DSS, and other financial services compliance requirements.
  • Direct experience managing bank partner or enterprise security reviews (e.g., SIG, CAIQ, VSA questionnaires).
  • Proficiency with cloud security (AWS and Cloudflare preferred), including IAM, VPCs, CloudTrail, GuardDuty, or equivalents.
  • Hands-on experience with penetration testing methodologies or managing third-party pen test engagements.
  • Strong working knowledge of SIEM, EDR, vulnerability management, and secrets management tooling.
  • Experience building and running an incident response program, including playbooks and tabletop exercises.
  • Excellent written and verbal communication skills — you can explain technical risk to non-technical stakeholders.
  • Experience in fintech, neobank, lending, or another consumer financial services environment strongly preferred.
  • CISSP, CISM, CISA, or equivalent certification are a plus.

Nice To Haves

  • Read and review, or automate the review of server-side code for security (Golang)
  • Read and review, or automate the review of apps-side code for security (Flutter)

Responsibilities

  • Steer the architecture of our Cloud, Device, Code, App, AI, and Network infrastructure with a mind for security-first designs and plans.
  • Set the direction for a small number of our staff regarding our infrastructure design, security, integrations and partnerships, and more (IT, Data, and Security).
  • Serve as the primary security point of contact for our bank and fintech partners, completing security questionnaires, third-party risk assessments, and due diligence requests.
  • Own our SOC 2 Type II program end-to-end, including scoping, control design, evidence collection, and auditor management.
  • Maintain and strengthen our compliance posture across GLBA, PCI DSS, and other applicable financial services regulatory frameworks.
  • Manage and improve our core security infrastructure: SIEM, EDR, WAF, IAM, secrets management, and vulnerability scanning tools.
  • Conduct or manage regular penetration testing and vulnerability assessments, and drive remediation to closure.
  • Lead incident response efforts — including hands-on triage, containment, forensics, post-incident review, and breach notification processes.
  • Build and run security awareness training and phishing simulations across the company.
  • Review and negotiate security requirements in partner and vendor contracts.
  • Partner cross-functionally with Product, Engineering, Finance, and Legal to embed security into everything we build.
  • Develop and maintain our multi-year security roadmap and report security posture and risk to executive leadership.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service