IT Engineering Manager - Endpoint Engineering

New

AffirmFinTech

Remote CanadaFull-TimeManager

Salary142,000 - 192,000 CAD per year

Apply NowOpens the employer's application page

Job Details

Experience: 5+ years of hands-on experience in endpoint engineering, client platform, or corporate IT engineering at scale; 2+ years of people management or formal technical leadership experience
Required Skills: PythonBashRESTful APIs

Requirements

5+ years of hands-on experience in endpoint engineering, client platform, or corporate IT engineering at scale.
Strong understanding of macOS device management (Jamf), MDM architecture, and endpoint security practices.
Exposure to compliance frameworks relevant to endpoint security (SOC 2, CIS Benchmarks, or similar).
2+ years of people management or formal technical leadership experience, including setting direction, running 1:1s, and developing individual engineers.
Demonstrated ability to build and run a program from scratch.
Scripting and automation proficiency in Bash and at least one additional language (Python strongly preferred).
Comfort integrating with RESTful APIs (MDM, Okta, Google Workspace, etc.).
Strong cross-functional instincts.
A track record of shipping improvements reliably and iteratively, with attention to rollback safety, communication, and compliance documentation.
Familiarity with package and software distribution pipelines (AutoPkg, Munki, or equivalent) (Nice to have).
Prior experience in a fintech, high-growth, or regulated environment (Nice to have).
Experience with infrastructure-as-code or configuration management tooling (Terraform, Ansible, or equivalent) (Nice to have).
Jamf Pro experience at an enterprise level (Jamf 300 or equivalent depth preferred) (Nice to have).
Experience with Windows endpoint management (Intune, SCCM, or equivalent) (Nice to have).

Responsibilities

Lead, coach, and develop a team of three engineers, setting clear expectations, providing regular candid feedback, and building individual growth plans.
Establish and maintain healthy team operating rhythms: sprint cadence, backlog grooming, incident retrospectives, and async-first communication practices.
Build a culture of ownership, craft, and continuous improvement.
Serve as an escalation point for complex technical issues and a knowledge resource for the broader IT Engineering organization.
Define and maintain the CPE roadmap in alignment with IT Engineering strategy, company-wide security priorities, and Affirm's FY roadmap cycles.
Establish a prioritization framework that balances project work, platform health (KTLO), compliance obligations, and stakeholder requests.
Build and own the KPIs and reporting that give visibility into endpoint compliance posture, patch currency, deployment reliability, and incident trends.
Implement structured change control processes: communication, testing gates, rollback plans, and post-deployment review for platform changes.
Guide the architecture and long-term strategy for Affirm's endpoint platform (macOS-first, with Windows and mobile in scope), including MDM configuration, zero-touch provisioning, and automation pipelines.
Drive key technical initiatives including permission automation, third-party patching, silent update delivery, and device lifecycle improvements.
Champion infrastructure-as-code and automation-first engineering practices across the team.
Evaluate new tooling and approaches, run POCs, and make clear adoption recommendations.
Build strong working relationships with Security, Identity/IAM, Developer Productivity, and IT Support.
Partner with Security to onboard and maintain endpoint security agents and enforce least-privilege policies at scale.
Represent CPE in cross-functional planning conversations.
Work closely with Developer Productivity to understand and support the unique endpoint needs of Affirm's engineering population.

View Full Description & ApplyYou'll be redirected to the employer's site