Senior Application Security Developer
Job Description
Your career is an investment that grows over time!
Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 3 million users who trust us with more than $40 billion in assets.
Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.
About the Application Security and Posture Management team:
At Wealthsimple, we value our customers' trust above all. our Application Security Team is dedicated to protecting this trust by ensuring the utmost security of our applications and customer data.
In close collaboration with development teams, we integrate security measures and practices into every stage of our Software Development Lifecycle. We also partner with them to build secure features and capabilities into our products. Our proactive efforts are focused on identifying and mitigating risks within our applications, ensuring solutions are both timely and scalable.
Our mission extends beyond securing systems; we aim to safeguard our customers' trust, reinforcing Wealthsimple's position as the most trusted company in the world. We also cultivate a strong security culture throughout the company, empowering all employees to uphold and advocate for our high security standards.
What you will do:
- Conduct penetration tests across applications to identify security weaknesses. Simulate real-world attacks to assess the effectiveness of existing security measures, ensuring proactive vulnerability identification and resolution
- Design and implement offensive security strategies and attack scenarios to uncover potential weaknesses in our systems and infrastructure
- Develop automated tools like Nuclei to enhance our security capabilities. Identify recurring security pitfalls that can be systematically resolved using scalable solutions such as libraries, and implement advanced security controls to rigorously test and secure applications
- Audit source code and perform code reviews for critical application changes
- Keep up-to-date with the latest security trends, tools, and techniques to continuously enhance the security posture of the organization. You will research and evaluate emerging threats and vulnerabilities, and provide recommendations for improving our security practices, further enhancing security within Wealthsimple
- Provide guidance and mentorship. You will share your knowledge and experience to help develop the skills and expertise of fellow team members and essentially, help grow our team
- Provide hands-on guidance for vulnerability remediation and train developers on common security pitfalls, fostering a proactive security culture within the development process
We're looking for someone who:
- Is able to reason through Ruby, Javascript, Python, and Java/Kotlin code bases which are used in some of our support services
- Has a thorough understanding of application security principles, including the ability to identify vulnerabilities highlighted in the OWASP Top 10, and can propose effective fixes
- Exhibits an offensive security mindset, consistently exploring potential vulnerabilities and thinking critically about what could go wrong
- Is skilled in analyzing logs using tools such as SQL and SIEM to uncover security threat and anomalies
- Communicates security concepts effectively, both internally and externally, articulating best practices and strategic approaches to application security
Why Wealthsimple?
🤑 Competitive salary with top-tier health benefits and life insurance
📈 Retirement savings matching plan using Wealthsimple Work
🌴 20 vacation days per year and unlimited sick and mental health days
📚 Up to $1,500 per year towards wellness and professional development budgets respectively
🛫 90 days away program: Employees can work internationally in eligible countries for up to 90 days per calendar year
🌎 A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)
💖 Company-wide wellness days off scheduled throughout the year
We’re a remote-first team, with over 1,000 employees coast to coast in North America. Be a part of our Canadian success story and help shape the financial future of millions — join us!
DEI Statement
At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.
Accessibility Statement
Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.
Apply Now
Back to Job Listings
Add To Job List
Company Profile
View Company Reviews
Date Posted
08/23/2024
Views
0
Positive
Subjectivity Score: 0.8
Similar Jobs
Senior Shopify Developer - BUMP Group - Canadian Bank Note Company
Views in the last 30 days - 0
BUMP is a leading charity fundraising platform committed to innovation and employee growth offering competitive benefits and collaborative work enviro...
View DetailsSenior Staff Software Engineer - Marketing Technology - Gusto, Inc.
Views in the last 30 days - 0
This job description highlights a Senior Staff Software Engineer role focused on leading the transition of Gustos MarTech stack to an AInative platfor...
View DetailsSenior Workday Architect - Twilio
Views in the last 30 days - 0
This job posting seeks a Workday Sr Architect to join Twilios team focusing on system design subject matter expertise and stakeholder collaboration Th...
View DetailsSenior Engineering Manager - Infrastructure - Mozilla
Views in the last 30 days - 0
MZLA Technologies promotes opensource innovation emphasizing privacy collaboration and communitydriven development They seek a Senior Engineering Mana...
View DetailsSenior Patent Specialist - D-Wave Quantum
Views in the last 30 days - 0
This job description outlines a Senior Patent Specialist role at DWave emphasizing collaboration innovation and IP strategy The position requires expe...
View DetailsInformation Security Engineer (DLP) - Scopely
Views in the last 30 days - 0
Scopely seeks an Information Security Engineer DLP to join their Data Protection team in Canada on a remote basis The role involves safeguarding data ...
View Details