Jobs
Wealthsimple logoWealthsimple

Staff Software Developer, Application Security

Wealthsimple is on a mission to help everyone achieve financial freedom, no matter who they are or how much they have. Using smart technology, Wealthsimple takes financial services that are often confusing, opaque and expensive and makes them simple, transparent, and low-cost. We're the company behind some of Canada's leading digital financial products, and are growing faster than ever.Our team is reimagining what it means to manage your money. Smart, high-performing team members will challenge you to learn and grow every day. We value great work and great ideas — not ego. We're looking for talented people who love a fast-paced environment, and want to ship often and make an impact with groundbreaking ideas.We’re a remote-first team and output is more  important than face time, so where you choose to work is up to you — as long as you have internet access, you can work from anywhere in Canada. Be a part of our Canadian success story and help shape the financial future of millions — join us! Read our Culture Manual and learn more about how we work.At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status. Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know.About the team:The Application Security team is a specialized group with a mix of software and security skillsets who identify areas of risk within our applications and work to mitigate them in a timely and scalable manner ensuring we build security and privacy into each and every product.

In this role, you will have the opportunity to:

  • Take a maker owner approach to identifying and remediating security or privacy anti-patterns affecting large parts of the organization.
  • Integrate security best practices throughout the software development lifecycle while maintaining developer productivity.
  • Mentor engineers at all levels and across the organization at a meta-level (e.g. being able to help shape our approach to mentoring) and contribute to our security awareness and champions programs.
  • Use a suite of approaches to identifying vulnerabilities, risks and business logic flaws using Threat Modeling, Secure Code Review, Secure Architecture Review, Bug Bounty Program Administration, SAST, DAST, IAST, and PenTesting.

We're looking for someone who:

  • Has experience running a product or application security program in a fast paced environment.
  • Is able to dive deep into multiple code bases across different languages such as Ruby, Java, Python and Javascript to ship improvements and enhance the security posture of our products and platform
  • Is able to clearly and effectively communicate, internally and externally, security best practices and strategy, even serving as a translator between different teams.
  • Is an effective listener, consensus builder and effectively incorporates diverse ideas into a coherent vision.
  • Contributes to best practices in leadership and people management, especially when it comes to hiring at the senior level.
  • Is a mentor and who will have a large positive impact on morale and company culture.

Within 6 months, you’ll:

  • Use our internal data to identify areas of improvements within our applications.
  • Join a targeted campaign to identify and remediate security concerns in a single product.
  • Make improvements to our existing CI/CD tooling to improve their accuracy and effectiveness.
  • Participate in our Security Champions and Security Awareness programs.
  • Take a rotation managing our bug bounty program.

Within 12 months, you’ll:

  • Propose improvements to our data collection and analysis.
  • Lead a campaign to identify and remediate security concerns in a single product.
  • Evaluate and expand our existing DevSecOps program to increase its return on investment.
  • Lead a Security Champion cohort.
  • Improve the ability of our security researchers to test our platform.

Cyber Security Jobs by Category

Remote jobsFull Time jobsJavascript jobsApplication Security jobsDevsecops jobs

Cyber Security Salaries

Remote SalaryFull Time SalaryJavascript SalaryApplication Security SalaryDevsecops Salary