Senior Penetration Tester, Application Security (3 month contract)

Your career is an investment that grows over time!
Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 4 million users who trust us with more than $70 billion in assets.
Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.
About the RoleAs a Senior Penetration Tester you will plan engagements, find security vulnerabilities, and help us fix them. Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to support our company’s cybersecurity posture and resiliency. You will report to the Senior Manager, Application Security and have a mandate to plan and execute secure code reviews, penetration tests, and other offensive security activities to improve Wealthsimple’s security.
This opportunity is a 3 month contract only.

In this role, you'll have the opportunity to:

• Perform security assessments. Help discover flaws in our systems by conducting detailed penetration tests on our internal systems, web applications, and other software.
• Analyze vulnerabilities. Help determine the real-world severity of discovered issues and suggest actionable recommendations to address security threats, improve application security, and strengthen our cloud environments.
• Develop reports. Create comprehensive reports detailing findings, methodologies, and actionable insights for our engineers and other stakeholders.
• Share your expertise. Work closely with our application security, vulnerability management, infrastructure and platform engineers, implement solutions and enhance our security posture.

People who will succeed in this role are:

• Courageously Ambitious - they enthusiastically tackle big audacious goals.
• Deeply Human- they understand how to bring the best out of themselves and others.
• Problem Solvers - they have the ability and resilience to tackle complex issues.

Skill you bring:

• Experience (8+ years preferred) in network and/or application penetration testing with a proven history of working cross-functionally with high functioning teams.
• Experience performing boundary testing for PCI-DSS card holder environments or equivalent.
• Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks.
• Knowledge of standard penetration testing methodologies, including NIST SP 800--115
• Familiarity with Ruby, React, GraphQL, and mobile application testing is preferred.
• AWS testing experience is preferred.
• Previous industry experience in Financial Services is preferred.

We are looking for amazing people to join our team. If you think you are a great fit for the role but don’t hit every single requirement, consider reaching out anyway.

Relevant Education and Certifications:

• Preferably a bachelors or higher degree in cybersecurity, software engineering, or a related field

Preferably one or more:
• Offensive Security Certified Professional/OSEP
• CREST Registered Tester
• AWS Certified Security Speciality

We value diverse educational and professional backgrounds. While the certifications and degrees listed above are preferred, equivalent practical experience and demonstrable skills are highly valued.

Why Wealthsimple?🤑 Competitive salary 🌎 A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)
We’re a remote-first team, with over 1,000 employees coast to coast in Canada. Be a part of our Canadian success story and help shape the financial future of millions — join us!
Read our Culture Manual and learn more about how we work.
Technology & Innovation at WealthsimpleWe believe the future belongs to those who innovate boldly. At Wealthsimple, every team member is expected to lean into new technologies, including AI and tooling, to rethink how we work, solve problems faster, and create even greater value. We're looking for people who are not just comfortable with change but energized by it. Our commitment is to build a company that evolves at the pace of the world around us, and we want you to help lead that future.
DEI StatementAt Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status. 
Accessibility StatementWealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.