Image Description

Security Engineer (Application & Cloud)

Job Description

Posted 3 months ago

Wealthsimple is a financial services company on a mission to help everyone achieve financial freedom by providing products and advice that are accessible and affordable. Using smart technology, Wealthsimple takes financial services that are often confusing, opaque and expensive and makes them simple, transparent, and low-cost.

With over 1 million people using Wealthsimple products, we are the market leader in Canada, and we’re fast growing in the US and UK. Our team is working together to build one of the most innovative fintech companies in the world and we're looking for talented people who want to help us move fast, ship often and make a huge impact. Join us on our mission to make financial services simple and affordable for everyone!

Read our Culture Manual to learn more about us and how we work.

Security @ Wealthsimple

Wealthsimple’s Security team protects the systems that help hundreds of thousands of users manage billions of dollars in assets. We use a microservice architecture and an agile approach, focused on short iterations and rigorous automated testing, deploying our code over 100 times a day. 

In this role, you will have the opportunity to:

  • Further secure our applications and cloud infrastructure by investigating threats and building software and tools that would allow engineers to quickly and easily develop new, secure code.
    • Conduct application design reviews and guide engineers in building secure microservices that are in-line with our best practices and architecture
      • Build and manage security automation tooling and libraries to help engineers deploy secure software
        • Triage and resolve security vulnerabilities in the application layer and work with engineering teams to find and implement solutions
          • Partner with teams across the business to promote secure development practices and cultivate a strong security culture at Wealthsimple
            • Participate in an on-call rotation for responding to security incidents, internal questions bugs, or triaged bug bounty security reports
            • We’re looking for someone who:

              • Believes that simple is better
                • Brings 3+ years of software development experience
                  • Has experience with Python, Ruby / Rails and JavaScript / Node.js
                    • Loves to tackle and solve complex problems on a regular basis and comes with a strong security mindset
                      • Understands cloud security (AWS) and microservice architecture
                        • Takes ownership and pride in working on projects to successful completion
                          • Believes that debate, inclusivity and transparency result in better products
                            • Is eager to teach and learn from your team. We value making others successful!
                            • Nice to haves:

                              • Experience with Static Code Analysis and Cloud Security platforms
                                • Experience with designing and maintaining authorization layers in distributed microservice architectures
                                  • Experience with Java or Kotlin
                                    • Experience in red or blue teaming web applications or a bug bounty profile (such as HackerOne or Bug Crowd)
                                      • Experience in finding, responsibly disclosing, or resolving security vulnerabilities in open source software
                                        • Experience with production databases (we use Postgres on RDS and Aurora)
                                          • Experience with Docker and container orchestration tools such as Kubernetes, Nomad or Swarm (we use Nomad and Consul)
                                            • Any of the following certifications: CISSP, CEH, Security+, or GSEC
                                            • At Wealthsimple, we embrace difference. We believe that getting to the best outcomes requires diverse perspectives and backgrounds. We create space where all voices can be heard so that we can all do our life's best work. We’re committed to openness, curiosity and creating an inclusive culture as we know that diverse teams build better products and generate better ideas. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.

                                              Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know.

Job Summary

Image Description
Toronto, ON, CA Location

Similar Jobs

The largest community on the web to find and list jobs that aren't restricted by commutes or a specific location.

The Role**\n\n**TLDR; You write clean code and don’t hate...

n\n\nWe are looking for an ambitious software developer t...

nWe are looking for a senior full stack engineer who is e...