About the role

Senior Penetration Tester enhancing security at Wealthsimple, focusing on vulnerability discovery and remediation. Collaborating closely with engineering teams to strengthen the company’s cybersecurity posture.

Responsibilities

Plan engagements, find security vulnerabilities, and help fix them.
Establish rapport with leadership and support improvement of the company’s cybersecurity posture and resiliency.
Report to the Senior Manager, Application Security.
Execute secure code reviews, penetration tests, and other offensive security activities to improve Wealthsimple’s security.
Collaborate with engineering teams to suggest practical remediations and implement fixes.

Experience (5+ years preferred) in a mix of network, application, and native mobile penetration testing with a proven history of working cross-functionally with high functioning teams.
Experience performing boundary testing for PCI-DSS card holder environments or equivalent.
Experience performing mobile testing for Android/iOS applications.
Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks.
Knowledge of standard penetration testing methodologies, including NIST SP 800-115.
Familiarity with Ruby, React, and GraphQL testing is preferred.
Development and/or scripting competence is preferred.
AWS testing experience is preferred.
Previous industry experience in Financial Services is preferred.
Experience using automation and AI to supplement and scale manual testing is preferred.

Top-tier health benefits and life insurance
Long-term group savings with employer match using our Wealthsimple for Business platform
20 vacation days + 4 wellness days per year, and unlimited sick and mental health days
90 days away program: Employees can work outside of Canada for up to 90 days per calendar year
A wide variety of peer and company-led Employee Resources Groups (e.g., Rainbow, Women of Wealthsimple, Black @ WS)