Engineering – Security
Wealthsimple makes financial tools that are easy, accessible, and transparent. We are on a mission to democratize access to world-class financial tools for everyone, regardless of age, net worth, background, or education. With over $5+ billion in assets under management and 175,000+ clients, we're the market leader in Canada and are fast growing in the US and UK. Our team is working together to build one of the largest and most innovative fin-tech companies in the world. Join us and change the future of finance. Read our Culture Manual to learn more about us and how we work.
Engineering @ Wealthsimple
Wealthsimple’s engineering teams build software that helps hundreds of thousands of users manage billions of dollars in assets. We do this using a micro service architecture and an agile approach, focused on short iterations and rigorous automated testing, deploying our code over 100 times a day.
We're looking for a new Security Engineer to join our Security Team. You will help to further secure our infrastructure, by finding and patching vulnerabilities, investigating threats, and building software and tools that would allow our engineers to quickly and easily develop new, secure code. In this role you will have a chance to work with many teams within our organization to promote secure development practices.
For this role, you will:
- Identify potential threats and vulnerabilities and work with development teams to find and implement solutions.
- Contribute to our security strategy and architecture.
- Guide our engineers in building secure microservices that are in-line with our best practices and architecture
- Maintain and expand our application security libraries and tools.
- Build and manage shared engineering resources for alerting, logging, and monitoring
- Participate in an on-call rotation for responding to security incidents, internal questions & bugs, or triaged bug bounty security reports
For this role, we're looking for:
- 3+ years of software development experience.
- Intermediate knowledge of Ruby.
- Someone who's strongly security-minded, whether or not they have worked in formal security roles before
- Understand cloud security (AWS) and microservice architecture
- Strong communication skills and ability to work across team boundaries.
- Understand that threats will evolve as we scale, and adapt to them
- Believe that simple is better
- Take ownership and see initiatives through
- Value open communication and working on an exceptionally transparent team
- Teach and learn from their teammates. We value making others successful
Nice to haves (but not necessary):
- Experience with designing and maintaining authorization layers in distributed microservice architectures
- Experience with Java or Kotlin
- Experience in red or blue teaming web applications or a bug bounty profile (such as HackerOne or Bug Crowd)
- Experience in finding, responsibly disclosing, or resolving security vulnerabilities in open source software
- Experience with production databases (we use Postgres on RDS and Aurora)
- Experience with Docker and container orchestration tools such as Kubernetes, Nomad or Swarm (we use Nomad and Consul)
- Experience working in the field of Information Security (InfoSec)
- Any of the following certifications: CISSP, CEH, Security+, or GSEC
What we offer
- An opportunity to join a company that is changing the relationship people have with money.
- Generous Group RRSP matching program, competitive salaries, stock options and incentives for the success of both yourself and the company.
- Daily catered lunches, cold brew, snacks, and fun company off-sites, but most importantly, great coworkers to enjoy them with!
- $500 annual fitness credit and $1,200 annual education credit
Wealthsimple is committed to creating a diverse and inclusive culture, one which reflects the world in which we live. We encourage applicants from underrepresented groups including visible minorities, members of sexual minority groups, first nations persons, persons with disabilities, and women to apply.
At Wealthsimple, we are dedicated to creating a culture with a diversity of talented individuals who join, stay, and work in an environment that enables them to thrive.