Wealthsimple
Join Wealthsimple as an Application Security Engineer and help secure our applications with your expertise in tooling, architecture, and offensive security testing. Collaborate with teams to mitigate risks and enhance security practices while enjoying top-tier benefits and a supportive remote-first culture.
GuidePoint Security
Assist in delivering Application Security services at GuidePoint Security by performing DevSecOps assessments, architecture reviews, threat modeling, and designing secure pipelines. Contribute to client engagements, deliver comprehensive reports, and strengthen application security capabilities while staying updated with industry trends and tools.
Gusto, Inc.
Security Engineering role at Gusto, designing safe features with safety & privacy in mind, building security tools & services, 12+ yrs info sec exp reqd.
GuidePoint Security
As an Application Security Engineer, you will work with tools like Burp Suite Pro and Invicti to identify and remediate vulnerabilities, integrate security tools into CI/CD pipelines, and collaborate with teams to enhance application security practices. You'll need strong technical skills in secure development lifecycles and excellent communication abilities.
Binance
Application Security Engineer at Binance: Collaborate on mobile security, blockchain security, and AI tools
Twilio
Risk management analyst needed at Twilio, requiring 5+ years of experience in security-centric risk management and compliance frameworks.
Twilio
Risk Management Analyst at Twilio, leading daily management of One Twilio Risk Management program, developing risk registers, collaborating with teams, and analyzing risk data.
ExtraHop
Senior Product Security Engineer with experience in modern software development practices and securing web applications, APIs, and software systems.
Rackspace
Lead security policy management and awareness training for large enterprises using Archer GRC Tool, with a strong understanding of cybersecurity best practices.
Gradient AI
Staff Security Engineer at Gradient AI: Manage overall security posture, lead risk assessments, cloud security, and implement best practices.
Lattice
Remote Staff Product Security Engineer role at Lattice, requiring secure coding practices, vulnerability detection, and collaboration with product teams.
Binance
Mobile Application Security Engineer - Penetration Test at Binance: design, develop & maintain mobile apps with security functionality.
Lime
Join Lime's Security team as a Staff Security Software Engineer and contribute to building impactful security solutions for the company's electric bike and scooter services.
Binance
Security Operations and Project Manager at Binance: Drive effective hacker attack detection, manage security projects, and provide user education.
Binance
Join Binance Accelerator Program - Security Project Management for immersive experience, project management tasks, and career growth opportunities.
Rackspace
Lead security policy management and awareness initiatives at Rackspace Technology, utilizing tools like Archer GRC and platforms such as ProofPoint and KnowBe4 to enhance organizational security and compliance.
Binance
Backend Developer (Security) for Binance Accelerator Program - Remote, 4-day workweek, $4k/year travel stipend, equity
WorkOS
Join WorkOS as a Security Engineer to enhance our security infrastructure, ensuring the safety of authentication and identity solutions for thousands of SaaS customers. Lead security projects, mentor teams, and implement best practices using tools like SCA, SAST, DAST, and CNAPP.
Wealthfront
Join Wealthfront's Security Engineering team as a security-minded engineer to build and mature security solutions in a fast-growing fintech organization.
Vercel
Strengthen web application security by researching vulnerabilities, developing tailored WAF rules, and educating customers on best practices using Vercel's tools. Collaborate with teams to enhance product security and represent Vercel in the industry.
Wealthsimple
Wealthsimple is seeking an Application Security Engineer to join their growing team. With a focus on security tooling, architecture, and offensive security testing, the ideal candidate will have experience in SAST, DAST, SCA, threat modeling, secure code review, bug bounty programs, and pentesting. The role requires strong leadership skills and the ability to collaborate with product and development teams while mentoring junior developers. The successful applicant will contribute to enhancing the company's application security program, identifying risks, and implementing solutions that balance organizational impact and long-term support. Wealthsimple offers competitive compensation, comprehensive benefits, wellness programs, professional development opportunities, and a flexible work environment.
Your career is an investment that grows over time!
Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 4 million users who trust us with more than $50 billion in assets.
Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.
About the Application Security & Posture Management Team
The team is currently growing and owns the security architecture, security tooling, and offensive security testing for our applications. We enable the business and help Wealthsimple win the trust of our clients driving net deposits, client acquisition, and more
Reporting to the Sr. Engineering Manager, ASPM and part of the broader Security Engineering leadership function with peers in IAM and Infrastructure Security
What you bring:
With an average of 8 years of experience in security or software development with at least 4 years in application security, and 2 years as a Senior
Proven experience with the following domains: security tooling (e.g. SAST, DAST, SCA, etc), security architecture (e.g. threat modelling, secure code review, etc), and offensive security (e.g. bug bounty programs, pentesting, etc)
Ability to read and write code at a Sr. Developer level with a preference for experience with Ruby, Javascript, Java, and Python
Excellent leadership skills with a track record of being able to work closely with product and development teams while growing talent on the team
A history that demonstrates a maker owner and growth mindset. You are always thinking and acting like a team player and coach
In the first 3 months our ideal candidate will have:
Completed their initial assessment of the application security program and team and be able to articulate to the business key risks and opportunities
Taken over ownership of existing services, libraries, integrations, and processes and began to prioritize any improvements or fixes with the team
Identified the top 3 areas of risk in our applications and developed proposals to address them while balancing friction to organization and long term support
In the first 6 months our ideal candidate will have:
Established good working relationships with vulnerability management and our product teams through program and product reviews respectively and will have executed on 2-4 threat modelling or pentesting opportunities
Begun a coaching and mentoring relationship with more junior developers both inside and outside of the security department helping define and promote a culture of security
Shipped their first service, library, or process designed to address one of the previously identified top 3 risks in our applications
In the first 12 months our ideal candidate will have:
Defined their approach to making the easy way the secure way for developers and established a technical vision for the team
Ensured that the team is firmly integrated in both SDLC and with our partners in product through continuous validation and security scorecarding
Why Wealthsimple?
🤑 Competitive salary with top-tier health benefits and life insurance
📈 Retirement savings matching plan using Wealthsimple Work
🌴 20 vacation days per year and unlimited sick and mental health days
📚 Up to $1,500 per year towards wellness and professional development budgets respectively
🛫 90 days away program: Employees can work internationally in eligible countries for up to 90 days per calendar year
🌎 A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)
💖 Company-wide wellness days off scheduled throughout the year
We’re a remote-first team, with over 1,000 employees coast to coast in North America. Be a part of our Canadian success story and help shape the financial future of millions — join us!
Read our Culture Manual and learn more about how we work.
DEI Statement
At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.
Accessibility Statement
Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.
