Senior Penetration Tester, Application Security

Summary

Join Wealthsimple as a Senior Penetration Tester for a 3-month contract, where you will plan engagements, identify security vulnerabilities, and collaborate with various teams to enhance the company's cybersecurity. You will perform security assessments, analyze vulnerabilities, and create comprehensive reports detailing findings. This role requires strong cross-functional collaboration and a proven track record in penetration testing. The ideal candidate possesses extensive experience in network and application penetration testing, understands various security domains, and is familiar with penetration testing methodologies. Wealthsimple offers a competitive salary and a remote-first work environment.

Requirements

• Experience (8+ years preferred) in network and/or application penetration testing with a proven history of working cross-functionally with high functioning teams
• Experience performing boundary testing for PCI-DSS card holder environments or equivalent
• Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks
• Knowledge of standard penetration testing methodologies, including NIST SP 800--115

Responsibilities

• Perform security assessments. Help discover flaws in our systems by conducting detailed penetration tests on our internal systems, web applications, and other software
• Analyze vulnerabilities. Help determine the real-world severity of discovered issues and suggest actionable recommendations to address security threats, improve application security, and strengthen our cloud environments
• Develop reports. Create comprehensive reports detailing findings, methodologies, and actionable insights for our engineers and other stakeholders
• Share your expertise. Work closely with our application security, vulnerability management, infrastructure and platform engineers, implement solutions and enhance our security posture

Preferred Qualifications

• Familiarity with Ruby, React, GraphQL, and mobile application testing is preferred
• AWS testing experience is preferred
• Previous industry experience in Financial Services is preferred
• Preferably a bachelors or higher degree in cybersecurity, software engineering, or a related field
• Preferably one or more: Offensive Security Certified Professional/OSEP CREST Registered Tester AWS Certified Security Speciality

Benefits

• Competitive salary
• A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)
• We’re a remote-first team, with over 1,000 employees coast to coast in Canada