Manager, Security Engineering

Posted Sep 22

Your career is an investment that grows over time!

Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 3 million users who trust us with more than $20 billion in assets.

Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.

About the Team

This position reports to the Senior Manager, Security Engineering. The team owns two unique areas of responsibility, application security and posture management. 

Application security focuses on improving our white box security testing and implementing fixes for the riskiest 20% of vulnerabilities in our applications.

The posture management area focuses on evaluating our security posture from the outside in, detection engineering including data loss, and managing vulnerabilities in our ecosystem helping engineering tackle the remaining 80% of issues.

These two areas together allow for a fast feedback loop that balances identification and mitigation. The team should focus on paving the cow paths to create secure defaults.

If you're interested please apply before Sept 29th, 2023.

Within 3 months, you’ll:

  • Establish the ways of working for both areas of responsibility.
  • Establish strong relationships with other teams including product.
  • Work on filling open positions.
  • Work with GRC function to determine the short term roadmap.

Within 6 months, you'll:

  • Determine the key performance indicators for both areas.
  • Work with the GRC function to map controls to the NIST CSF.
  • Identify current areas of improvement.
  • Create a strong feedback loop between areas of responsibility.

Within 12 months, you'll:

  • Work on the strategic plan for the area.
  • Identify potential candidates to grow for leadership roles.
  • Increase the ROI for investments in the area.
  • Work with GRC function to determine the long term roadmap.

Skills you bring:

  • Strong security knowledge such as CISSP or CISM.
  • Experience managing large teams.
  • Experience managing multiple areas of responsibility.
  • Experience with vulnerability management.
  • Experience with detection engineering.
  • Experience working with developers and product managers.
  • Experience with CI/CD tooling.
  • Experience with security testing.
  • Experience growing both people managers and senior individual contributors.

Nice to haves:

  • Experience with software development including Ruby on Rails, TypeScript/NodeJS, Python, and Java.
  • Experience with Secure Code Review, Threat Modelling and Security Architecture Review.
  • Experience with financial systems and terms.
  • Experience with AWS, Kubernetes, and Cloud Architecture.
  • Experience with MicroServices and their operation.
  • Experience with human centric security.
  • Pragmatic and judicious approach to prioritization and strategy.
  • Experience with a principles over vendors approach.

Why Wealthsimple?

πŸ€‘ Competitive Salary with top-tier health benefits and life insurance

πŸ“ˆ Retirement savings matching plan using Wealthsimple Work

🌴 20 vacation days per year and unlimited sick and mental health days

πŸ“š Up to $1500 per year towards wellness and professional development budgets respectively 

πŸ›« 90 days away program: Employees can work internationally in eligible countries for up to 90 days per calendar year 

🌎 A wide variety of peer and company-led employee resource groups (ie. Rainbow, Women of Wealthsimple, Black @ WS) Employee Resource Groups  

πŸ’– Company-wide wellness days off scheduled throughout the year

We’re a remote-first team, with over 1000 employees coast to coast in North America. Be a part of our Canadian success story and help shape the financial future of millions β€” join us!

Read our Culture Manual and learn more about how we work.

DEI Statement

At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status. 

Accessibility Statement

Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.