Senior Penetration Tester, Application Security

Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with 3+ million users who trust us with more than $100 billion in assets. And we’re just getting started.

We’re looking for someone who thinks big, sweats the small stuff and keeps things simple. You’ll join a high-bar, fast-paced team where people are trusted to own their work, communicate openly, and ship things that improve our clients’ lives. Collaboration, humility, and an obsession over quality are how we get stuff done.

As a Senior Penetration Tester you will plan engagements, find security vulnerabilities, and help us fix them. Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to communicate and support the improvement of our company’s cybersecurity posture and resiliency. You will report to the Senior Manager, Application Security and have a mandate to plan and execute secure code reviews, penetration tests, and other offensive security activities to improve Wealthsimple’s security.

This role requires a unique blend of offensive security expertise and collaborative problem-solving. You won't just be finding vulnerabilities and handing off reports - you'll be working shoulder-to-shoulder with engineering teams to understand root causes, suggest practical remediations, and sometimes implement fixes yourself. If you see your job ending when the report is submitted, this role isn't for you. We're looking for someone who sees vulnerability discovery as the beginning of the conversation, not the end.