About the Application Security & Posture Management Team:
- The team is currently growing and is expected to reach a size of 4 ICs and & EM by H1 2025
- The team owns the security architecture, security tooling, and offensive security testing for our applications. We enable the business and help Wealthsimple win the trust of our clients driving net deposits, client acquisition, and more
- Reporting to the Sr. Engineering Manager, Security Engineering as a part of the broader Security Engineering function with peers in IAM and Infrastructure Security
What you bring:
- 5-7 years of experience in security or software development with at least 2 years in application security and management
- Proven experience with at least 2 of the following domains: security tooling (e.g. SAST, DAST, SCA, etc), security architecture (e.g. threat modelling, secure code review, etc), or offensive security (e.g. bug bounty programs, pentesting, etc)
- Ability to read and write code at a Sr. Developer level with a preference for experience with Ruby, Javascript, Java, and Python
- Excellent leadership skills with a track record of being able to work closely with product and development teams while growing talent on the team
- A history that demonstrates a maker-owner and growth mindset. You are always thinking and acting like a team player and coach
What you will do:
- You will be responsible for developing, supporting, and setting the direction for the team and Application Security program so that we can enable the business by effectively scaling in this area
- You will need to establish and maintain strong relationships with product engineering leaders across the organization becoming a trusted partner who is able to influence cross-functional decision making
- You will need to collaborate effectively with other security teams acting as an escalation or subject matter expert as needed to address risks to the business
In the first 3 months our ideal candidate will have:
- Completed their initial assessment of the application security program and team, and be able to articulate to the business key risks and opportunities
- Reviewed and prioritized existing issues with the team and brought any cross-functional work to the appropriate betting tables to secure buy-in from stakeholders
- Taken ownership of our vendor relationships specifically for our enterprise security testing tools, bug bounty program, and pentest program
In the first 6 months our ideal candidate will have:
- Developed growth plans for the team based on existing needs including any training, conference, or sourcing budget that may be required
- Established good working relationships with vulnerability management and our product teams through program and product reviews respectively and will have executed on 2-4 threat modelling or pentesting opportunities
- Established what KPIs or SLAs define excellence on this team and established a strong operating cadence for their direct reports in concert with their peers and management team with at least a 4-month roadmap
In the first 12 months our ideal candidate will have:
- Prepared their teams annual roadmap, budget, and headcount plan for the new year and got appropriate buy-in from their stakeholders
- Reviewed their team's performance against stated objectives, evaluated control effectiveness, and highlighted and suggested changes to the program
0 applies
10 views
Other Jobs from Wealthsimple
Senior Backend Software Developer
Staff Security Developer, Application Security and Posture Management
Senior Software Developer - Database Solutions
Senior Infrastructure Security Developer
Lead Product Manager
Similar Jobs
Staff Software Engineer
MTS 1, Software Engineer
Senior Software Engineer - FedRamp
Senior DevInfra Engineer
Sr. Software Engineer
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
π₯³π₯³π₯³ 401 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineersβ¦ in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. π οΈ
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. π
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. π―
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. π
What Fellow Engineers Say