Senior Security Analyst

Wealthsimple is on a mission to help everyone achieve financial freedom, no matter who they are or how much they have. Using smart technology, Wealthsimple takes financial services that are often confusing, opaque and expensive and makes them simple, transparent, and low-cost. We're the company behind some of Canada's leading digital financial products, and are growing faster than ever.
Our team is reimagining what it means to manage your money. Smart, high-performing team members will challenge you to learn and grow every day. We value great work and great ideas — not ego. We're looking for talented people who love a fast-paced environment, and want to ship often and make an impact with groundbreaking ideas.
We’re a remote-first team and output is more important than face time, so where you choose to work is up to you — as long as you have internet access, you can work from anywhere in Canada. Be a part of our Canadian success story and help shape the financial future of millions — join us! Read our Culture Manual and learn more about how we work.
At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status. Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know.
Security @ WealthsimpleWealthsimple’s Security team protects the systems that help hundred of thousands of users manage billions of dollars in assets. We use a micro service architecture and an agile approach, focused on short iterations and rigorous automated testing, deploying our code over 100 times a day.

In this role, you will have the opportunity to:

• Enhance our detection, investigation and response capabilities through actionable dashboards, identifying control gaps and building and tuning monitoring capabilities using automation/orchestration tools
• Further secure our applications and cloud infrastructure by developing our investigation methodology and leading the implementation of automation that will empower the operations team to quickly and easily respond to common incidents
• Proactively identify bad actors as they attempt to engage with our systems and use this information to drive improved process and controls
• Identify trends in external intelligence and apply context to the business by effectively triaging threat intelligence alerts and supporting internal teams by sharing actionable recommendations/investigation results
• Partner with our engineering teams and further develop our incident response strategy in line with stakeholder expectations
• Partner with our Security Engineering team to expand integration with our SIEM and SOAR platforms
• Coordinate with the Fraud Operations team to detect and investigate potential fraudulent activity
• Participate in an on-call rotation for responding to security incidents, internal questions & bugs, or triaged bug bounty security reports

We’re looking for someone who:

• Brings 5+ years of security experience
• Has experience in Incident Management and can lead our response program from both technical and process perspectives
• Has solid understanding and knowledge of security tools and technologies in respects to conducting log activity review for security investigations (WAF, firewall, proxy, EDR, CASB, DLP, threat intelligence feeds, etc.)
• Strong competency in how to turn noise into signals using a SIEM
• Comfortable creating automation through SOAR and SIEM platforms
• Strong Python background
• Believes that honesty, transparency, and inclusivity are important when communicating and working with both internally and external stakeholders
• Is a strong communicator who can work cross-functionally to bring incidents and vulnerabilities to resolution
• Demonstrates good judgement under pressure both in terms of technical problem solving and collaborating cross functionally
• Is excited to move beyond contemporary security as a domain and expand their knowledge into the domain of fraud management
• Is eager to learn from your team and others. We value making one another successful!