Head of Security Analytics

Wealthsimple is on a mission to help everyone achieve financial freedom, no matter who they are or how much they have. Using smart technology, Wealthsimple takes financial services that are often confusing, opaque and expensive and makes them simple, transparent, and low-cost. We're the company behind some of Canada's leading digital financial products, and are growing faster than ever.
Our team is reimagining what it means to manage your money. Smart, high-performing team members will challenge you to learn and grow every day. We value great work and great ideas — not ego. We're looking for talented people who love a fast-paced environment, and want to ship often and make an impact with groundbreaking ideas.
We’re a remote-first team and output is more important than face time, so where you choose to work is up to you — as long as you have internet access, you can work from anywhere in Canada. Be a part of our Canadian success story and help shape the financial future of millions — join us! Read our Culture Manual and learn more about how we work.
At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status. Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know.
Security @ Wealthsimple
Wealthsimple’s Security team protects the systems that help hundred of thousands of users manage billions of dollars in assets. We use a micro service architecture and an agile approach, focused on short iterations and rigorous automated testing, deploying our code over 100 times a day.
We are looking for a self-driven leader to join our growing Security Operations group. The Head of Security Analytics will bring Data Science methodologies to the world of Insider Threat, build new models leveraging UEBA and strive to build advanced Analytics services for the broader Security org. Some of the initial priorities would be to establish a program and hire a team of security engineers that will help achieve the mission of access misuse detection.

*In this role, you will have the opportunity to:*

• Build a program and team in the domain of insider threat and access misuse, ensuring program transparency through open mandate in front of our customers & partners that will be published on the publicly facing Wealthsimple Trust Centre
• Design & develop UEBA based detection models as part of our broader security strategy
• Apply innovative solutions to address threats using analytics with full understanding of the Insider Threat Landscape
• Identify and develop Insider Threat Detection use cases focused on insider risks and access misuse
• Building new tooling capabilities from the ground up and lead automation initiatives to streamline analysis and response workflows and processes (playbook automation - XSOAR)
• Work with the business to deliver scalable solutions through collaborative relationships with Legal, HR, Compliance
• Rely on close partnerships with Security Engineering, Security Operations, Security Assurance and Corporate Security to ensure a world class security culture and environment is practiced
• Hire, grow, build and support a team of high performing security engineers who hunt, detect, and respond to internal threats through coaching and care in a way that enables long-term career development, happiness, and success
• Define operational metrics, key performance indicators, and service level objectives to assure the team achieves operational excellence

*We’re looking for someone who:*

• Brings 5+ years of security analytics experience, comfortable applying data science to solve security problems
• Built UEBA & User Activity monitoring capabilities
• Understands data collection processes & challenges
• Familiarity with Security Operations software (DLP, SIEM, EDR, SOAR)
• Expertise in leading analysis of large data sets
• Exposure to multiple domains, including:
• Network, cloud, and endpoint security
• Data protection & data analytics
• A history of delivering projects through cross team collaboration and partnerships
• Demonstrated success overseeing internal tool development and automation at scale
• Strong analytical skills to identify complex security issues and respond at the same level with a full technical understanding
• Exhibits a history of strong decision-making skills
• Believes that honesty, transparency, and inclusivity are important when communicating and working with both internally and external stakeholders
• Is a strong communicator who can work cross-functionally to solve security problems
• Demonstrates good judgement under pressure both in terms of technical problem solving and collaborating cross functionally
• Is eager to learn from your team and others. We value making one another successful!

Nice to haves:

• Experience in understanding the Insider Threat Landscape and applying innovative solutions to address threats using analytics
• Experience monitoring corporate endpoints and networks in a zero-trust environment
• Experience working in the fintech industry
• Knows the MITRE ATT&CK framework
• Security certifications including CISSP, CISM are an asset