Senior Application Security Developer

August 8

Apply Now

Receive Emails with Similar Jobs

Wealthsimple

WebsiteLinkedInAll Job Openings

Powerful financial tools to help you grow and manage your money.

wealth manager • financial advisor • investment manager • portfolio manager • investment adivsor

501 - 1000

💰 Private Equity Round on 2021-05

Description

• Conduct penetration tests across applications to identify security weaknesses. Simulate real-world attacks to assess the effectiveness of existing security measures, ensuring proactive vulnerability identification and resolution • Design and implement offensive security strategies and attack scenarios to uncover potential weaknesses in our systems and infrastructure • Develop automated tools like Nuclei to enhance our security capabilities. Identify recurring security pitfalls that can be systematically resolved using scalable solutions such as libraries, and implement advanced security controls to rigorously test and secure applications • Audit source code and perform code reviews for critical application changes • Keep up-to-date with the latest security trends, tools, and techniques to continuously enhance the security posture of the organization. You will research and evaluate emerging threats and vulnerabilities, and provide recommendations for improving our security practices, further enhancing security within Wealthsimple • Provide guidance and mentorship. You will share your knowledge and experience to help develop the skills and expertise of fellow team members and essentially, help grow our team • Provide hands-on guidance for vulnerability remediation and train developers on common security pitfalls, fostering a proactive security culture within the development process

Requirements

• Is able to reason through Ruby, Javascript, Python, and Java/Kotlin code bases which are used in some of our support services • Has a thorough understanding of application security principles, including the ability to identify vulnerabilities highlighted in the OWASP Top 10, and can propose effective fixes • Exhibits an offensive security mindset, consistently exploring potential vulnerabilities and thinking critically about what could go wrong • Is skilled in analyzing logs using tools such as SQL and SIEM to uncover security threat and anomalies • Communicates security concepts effectively, both internally and externally, articulating best practices and strategic approaches to application security