×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Penetration Tester, Application Security

Job in Prince Albert, Saskatchewan, Canada
Listing for: Queer Tech
Full Time position
Listed on 2026-02-20
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

Build something people love

Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with 3+ million users who trust us with more than $100 billion in assets.

And we’re just getting started.

We’re looking for someone who thinks big, sweats the small stuff and keeps things simple. You’ll join a high-bar, fast-paced team where people are trusted to own their work, communicate openly, and ship things that improve our clients’ lives. Collaboration, humility, and an obsession over quality are how we get stuff done.

About the Role

As a Senior Penetration Tester you will plan engagements, find security vulnerabilities, and help us fix them. Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to communicate and support the improvement of our company’s cybersecurity posture and resiliency. You will report to the Senior Manager, Application Security and have a mandate to plan and execute secure code reviews, penetration tests, and other offensive security activities to improve Wealthsimple’s security.

This role requires a unique blend of offensive security expertise and collaborative problem-solving. You won't just be finding vulnerabilities and handing off reports - you'll be working shoulder-to-shoulder with engineering teams to understand root causes, suggest practical remediations, and sometimes implement fixes yourself. If you see your job ending when the report is submitted, this role isn't for you. We're looking for someone who sees vulnerability discovery as the beginning of the conversation, not the end.

Responsibilities
  • Perform security assessments: discover flaws in our systems by conducting detailed penetration tests, code reviews, or threat models on our internal systems, web applications, and other software.
  • Analyze vulnerabilities: determine the real-world severity of discovered issues and suggest actionable recommendations to address security threats, improve application security, and strengthen our cloud environments.
  • Write findings: create comprehensive write-ups of the findings, risk analysis, recommendations, and actionable insights for our engineers and other stakeholders.
  • Help fix problems: work closely with our application security, vulnerability management, infrastructure and platform engineers to implement solutions, enhance our security posture, and develop guardrails, regression tests, and out-of-the-box solutions to prevent future vulnerabilities or design flaws.
What You Bring
  • Courageously Ambitious - enthusiastically tackle big audacious goals.
  • Deeply Human - take responsibility for bringing the best out of themselves and others.
  • Problem Solvers - have the ability and resilience to tackle complex issues and see them through.
Skills and Experience
  • Experience (5+ years preferred) in a mix of network, application, and native mobile penetration testing with a proven history of working cross-functionally with high-functioning teams.
  • Experience performing boundary testing for PCI-DSS card holder environments or equivalent.
  • Experience performing mobile testing for Android/iOS applications.
  • Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks.
  • Knowledge of standard penetration testing methodologies, including NIST SP 800-115.
  • Familiarity with Ruby, React, and Graph

    QL testing is preferred.
  • Development and/or scripting competence is preferred.
  • AWS testing experience is preferred.
  • Previous industry experience in Financial Services is preferred.
  • Experience using automation and AI to supplement and scale manual testing is preferred.
Education and Certifications
  • Offensive Security Certified Professional (OSCP)/Experienced Penetration Tester (OSEP)
  • CREST Registered Tester
  • AWS Certified Security - Specialty
  • Bachelor’s or higher degree in cybersecurity, software engineering, or a related field
Compensation & Equity

🤑 Base salary…

Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search