Security Researcher

🕒 June 2

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Wealthsimple

Wealthsimple

1001 - 5000 employees

Founded 2014

💳 Fintech

🏦 Banking

💸 Finance

🔥 Funding within the last year

💰 $393M Series E - Wealthsimple on 2025-10

Fintech • Banking • Finance

Wealthsimple is a Canadian financial technology company that provides consumer banking, investing, and wealth management services. It offers chequing accounts, savings, credit cards, self-directed trading (stocks, ETFs, options), cryptocurrency trading, managed portfolios, tax services, and advisory wealth management for high-net-worth clients. Wealthsimple combines digital-first banking and low-fee investing products aimed at retail customers, along with tools and educational content to support personal finance.

📋 Description

• Design and build scaffolds to automate attacker/threat modeling, attack discovery and exploitation techniques at scale • Identify promising attack surfaces and scenarios across Wealthsimple’s stack. • Architect and tune agents, prompts, and toolchains that implement real attacker TTPs. • Define success metrics and evaluation criteria for automations/ai so we can select and fine tune tooling and model use • Design and iterate on multi-step agent strategies that combine observation, planning, action, and self-learning • Improve effectiveness and automation coverage and reduce unproductive actions and loops • Propose and validate new tools or environment features that enable richer or more realistic attacks. • Research and design new AI-driven attack strategies and scenarios in anticipation of what adversaries might misuse LLMs to do in future, then help design detections and defensive measures • Analyze AI behavior and results to discover systemic weaknesses and strengths and improve platform design / outputs and compensate for weaknesses. • Compare different models, prompts, and tool sets on the same scenarios. • Measure meaningful outcomes (bugs found, depth of compromise, time-to-finding, false-positive behaviour). • Benchmark AI-driven testing against our other tooling and manual test results to understand return on investment and where to invest effort and expertise to best advantage • Translate agent outputs into high-quality findings and systemic improvements. • Identify high-confidence vulnerabilities and attack paths. • Analyze findings to uncover recurring vulnerability types and control gaps, then help us fix them • Understand how agents discovered issues and what that implies for our defences. • Share learnings and help build guardrails, detections, systemic framework fixes, libraries, or new agents/experiments

🎯 Requirements

• 5+ years of experience in offensive security and/or vulnerability research • Prior work blending automation with offensive security (e.g., custom tooling, fuzzer integrations). • Strong technical skills in reading and reasoning about code, infrastructure, and designs. • Experience building, evaluating, or using LLM- or agent-based systems in any domain. • A strong curiosity about and openness to AI-augmented workflows: • Comfortable iterating on prompts, tools, and agent behaviours. • Pragmatic about what AI can and cannot do today. • Working experience with large language models and how they work; for example, you may have written agent scaffolds • Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks. • Knowledge of standard penetration testing methodologies, including NIST SP 800-115. • Preferred but not required: • Published research papers on computer security, language modelling, offensive security tool benchmarking, or related topics; or given talks at Defcon, Blackhat, CCC, or other reputable venues • Contributed to open-source projects in LLM- or security-related projects, especially those contributing to AI / LLM-specific guardrails and models • Experience in financial services • Data science and data pipeline development experience • Familiarity with Ruby, React, GraphQL, AWS • Some software or systems engineering experience • Previous industry experience in Financial Services is preferred.

🏖️ Benefits

• Top-tier health benefits and life insurance • Long-term group savings with employer match, through Wealthsimple for Business • 20 vacation days, 4 wellness days, and unlimited sick and mental health days per year • 90 days away: work outside Canada for up to 90 days per year • Employee resource groups, including Rainbow (2SLGBTQ), Women of WS, and Black at WS

Apply Now

Similar Jobs

🕒 May 28

Cohere

11 - 50

🤖 Artificial Intelligence

🏢 Enterprise

☁️ SaaS

Infrastructure Security Engineer managing security for Protected B classified environments. Responsible for implementing security controls for cloud deployments and ensuring compliance with Canadian government standards.

🕒 May 26

nesto

501 - 1000

💳 Fintech

💸 Finance

🏠 Real Estate

Cloud Security Developer at nesto designing and maintaining cloud security solutions. Collaborating with teams to ensure security and integrity of cloud infrastructure.

🇨🇦 Canada – Remote

💰 $80M Series C - Nesto on 2022-12

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

🗣️🇫🇷 French Required

🕒 May 26

nesto

501 - 1000

💳 Fintech

💸 Finance

🏠 Real Estate

Cloud Security Developer at nesto ensuring security of cloud infrastructure and applications. Collaborating with teams to implement and maintain robust security practices in a dynamic environment.

🇨🇦 Canada – Remote

💰 $80M Series C - Nesto on 2022-12

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

🗣️🇫🇷 French Required

🕒 May 22

NerdWallet

501 - 1000

Security Software Engineer developing AI-powered security systems at NerdWallet. Collaborating with engineering teams to address security vulnerabilities and enhance software development practices.

🇨🇦 Canada – Remote

💵 CA$123k - CA$188k / year

💰 Secondary Market on 2021-05

⏰ Full Time

🟡 Mid-level

🟠 Senior

👮‍♂️ Cybersecurity / Security Engineer

🕒 May 21

Akamai Technologies

5001 - 10000

🔒 Cybersecurity

Security Consultant at Akamai responsible for customer success and support integration with security products. Collaborating with account teams and security experts to develop effective strategies.

🇨🇦 Canada – Remote

💵 CA$70.6k - CA$127k / year

💰 Post-IPO Equity on 2001-07

⏰ Full Time

🟢 Junior

🟡 Mid-level

👮‍♂️ Cybersecurity / Security Engineer