Security Threat Hunter

🕒 June 3

🇨🇦 Canada – Remote

💵 CA$151.2k - CA$189k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🕵️ Threat Intelligence Specialist

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Wealthsimple

Wealthsimple

1001 - 5000 employees

Founded 2014

💳 Fintech

🏦 Banking

💸 Finance

🔥 Funding within the last year

💰 $393M Series E - Wealthsimple on 2025-10

Fintech • Banking • Finance

Wealthsimple is a Canadian financial technology company that provides consumer banking, investing, and wealth management services. It offers chequing accounts, savings, credit cards, self-directed trading (stocks, ETFs, options), cryptocurrency trading, managed portfolios, tax services, and advisory wealth management for high-net-worth clients. Wealthsimple combines digital-first banking and low-fee investing products aimed at retail customers, along with tools and educational content to support personal finance.

📋 Description

• Design and run automation-driven attack campaigns against Wealthsimple’s products and infrastructure including activities like: • Designing realistic AI attack scenarios that account for: • - Attacker goals, initial access assumptions, and constraints. • - Success criteria and clear boundaries for safety. • - Wealthsimple-specific risks, design flaws, trust boundaries, and risk tolerance • Use and evolve our AI agents and tooling to: • - Perform recon, vulnerability probing, confirmation, impact analysis, exploitation, and post-exploitation in safe environments. • Help shape and improve the automated testing pipeline: how we model assets, orchestrate agents, run automated workflows, and turn noisy outputs into actionable findings. You’ll work closely with a platform engineer and a researcher to improve how scenarios and workflows are modeled and automated so we can automate the replay of promising attack paths. • Build and improve AI agents and tooling • Propose and validate new tools or capabilities that unlock richer attack behavior • Learn to use our native and in-house tooling to find more • Work across the stack with platform engineers, AppSec, and other security teams to make automated and AI adversarial testing a routine, high-signal part of our SDLC. This includes: • - Reviewing AI-generated findings to separate high-impact vulnerabilities from noise and false positives. • - Enhance proofs-of-concept into clear, reproducible steps for engineering teams and new automations • - Support remediation by pairing with engineers when needed and verifying that fixes address the root cause.

🎯 Requirements

• Experience (5+ years preferred) in offensive security testing domains like penetration testing, red teaming, threat hunting, or attack simulations in complex environments with a proven history of working cross-functionally with high functioning teams. • Strong technical skills in: • - Reading and reasoning about code and system designs. • - Understanding modern cloud-native architectures (preferably AWS). • - Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks. • - Knowledge of standard penetration testing methodologies, including NIST SP 800-115. • - Familiarity with LLM- or agent-based systems (tool use/function calling, prompt design). • Comfort working with novel tools and ambiguity: • - You’re already experimenting with AI agents and have always had a scale and automation-first mindset to testing and discovering new vulnerabilities. • - You can turn open-ended problems into small, testable steps.

🏖️ Benefits

• Top-tier health benefits and life insurance • Long-term group savings with employer match, through Wealthsimple for Business • 20 vacation days, 4 wellness days, and unlimited sick and mental health days per year • 90 days away: work outside Canada for up to 90 days per year • Employee resource groups, including Rainbow (2SLGBTQ), Women of WS, and Black at WS

Apply Now