Wealthsimple

Frontier AI Security Threat Hunter

Wealthsimple • $100K — $130K *
US-AnywhereRemote in Canada
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in offensive security testing roles (penetration testing, red teaming, etc.)
  • Experience with AI or automation-assisted security tools
  • Strong technical skills in cloud-native architectures (preferably AWS)
  • Comfort with novel tools and ambiguity in problem solving
  • Understanding of penetration testing methodologies like NIST SP 800-115

Responsibilities

  • Design and run automation-driven attack campaigns against Wealthsimple's products
  • Develop realistic AI attack scenarios considering specific risks and constraints
  • Improve the automated testing pipeline and workflows alongside engineers
  • Review AI-generated findings to separate high-impact vulnerabilities
  • Support engineers in the remediation process and verify root cause fixes

Benefits

  • Top-tier health benefits and life insurance
  • Long-term group savings plan with employer match
  • 20 vacation days, 4 wellness days, and unlimited sick/mental health days
  • Work remotely outside Canada for up to 90 days per year
  • Employee resource groups promoting diversity and inclusion
Full Job Description
About the team

We're building a new AI-enabled adversarial testing capability whose mandate is simple but ambitious: find all the ways Wealthsimple can be exploited before our AI-enabled adversaries do. This group combines penetration testing, secure code analysis, and attack simulation R&D to continuously probe Wealthsimple's systems using a combination of automation, autonomous AI agents, and human expertise. If you want to build an automated, end-to-end clearbox pentesting/red teaming platform, this is the team doing it!

You'll join as an individual contributor on this team, reporting into the Manager, Application Security, working alongside a platform engineer, security researcher, and the application security team.

About the role

As a Frontier AI Security Penetration Tester, you'll be a hybrid builder and breaker:
  • Design and run automation-driven attack campaigns against Wealthsimple's products and infrastructure including activities like:
    • Designing realistic AI attack scenarios that account for:
      • Attacker goals, initial access assumptions, and constraints.
      • Success criteria and clear boundaries for safety.
      • Wealthsimple-specific risks, design flaws, trust boundaries, and risk tolerance
    • Use and evolve our AI agents and tooling to:
      • Perform recon, vulnerability probing, confirmation, impact analysis, exploitation, and post-exploitation in safe environments.
  • Help shape and improve the automated testing pipeline: how we model assets, orchestrate agents, run automated workflows, and turn noisy outputs into actionable findings. You'll work closely with a platform engineer and a researcher to
    • improve how scenarios and workflows are modeled and automated so we can automate the replay of promising attack paths.
    • build and improve AI agents and tooling
    • Propose and validate new tools or capabilities that unlock richer attack behavior
    • Learn to use our native and in-house tooling to find more
  • Work across the stack with platform engineers, AppSec, and other security teams to make automated and AI adversarial testing a routine, high-signal part of our SDLC. This includes:
    • reviewing AI-generated findings to separate high-impact vulnerabilities from noise and false positives.
    • Enhance proofs-of-concept into clear, reproducible steps for engineering teams and new automations
    • Support remediation by pairing with engineers when needed and verifying that fixes address the root cause.


You'll have substantial influence on the team's roadmap through experimentation and R&D.

People who will succeed in this role are
  • Courageously Ambitious - they enthusiastically tackle big audacious goals.
  • Deeply Human- they take responsibility for bringing the best out of themselves and others.
  • Problem Solvers - they have the ability and resilience to tackle complex issues, find common patterns, design solutions for scale, and see them through.
  • Enthusiastic Communicators - they capture and share learnings by default, and are always looking to implement suggestions for improvements and guardrails
  • Embraces change and experimentation - treat campaigns and framework changes as experiments. Thoughtfully define hypotheses, evaluation criteria, and success metrics, then analyze outcomes and share results with the team to guide next iterations.


Skills and Experience
Required
  • Experience building AI- or automation-assisted offensive security tools.
  • Experience (5+ years preferred) in offensive security testing domains like penetration testing, red teaming, threat hunting, or attack simulations in complex environments with a proven history of working cross-functionally with high functioning teams.
  • Strong technical skills in:
    • Reading and reasoning about code and system designs.
    • Understanding modern cloud-native architectures (preferably AWS).
    • Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and application deployment stacks.
    • Knowledge of standard penetration testing methodologies, including NIST SP 800-115.
    • Familiarity with LLM- or agent-based systems (tool use/function calling, prompt design).
  • Comfort working with novel tools and ambiguity:
    • You're already experimenting with AI agents and have always had a scale and automation-first mindset to testing and discovering new vulnerabilities.
    • You can turn open-ended problems into small, testable steps.
Preferred but not required:
  • Familiarity with Ruby, React, and GraphQL testing
  • Development and/or scripting competence
  • AWS testing experience
  • Previous industry experience in Financial Services


🌸 Top-tier health benefits and life insurance

Long-term group savings with employer match, through Wealthsimple for Business

20 vacation days, 4 wellness days, and unlimited sick and mental health days per year

90 days away: work outside Canada for up to 90 days per year

Employee resource groups, including Rainbow (2SLGBTQ), Women of WS, and Black at WS

We are a hybrid team with over 1,500 employees across North America. The people are one of the best parts of working here: you'll collaborate with incredibly talented, curious, and driven teammates who are deeply committed to doing great work.

ICYMI

Technology & Innovation at Wealthsimple: We move quickly and build thoughtfully. That means we're always looking for better ways to work - whether that's new tools, AI, or rethinking how we approach a problem. We don't expect you to have all the answers, but we do expect curiosity and a willingness to evolve alongside the products we're building.

About Wealthsimple

Wealthsimple is a financial services company that provides online investment management and trading services. The company's platform allows users to invest in a variety of financial products, including stocks, bonds, and exchange-traded funds (ETFs), and offers a range of tools and resources to help users manage their investments. Wealthsimple also offers a high-interest savings account and a tax preparation service. The company was founded in 2014 and is headquartered in Toronto, Canada.
Learn more about Wealthsimple
Size
500 employees
Industry
Founded
2014

Similar Jobs

More Jobs at Wealthsimple

More Information Technology Jobs

Find similar Frontier AI Security Threat Hunter jobs: