Manager - Cloud Security

Your career is an investment that grows over time!

Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 4 million users who trust us with more than $70 billion in assets.

Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.

As Manager, Cloud Security, you will lead a team of high-performing security professionals, overseeing the security of our cloud environments which are primarily in AWS. You will collaborate closely with infrastructure, GRC, application security, and vulnerability management teams. Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to support our company’s cybersecurity posture and resiliency. You will report to the Director, Security Engineering and have a mandate to expand the existing team and domain.

In this role you'll have the opportunity to

Collaborate with security and engineering leadership to architect and articulate a scalable and resilient vision and roadmap for secure cloud environments that support business objectives.

Use team rituals to hold DRIs accountable for the outcome of their work while ensuring risks and priorities are proactively communicated with stakeholders. SLA, budget and project delivery estimations are reliable and agreed upon in advance.

Develop programs and recommend necessary changes to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws and future proof against new developments in the industry or potential security incidents.

Act as the primary point of contact for cloud security requirements, initiatives, and escalations with the requisite subject matter expertise. Where necessary, proactively communicate the state of your domain's security posture to both technical and nontechnical stakeholders.

Build and mentor the team, focusing on employee retention and career growth by fostering a 'people first' environment with clearly stated expectations and robust support to achieve high standards.

Define key performance indicators, objectives and key results, and metrics to illustrate efficacy of the cloud security program integrating results with Vulnerability Management, GRC, or Security Operations.

In the first 3 months the ideal candidate will

Complete their initial assessment of the cloud security program and team and be able to articulate to the business key risks and opportunities.

Review and prioritize existing issues with the team and bring any cross-functional work to the appropriate betting tables to secure buy-in from stakeholders.

Take ownership of our vendor relationships specifically for our CNAPP and CWP tools.

In the first 6 months the ideal candidate will

Develop growth plans for the team based on existing needs including any training, conference, or sourcing budget that may be required.

Establish good working relationships with vulnerability management, application security, and platform teams.

Establish what KPIs or SLAs define excellence on this team and establish a strong operating cadence for their direct reports in concert with their peers and management team with at least a 4-month roadmap.

In the first 12 months the ideal candidate will

Prepare their team’s annual roadmap, budget, and headcount plan for the new year with appropriate buy-in from their stakeholders.

Review their team’s performance against stated objectives, evaluate control effectiveness, and highlight any suggested changes to the program.

What you'll bring

Courageously Ambitious - they enthusiastically tackle big audacious goals.

Deeply Human - they understand how to bring the best out of themselves and others.

Problem Solvers - they have the ability and resilience to tackle complex issues.

Significant experience (10+ years preferred) combining individual contributor and leadership roles within cybersecurity, DevOps, and cloud security, with a proven history of working cross-functionally and building high-performing teams.

Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and OSes.

General knowledge of frameworks (NIST CSF, CIS, ISO, SOC 2, PCI DSS).

Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (ArgoCD, Chef, Puppet, Salt, Ansible).

Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.

Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).

Experience working in AWS is preferred.

Previous industry experience in Financial Services is preferred.

Preferably one or more: CISM, CISSP, CISA, GSLC

Preferably one or more offered by AWS, Google or Microsoft, or GCSA, CKA, CCSP, CCSK

Preferably a bachelors or higher degree in cybersecurity, software engineering, or a related field

Why Wealthsimple?

Competitive salary with top-tier health benefits and life insurance

Retirement savings matching plan using Wealthsimple for Business

20 vacation days per year and unlimited sick and mental health days

Up to $1,500 per year towards wellness and professional development budgets respectively

90 days away program: Employees can work internationally in eligible countries for up to 90 days per calendar year

A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)

Company-wide wellness days off scheduled throughout the year

We’re a remote-first team, with over 1,000 employees coast to coast in North America. Be a part of our Canadian success story and help shape the financial future of millions — join us!

We believe the future belongs to those who innovate boldly. At Wealthsimple, every team member is expected to lean into new technologies, including AI, and tooling to rethink how we work, solve problems faster, and create even greater value. We're looking for people who are not just comfortable with change but energized by it. Our commitment is to build a company that evolves at the pace of the world around us, and we want you to help lead that future.

DEI Statement

At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.

Accessibility Statement

Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.

Your career is an investment that grows over time!

Wealthsimple is on a mission to help everyone achieve financial freedom by reimagining what it means to manage your money. Using smart technology, we take financial services that are often confusing, opaque and expensive and make them transparent and low-cost for everyone. We’re the largest fintech company in Canada, with over 4 million users who trust us with more than $70 billion in assets.

Our teams ship often and make an impact with groundbreaking ideas. We're looking for talented people who keep it simple and value collaboration and humility as we continue to create inclusive and high-performing teams where people can be inspired to do their best work.

As Manager, Cloud Security, you will lead a team of high-performing security professionals, overseeing the security of our cloud environments which are primarily in AWS. You will collaborate closely with infrastructure, GRC, application security, and vulnerability management teams. Your role also involves establishing rapport with leadership, as well as internal, consultant, and third-party teams to support our company’s cybersecurity posture and resiliency. You will report to the Director, Security Engineering and have a mandate to expand the existing team and domain.

In this role you'll have the opportunity to

Collaborate with security and engineering leadership to architect and articulate a scalable and resilient vision and roadmap for secure cloud environments that support business objectives.

Use team rituals to hold DRIs accountable for the outcome of their work while ensuring risks and priorities are proactively communicated with stakeholders. SLA, budget and project delivery estimations are reliable and agreed upon in advance.

Develop programs and recommend necessary changes to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws and future proof against new developments in the industry or potential security incidents.

Act as the primary point of contact for cloud security requirements, initiatives, and escalations with the requisite subject matter expertise. Where necessary, proactively communicate the state of your domain's security posture to both technical and nontechnical stakeholders.

Build and mentor the team, focusing on employee retention and career growth by fostering a 'people first' environment with clearly stated expectations and robust support to achieve high standards.

Define key performance indicators, objectives and key results, and metrics to illustrate efficacy of the cloud security program integrating results with Vulnerability Management, GRC, or Security Operations.

In the first 3 months the ideal candidate will

Complete their initial assessment of the cloud security program and team and be able to articulate to the business key risks and opportunities.

Review and prioritize existing issues with the team and bring any cross-functional work to the appropriate betting tables to secure buy-in from stakeholders.

Take ownership of our vendor relationships specifically for our CNAPP and CWP tools.

In the first 6 months the ideal candidate will

Develop growth plans for the team based on existing needs including any training, conference, or sourcing budget that may be required.

Establish good working relationships with vulnerability management, application security, and platform teams.

Establish what KPIs or SLAs define excellence on this team and establish a strong operating cadence for their direct reports in concert with their peers and management team with at least a 4-month roadmap.

In the first 12 months the ideal candidate will

Prepare their team’s annual roadmap, budget, and headcount plan for the new year with appropriate buy-in from their stakeholders.

Review their team’s performance against stated objectives, evaluate control effectiveness, and highlight any suggested changes to the program.

What you'll bring

Courageously Ambitious - they enthusiastically tackle big audacious goals.

Deeply Human - they understand how to bring the best out of themselves and others.

Problem Solvers - they have the ability and resilience to tackle complex issues.

Significant experience (10+ years preferred) combining individual contributor and leadership roles within cybersecurity, DevOps, and cloud security, with a proven history of working cross-functionally and building high-performing teams.

Technical understanding of networks, endpoint, identity, cloud, encryption, data protection and OSes.

General knowledge of frameworks (NIST CSF, CIS, ISO, SOC 2, PCI DSS).

Functional use with cloud tools (CWPP, CSPM, cloud-native application protection platform) and automation (ArgoCD, Chef, Puppet, Salt, Ansible).

Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.

Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).

Experience working in AWS is preferred.

Previous industry experience in Financial Services is preferred.

Preferably one or more: CISM, CISSP, CISA, GSLC

Preferably one or more offered by AWS, Google or Microsoft, or GCSA, CKA, CCSP, CCSK

Preferably a bachelors or higher degree in cybersecurity, software engineering, or a related field

Why Wealthsimple?

Competitive salary with top-tier health benefits and life insurance

Retirement savings matching plan using Wealthsimple for Business

20 vacation days per year and unlimited sick and mental health days

Up to $1,500 per year towards wellness and professional development budgets respectively

90 days away program: Employees can work internationally in eligible countries for up to 90 days per calendar year

A wide variety of peer and company-led Employee Resource Groups (ie. Rainbow, Women of Wealthsimple, Black @ WS)

Company-wide wellness days off scheduled throughout the year

We’re a remote-first team, with over 1,000 employees coast to coast in North America. Be a part of our Canadian success story and help shape the financial future of millions — join us!

We believe the future belongs to those who innovate boldly. At Wealthsimple, every team member is expected to lean into new technologies, including AI, and tooling to rethink how we work, solve problems faster, and create even greater value. We're looking for people who are not just comfortable with change but energized by it. Our commitment is to build a company that evolves at the pace of the world around us, and we want you to help lead that future.

DEI Statement

At Wealthsimple, we are building products for a diverse world and we need a diverse team to do that successfully. We strongly encourage applications from everyone regardless of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status.

Accessibility Statement

Wealthsimple provides an accessible candidate experience. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know, and we will work with you to provide the necessary support and make reasonable accommodations to facilitate your participation. We are continuously working to improve our accessibility practices and welcome any feedback or suggestions on how we can better accommodate candidates with accessibility needs.