Senior Application Security Engineer

Canada

Cority

Learn why over 1,400 global organizations trust Cority to provide their EHS software and OHS software. We are the most trusted provider of EHS software.

View company page

Cority is the global enterprise EHS software provider creating industry-leading technology to empower those who transform the way the world works.  For over 35 years, Cority has been powered by the spirit of innovation, deep domain expertise, and a commitment to integrity that enables higher levels of operational and sustainable performance with the most comprehensive, human-centered, and secure SaaS platform to help workers and businesses thrive in 100 countries around the world.  The company enjoys the industry’s highest levels of client satisfaction and has received many awards for its strong employee culture and outstanding business performance. To learn more, visit www.cority.com.
The role of an application security engineer is multifaceted and critical for any organization that relies on software applications for its operations. They act as the vanguard of application security, ensuring the robustness and reliability of software systems. Application security engineers are responsible for establishing and enforcing security standards and best practices within an organization.
They conduct regular security assessments, identify vulnerabilities, and work with development teams to remediate them. They also keep up-to-date with the latest security threats, trends, and countermeasures to ensure that the organization's applications are always protected.
Security reviews from third party auditors involve evaluating applications for potential vulnerabilities and non-compliance with security standards. The application security engineer will work with third parties to design the audit, and interpret the results. Post-audit activities include creating tickets for remediation, and providing guidance where needed.
Application security engineers are also responsible for integrating security tools and processes into the DevOps pipeline. This involves automating security checks and scans to identify and fix vulnerabilities early in the development process. By integrating security into the DevOps pipeline, application security engineers help to ensure that security is not an afterthought but a fundamental part of the software development process. These can include static analysis tools, dynamic analysis tools, and penetration testing tools. These tools allow the engineer to identify and fix vulnerabilities in the code and the running application. Knowledge of security technologies like firewalls, intrusion detection systems, and encryption is also important to protect the application from external threats.
Application security engineers have a responsibility to raise awareness about application security within the development teams. They may conduct training sessions for developers and other IT professionals on secure coding practices, security standards, and the latest security threats and countermeasures. These can include frameworks like the OWASP Top Ten, a standard awareness document for developers and web application security, and standards like ISO 27001.

Qualifications:

  • 5+ years of experience in web application security, secure software development, and cloud security
  • A solid grounding in information security principles, web application security and API security
  • Ability to perform technical analysis of complex software, systems, and underlying infrastructure environments
  • Exception tracking, reporting, and drive to closure
  • The ability to work on complex projects across multiple groups and geographies
  • Excellent collaboration and communication skills – the ability to learn swiftly, be a self-starter, and partner with cross-functional teams to gain trust and influence
  • Proactive, accountable, autonomous, and solutions-oriented
  • Bachelor’s degree or equivalent work experience
Cority is committed to a diverse and inclusive work environment. Cority is an equal opportunity employer and does not discriminate based on race, nationality, gender, gender identity, sexual orientation, protected veteran status, age, disability or any other legally protected status. For applicants who would like to request for accommodation please send an email to hr@cority.com.
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: APIs Application security Cloud Compliance DevOps Encryption Firewalls Intrusion detection ISO 27001 OWASP Pentesting SaaS Security assessment Vulnerabilities

Region: North America
Country: Canada
Job stats:  9  2  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.