Job Description
Job Title:  Sr Application Security Engineer
Requisition ID:  32652
Location:  Calgary, AB, CAN, T2J 7E8
| Saskatoon, SK, CAN, S7K 5R6
Workplace Type:  On-Site
Experience Level:  Mid-Senior Level
Job Type:  Full Time

 

Nutrien is a leading provider of crop inputs and services, and our business results make a positive impact on the world. Our purpose, Feeding the Future, is the reason we come to work each day. We’re guided by our culture of care and our core values: We put safety first. We act with integrity. We are stronger together. We deliver with excellence.

 

Through the collective expertise of our nearly 26,000 employees, we operate a world-class network of production, distribution, and ag retail facilities. We efficiently serve growers' needs and strive to provide a more profitable, sustainable, and secure future for all stakeholders.  Help us raise the expectation of what an agriculture company can be and grow your career with Nutrien.  

 

This Sr. Level role is to help development teams build and run software more securely without slowing them down. This role is part of the application security team and works across application development, DevOps, and cyber security to help teams work through vulnerabilities, improve day-to-day security practices, and make better decisions about where to focus on the cyber risk areas. It is also a senior role on the team, so there is an expectation to mentor others, provide practical guidance, and step in when leadership support is needed.

 

The value of the role is that it helps turn security from something teams react to into something that is built into how they work. For the team, that means clearer direction, stronger technical support, and better follow-through on the issues that matter most. For the business, it means reducing avoidable risk, improving consistency across application security work, and giving leadership confidence that security issues are being managed in a practical and accountable way.

The Role:

The Senior Application Cyber Security Lead is a senior technical role responsible for advancing security across the software development lifecycle (SDLC). Working closely with application development, DevOps, cyber security, and IT teams, this position leads the identification, assessment, prioritization, and remediation of vulnerabilities across code, infrastructure, and applications, while providing technical direction on secure development practices, automation, and risk reduction.

 

This role serves as a trusted technical leader and escalation point for application and vulnerability management matters, partnering across teams to drive remediation, influence technical decisions, and support consistent execution across multiple initiatives. The successful candidate will bring strong technical depth, sound judgment, and a strong application development background, along with the ability to provide leadership continuity and decision support when the manager is out of office.

What You'll Do:

 

  • Build strong relationships across application development, DevOps, cyber security, and IT teams to influence secure development outcomes and provide expert technical guidance
  • Lead vulnerability management activities, including prioritization, risk evaluation, progress tracking, and stakeholder communication
  • Monitor emerging business, technology, and cyber security trends and translate insights into practical improvements for development teams
  • Partner with engineering and DevOps teams to evaluate, implement, and optimize vulnerability management capabilities across people, process, and technology
  • Own and enhance key components of vulnerability management and application security solutions in complex enterprise environments
  • Conduct and oversee targeted vulnerability assessments to identify control gaps and evaluate the effectiveness of existing safeguards
  • Apply security and risk frameworks such as ISO 27001-2, PCI DSS, NIST CSF 20, ITIL, COBIT, CVSSv4, OWASP, and MITRE ATT&CK to guide technical decisions and remediation priorities
  • Provide hands-on expertise with vulnerability management and prioritization platforms, driving adoption of risk-based remediation practices
  • Perform root cause analysis on vulnerabilities and work with development and platform teams to determine practical, effective solutions
  • Assess exploitability and business impact in organizational context and recommend remediation strategies that balance risk reduction with operational needs
  • Bring broad cyber security expertise spanning vulnerability management, privacy, incident response, governance, risk and compliance, enterprise security strategy, and security architecture
  • Lead and coordinate cyber security initiatives by shaping plans, driving execution, and communicating status to technical stakeholders and leadership
  • Mentor other team members by sharing technical guidance, supporting development, and helping build consistency across the team’s application security work

What You'll Bring:

 

  • Bachelor’s degree in Computer Science, Information Systems, Engineering, Business, or a related field is preferred
  • Strong understanding of the vulnerability management lifecycle, governance, and risk-based prioritization in enterprise environments
  • Deep familiarity with application security and risk frameworks, including ISO 27001-2, ISO 31000, PCI DSS, OWASP ASVS, NIST frameworks, ITIL, COBIT, CVSSv4, and MITRE ATT&CK
  • Hands-on experience with vulnerability management tools such as Qualys, Tenable, Snyk, and TruffleHog Pro
  • Experience working in Agile development environments
  • Strong understanding of operating systems (Windows, Unix, and MacOS), cloud concepts (including secure build images, ephemeral workloads, and cloud patching), and networking fundamentals
  • Strong application development background, with broad understanding of full-stack application development and mobile development across iOS and Android
  • Experience developing metrics, dashboards, and risk reporting for technical teams and leadership
  • Experience with API security scanning and application security testing approaches
  • Ability to communicate complex technical issues clearly and succinctly to engineers, senior leaders, and business stakeholders
  • Broad knowledge of cyber security practices including secure configuration management, data protection and privacy, security monitoring, incident response, governance, risk and compliance, patch management, and enterprise security architecture
  • Strong written and verbal communication skills with the ability to influence senior management, technical subject matter experts, and cross-functional stakeholders
  • Demonstrated ability to examine issues strategically and analytically, balancing technical depth with practical business outcomes
  • Advanced understanding of the use of AI in application development
  • Experience working in cloud and container environments
  • Penetration testing and application security experience
  • Automation and scripting experience, such as Python or Bash
  • Deep experience in enterprise application development

 

Ready to make an impact with us? Apply today!   

 

The estimated salary that Indeed, Glassdoor and LinkedIn lists does not represent Nutrien's compensation structure. Nutrien is an equal opportunity employer.  We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.   

 

This job will remain posted until filled. In accordance with Nutrien policies, you will be required to undergo a background check, and may be required to undergo a substance test. While we appreciate all applications we receive, only candidates under consideration will be contacted. Applicants must meet minimum age requirements, as permitted by law.   

 

Our Recruitment Process: Application > Resume Review > Pre-screen/Interview > Offer > Pre-Employment Conditions > Welcome to Nutrien  

 

To stay connected to us and for the latest job postings and news, follow us on:  LinkedIn, Facebook, and Instagram.
Apply now
Information at a Glance

GROW WITH US. FEED THE FUTURE.

At Nutrien, we never stop growing, because our world never does. Our size can help us weather a storm, but with that ability comes a great responsibility—to our growers and customers, our employees and shareholders, our communities, and the planet.

NOT READY TO APPLY?

Stay connected by joining our network and we'll keep you informed about upcoming events and opportunities that match your interests.

Talent Community