Application Security Engineer at Finning in Saskatoon, Saskatchewan, Canada | CAD100,000-120,000 | Kablio

Role

Description

tool integration

vulnerability management

secure coding

threat modeling

ci/cd security

governance

Coordinate with cross-functional teams to ensure alignment on governance and ownership of security tools and processes
Monitor and report on the effectiveness of security controls and posture across public-facing applications
Enable development teams to adopt secure development practices through coaching, resources, and ongoing support
Work with development leads to ensure scorecard compliance and continuous improvement
Promote awareness of emerging security threats and mitigation strategies
Drive the adoption and integration of application security tools and practices across development streams
Engage stakeholders to align security initiatives with business goals
Provide mentorship and technical guidance & training on secure coding, threat modeling, and vulnerability management
Create and maintain documentation for security processes, tools, and standards
Establish and maintain processes for identifying, triaging, and remediating vulnerabilities using automated security tooling
Advise on the integration and operationalization of application security tooling and practices, ensuring development teams are equipped to implement and maintain secure solutions
Communicate security risks, tool performance, and compliance status to leadership and stakeholders
Ensure security tooling is effectively embedded within CI/CD workflows to support scalable and consistent security coverage
Support teams in developing structured processes for managing alerts and remediation
Evaluate and recommend improvements to existing security tooling and practices based on evolving needs and threat landscape
Design and deliver targeted training and enablement programs tailored to development team needs and maturity levels
Collaborate with each development group to establish coding standards, vulnerability and obsolescence management
Act as a liaison between security and development teams to translate security requirements into actionable work items
Promote DevSecOps principles by advising on security automation and fostering shared responsibility
Define governance models for ownership, lifecycle management, and compliance of security tooling

Requirements

security tools

ci/cd

owasp

cissp

communication

application security

Proven track record of working with cross-functional teams to drive security initiatives
Excellent communication and collaboration skills
Hands-on experience with security tools (e.g., GitHub Advanced Security, SonarCloud, SAST/SCA).
Familiarity with OWASP Top 10 and DevSecOps practices.
(Preferred certifications: CISSP, CEH, OSCP.)
Excellent communication and collaboration skills.
Strong knowledge of application security principles and secure SDLC.
Proficiency with CI/CD pipelines and security automation.
Ability to translate technical security concepts into business-relevant language

Benefits

Pension and employee stock purchase plans with company contributions
Great people and place to work with a hybrid work opportunity
Extensive health benefits including group medical and dental benefits, and short-term and long-term disability benefits
Career advancement and training opportunities
For this position, the expected salary range is between $100,000 and $120,000 annually. This range reflects our commitment to providing competitive compensation that aligns with industry standards and your qualifications.

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

has a rich history rooted in providing essential equipment and services to industries like construction, mining, and energy.
operates in key global markets including Canada, South America, and the UK.
specializes in providing solutions for heavy industries, delivering construction, mining, and energy services across vast sectors.
plays a crucial role in powering large-scale infrastructure projects and driving resource development.
offers parts, maintenance, and innovative technological solutions to clients worldwide.
has supported some of the largest and most ambitious projects globally.
has made significant strides in advancing digital technologies and remote monitoring solutions to enhance equipment performance and customer satisfaction.

Culture + Values

Safety First: Ensuring a safe and healthy work environment for all employees.
Integrity: We act with integrity, doing the right thing even when no one is watching.
Customer Success: We aim to create long-term value for our customers and build lasting relationships.
Excellence: We strive for excellence in everything we do and continuously improve.
Innovation: We embrace innovation to stay ahead in the industry and improve the services we offer.
Teamwork: We work together across borders to achieve common goals and respect each other’s contributions.

Environment + Sustainability

2050

Net Zero Emissions Target

Achieving net-zero emissions by this year.

Reduction of greenhouse gas emissions, energy use, and waste generation.
Enhancing energy efficiency and sustainability practices across operations.
Commitment to carbon neutrality across operations through energy reduction and carbon offsetting initiatives.
Innovative technologies such as electric machines and sustainable fuel options are being adopted to lower environmental impact.

Inclusion & Diversity

Striving to achieve a balanced workforce with a focus on increasing female representation in leadership roles.
Ongoing efforts from leadership to improve gender diversity and inclusion.
Programs to ensure an inclusive environment where everyone has equal opportunities to thrive.

Articles

Investor Relations

Fluid Analysis Service

Cat Equipment Repair Services

Role

Description

tool integration

vulnerability management

secure coding

threat modeling

ci/cd security

governance

Coordinate with cross-functional teams to ensure alignment on governance and ownership of security tools and processes
Monitor and report on the effectiveness of security controls and posture across public-facing applications
Enable development teams to adopt secure development practices through coaching, resources, and ongoing support
Work with development leads to ensure scorecard compliance and continuous improvement
Promote awareness of emerging security threats and mitigation strategies
Drive the adoption and integration of application security tools and practices across development streams
Engage stakeholders to align security initiatives with business goals
Provide mentorship and technical guidance & training on secure coding, threat modeling, and vulnerability management
Create and maintain documentation for security processes, tools, and standards
Establish and maintain processes for identifying, triaging, and remediating vulnerabilities using automated security tooling
Advise on the integration and operationalization of application security tooling and practices, ensuring development teams are equipped to implement and maintain secure solutions
Communicate security risks, tool performance, and compliance status to leadership and stakeholders
Ensure security tooling is effectively embedded within CI/CD workflows to support scalable and consistent security coverage
Support teams in developing structured processes for managing alerts and remediation
Evaluate and recommend improvements to existing security tooling and practices based on evolving needs and threat landscape
Design and deliver targeted training and enablement programs tailored to development team needs and maturity levels
Collaborate with each development group to establish coding standards, vulnerability and obsolescence management
Act as a liaison between security and development teams to translate security requirements into actionable work items
Promote DevSecOps principles by advising on security automation and fostering shared responsibility
Define governance models for ownership, lifecycle management, and compliance of security tooling

Requirements

security tools

ci/cd

owasp

cissp

communication

application security

Proven track record of working with cross-functional teams to drive security initiatives
Excellent communication and collaboration skills
Hands-on experience with security tools (e.g., GitHub Advanced Security, SonarCloud, SAST/SCA).
Familiarity with OWASP Top 10 and DevSecOps practices.
(Preferred certifications: CISSP, CEH, OSCP.)
Excellent communication and collaboration skills.
Strong knowledge of application security principles and secure SDLC.
Proficiency with CI/CD pipelines and security automation.
Ability to translate technical security concepts into business-relevant language

Benefits

Pension and employee stock purchase plans with company contributions
Great people and place to work with a hybrid work opportunity
Extensive health benefits including group medical and dental benefits, and short-term and long-term disability benefits
Career advancement and training opportunities
For this position, the expected salary range is between $100,000 and $120,000 annually. This range reflects our commitment to providing competitive compensation that aligns with industry standards and your qualifications.

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

has a rich history rooted in providing essential equipment and services to industries like construction, mining, and energy.
operates in key global markets including Canada, South America, and the UK.
specializes in providing solutions for heavy industries, delivering construction, mining, and energy services across vast sectors.
plays a crucial role in powering large-scale infrastructure projects and driving resource development.
offers parts, maintenance, and innovative technological solutions to clients worldwide.
has supported some of the largest and most ambitious projects globally.
has made significant strides in advancing digital technologies and remote monitoring solutions to enhance equipment performance and customer satisfaction.

Culture + Values

Safety First: Ensuring a safe and healthy work environment for all employees.
Integrity: We act with integrity, doing the right thing even when no one is watching.
Customer Success: We aim to create long-term value for our customers and build lasting relationships.
Excellence: We strive for excellence in everything we do and continuously improve.
Innovation: We embrace innovation to stay ahead in the industry and improve the services we offer.
Teamwork: We work together across borders to achieve common goals and respect each other’s contributions.

Environment + Sustainability

2050

Net Zero Emissions Target

Achieving net-zero emissions by this year.

Reduction of greenhouse gas emissions, energy use, and waste generation.
Enhancing energy efficiency and sustainability practices across operations.
Commitment to carbon neutrality across operations through energy reduction and carbon offsetting initiatives.
Innovative technologies such as electric machines and sustainable fuel options are being adopted to lower environmental impact.

Inclusion & Diversity

Striving to achieve a balanced workforce with a focus on increasing female representation in leadership roles.
Ongoing efforts from leadership to improve gender diversity and inclusion.
Programs to ensure an inclusive environment where everyone has equal opportunities to thrive.

Articles

Investor Relations

Fluid Analysis Service

Cat Equipment Repair Services