Application Security Analyst, Markham, Carlton One Engagement

Published 2022-07-13
Expires 2022-08-13
ID #1085506197
Application Security Analyst, Markham, Carlton One Engagement
Canada, Ontario, Markham,
Published July 13, 2022

Job details:

Job type: Full time
Contract type: Permanent
Salary type: Monthly
Occupation: Application security analyst

⇐ Previous job

Next job ⇒     


Can work be meaningful? Can it mean more than money, meetings, projects and deadlines? Can companies create positive climate eco-action? Can they do well, and do good? We’re staking our business on ‘Yes’ to every one of those questions. 

Carlton One Engagement (carltonone.com) is a B2B technology company that helps make work mean more within employee recognition, sales performance, loyalty, and reward management industries around the world. With over 450 clients, 10 million actively engaged members across 185 countries with an annual growth rate of 40% you will be joining a team with a proven, global track record. Each of our technology products fuel our eco-action mission of funding tree planting around the world. We have already funded 12.5 million trees, and are growing to achieve a goal of 100 million trees every year.

To get to there, we need you here. We need your drive, your curiosity, and your belief that you can help change the world. Today, our Security department is looking for a talented Application Security Analyst. If this is you, and you share our vision of a more meaningful career, please apply for this opportunity so that we can grow together. 

Job Description:

The application security analyst will be responsible for the testing and reporting of application vulnerabilities within CarltonOne’s SaaS systems. The applicant will be expected to have a thorough understanding of modern web application architecture, web technologies, and how to detect and correct vulnerabilities found within web applications. The applicant will not be expected to provide code patches to correct errors, but will be expected to effectively communicate with the development team to provide suggestions for fixes to mitigate issues found. Additionally, the applicant will be expected to schedule and manage the annual penetration testing of SaaS platforms by third-party testing services.


Creation of automated test routines using provided testing tools of SaaS platforms

Conduct manual testing of SaaS platforms

Open and follow bug tickets when vulnerabilities are found

Provide feedback and aid to development teams in mitigating issues

Provide confirmation that issues are solved

Aid in the integration of automated testing tools into CI/CD pipelines

Verify and manage vulnerability reports submitted from clients and other external parties

Required Knowledge, Skills, Experience:

Good communication skills (written & verbal)

Understanding of modern web application architecture (MVC, CDN, Mobile, Responsive design)

Understanding of web technologies, protocols, and security headers (HTTPS, TLS, CSP, CORS, HTML, Javascript)

Experience with automated dynamic application security testing tools (Burpsuite preferred)

Experience with automated static application security testing tools (SonarQube preferred)

Experience with ticket/issues management systems & processes

Additional Perks:

Here are some additional “Perks” that we provide:

Hybrid work environment

All employees are eligible to earn Bravo reward points

Access to our “Employee Benefits” portal – you can save hundreds of dollars annually

Proximity to public transit

Monthly company-wide events, great parties, and trips

How to Apply

If this opportunity looks incredible to you, we look forward to hearing from you. Our online application will give you the option to apply to this role directly.

We value diversity and inclusion and encourage all qualified people to apply. If you need assistance to accommodate a disability, you may request an accommodation at any time, please contact us with the “Help” button in the application.

We will review applications, with priority given to those who have completed the assessment and look forward to hearing from you.


⇐ Previous job

Next job ⇒     


Contact employer

    Employer's info

    Carlton One Engagement
    Registered on October 7, 2017


    Quick search:


    Type city or region


    Category info:

    Architecture is both the process and the product of planning, designing, and constructing buildings and other physical structures. Architectural works, in the material form of buildings, are often perceived as cultural symbols and as works of art. Historical civilizations are often identified with their surviving architectural achievements. The term architecture is also used metaphorically to refer to the design of organizations, software, and other abstract concepts. Construction is the process of constructing a building or infrastructure. Construction differs from manufacturing in that manufacturing typically involves mass production of similar items without a designated purchaser, while construction typically takes place on location for a known client. Construction as an industry comprises six to nine percent of the gross domestic product of developed countries. Construction starts with planning, design, and financing; and continues until the project is built and ready for use.

    awaiting description

    Source: https://en.wikipedia.org/