Doing business to business, person to person. Payworks is a leading workforce management solutions provider and multi-year winner of the Canada’s Best Managed Companies program. We are proudly Canadian as well as committed to developing world-class products and providing a progressive workplace culture where Doing Right by People is our purpose.

With clients of all sizes and more than 600 employees, we currently have an exciting opportunity on our IT Security team for the right candidate. Because when it comes to great people, there’s always room for one more.

DOING RIGHT BY PEOPLE – IT’S WHAT WE DO

Reporting to the Senior Manager, Information Security, the Application Security Analyst will be responsible for supporting and contributing to application security efforts within the organization. This role involves ensuring that applications are developed and maintained with robust security measures to protect against vulnerabilities and threats, as well as ensuring applications provided to customers contain industry leading security features and functions.

WHY YOU SHOULD CHOOSE PAYWORKS

• Comprehensive employer paid benefits, including a Health Spending Account, for you and your family and excellent pension plan with employer contributions.
• Plenty of professional development opportunities.
• Community-minded culture – Receive two paid days per year to volunteer and lots of opportunity to “Pay it Forward”.
• Time and flexibility to meet your needs – Hybrid work model with flexible work options, plus 3 weeks vacation to start, flex time and parental leave benefits.
• Cool perks – Annual Lifestyle Spending Account, fun office environment and events, and more!

BUILD.SECURE.COLLABORATE – IT’S WHAT YOU’LL DO

• Embed security in development — Contribute to and support Payworks’ application security strategy. Assist in implementing software security practices, processes, and technologies within the development lifecycle. Collaborate with QA, Product Management, Privacy, and Business Analyst teams to support security requirements on every project.
• Assess vulnerabilities — Assist in identifying, researching, and resolving potential risks, threats, vulnerabilities, and exploits in internally developed software, including third-party dependencies and integrations. Participate in security assessments, code reviews, and penetration testing activities.
• Manage security tools — Support the deployment and administration of SAST/DAST tools and web application firewalls. Assist in integrating security tooling into the CI/CD pipeline. Evaluate and support security tooling for AI/ML development environments and AI-assisted coding platforms.
• Assess AI security risks — Support security considerations in AI development lifecycles including model training pipelines, data handling, and AI system integrations. Collaborate on security assessments of agentic AI systems and autonomous agents to identify potential risks and vulnerabilities.
• Support incident response — Work closely with the SOC team to investigate and respond to application-related threats, security events, and incidents. Build proactive mitigation methods using technologies such as web application firewalls.
• Audit, document & report — Perform security audits to evaluate the effectiveness of security controls. Contribute to comprehensive documentation of application security processes, assessments, and architecture. Generate reports on application security metrics, vulnerabilities, and remediation progress for management and stakeholders.
• Build security awareness — Conduct and manage application security awareness training for employees. Work closely with development groups to ensure modern programming languages are used and that secure coding best practices are followed.

WHAT YOU’LL NEED TO SUCCEED

• Bachelor’s Degree in Computer Science, BIT – Application Development Diploma or related studies, and/or equivalent combination of education and experience.
• 5+ years of programming experience.
• Proven expertise in security industry processes and secure coding best practices.
• Demonstrated experience with Microsoft .NET (VB/C#), ASP.NET, Microsoft IIS, Microsoft SQL Server, and Git source control.
• Experience with Microsoft SQL Server and T-SQL queries.
• Strong analytical and troubleshooting skills.
• Excellent communication skills — able to communicate security risks clearly to both technical and non-technical stakeholders.
• A team player who shares technical knowledge and values ongoing professional development.

BONUS SKILL SET

• Experience with Agile software development methodologies and tools such as the Atlassian product suite (Bitbucket, Bamboo, Jira, Confluence) or Azure DevOps would be considered an asset.
• Experience with HTML, JavaScript, Vue.js, and modern CSS technologies such as CSS3, Foundation, and SCSS would be considered an asset.
• Experience with Web Application Firewalls and SAST/DAST technologies such as Citrix Netscaler, Checkmarx, or Synopsys WhiteHat Security would be considered an asset.
• Understanding of AI/ML security principles including prompt injection, model security, and data privacy considerations in AI systems.
• Awareness of security challenges in AI development including adversarial attacks, model poisoning, and agentic AI system vulnerabilities.
• CSSLP and CISSP certifications considered an asset.

We are proud to support a Flexible Work Plan that recognizes the diverse needs and lifestyles of our people. The Application Security Analyst has the option to work fully from the Payworks office in Calgary or on a hybrid work model, working in the office at least three (3) days a week. This role may require participation in an on-call rotation for after-hours support, including evenings, weekends, and holidays, as needed.

Payworks is committed to providing an inclusive, accessible environment, and collaborating with employees, clients and guests to identify and effectively remove barriers, in a manner that respects the principles of independence, dignity, integration, reasonable accommodation and equal opportunity. Payworks welcomes and encourages applications from all persons. Individuals applying for employment with Payworks may request accommodations at all stages of recruitment and employment from Human Resources.

Employees at Payworks’ come from different backgrounds, and we celebrate those differences. We are looking for the best candidate for this opportunity, but do not expect applicants to meet every qualification in order to be considered.

Payworks does not use artificial intelligence (AI) technologies in the screening, assessment, or selection of applicants at any stage of the hiring process.

This posting is for an existing vacancy within our team.