Application Security Analyst

Nutrien is a leading provider of crop inputs and services, and our business results make a positive impact on the world. Our purpose, Feeding the Future , is the reason we come to work each day. We're guided by our culture of care and our core values: safety, inclusion, integrity, and results. When we say we care, we mean it.

We're creating an inclusive workplace where everyone feels safe, has a sense of belonging, trusts one another, and acts with integrity. Through the collective expertise of our nearly 26,000 employees, we operate a world-class network of production, distribution, and ag retail facilities. We efficiently serve growers' needs and strive to provide a more profitable, sustainable, and secure future for all stakeholders. Help us raise the expectation of what an agriculture company can be and grow your career with Nutrien.

The role of an Application Security Analyst in a dynamic and fast-paced environment and works with cross-functional teams (cyber security, application development teams, DevOps and IT). The Cyber Application Security Analystwill focus on integrating security throughout the software development lifecycle (SDLC). This includes assistance our dev team in identifying, assessing, and remediating vulnerabilities in code, infrastructure, and applications.

Responsibilities

include collaborating with cross-functional teams to manage code vulnerabilities, implementing automated security testing, and ensuring adherence to cyber security policies and standards. Additionally, the position will be responsible for providing the appropriate teams with guidance on cyber security issues that need to be remediated. The individual must be able to work with and leverage Nutrien global cybersecurity support teams and architecture to provide superior solutions and advice to multiple layers of the Nutrien business teams. The role is meant as an entry level position for those that are starting out in the Cyber Security field.

What You'll DoDevelop rapport with others by demonstrating an understanding of their concerns, needs, and issues, and build an internal network of relationships that can provide advice and support. Consistently deliver quality client services. Monitor progress, manage risk, and ensure key stakeholders are informed about progress and expected outcomes. Stay abreast of current business and industry trends relevant to global development teams, business operations, and cyber security.

Assist engagement with DevOps teams in evaluating vulnerability management tools across people, process, and technology. Work with engagement teams to own distinct portions of vulnerability management solutions tailored to client environments. Perform and control targeted vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls. Familiarity with security and risk standards including ISO , PCI DSS, NIST CSF 2.0, ITIL, COBIT, CVSSv4, OWASP, and the MITRE ATT&CK framework.

Hands-on operational experience with vulnerability management prioritization platforms. Ability to conduct root cause analysis on vulnerabilities and determine feasible technical solutions. Ability to evaluate exploitability and assess the impact of vulnerabilities based on organizational context. Knowledge of general cybersecurity concepts and methods including vulnerability management, privacy, incident response, governance, risk and compliance, enterprise security strategies, and security architecture.

Ability to assist in project management of cybersecurity initiatives, including developing project charters, project plans, and status updates. What You'll BringIt is preferred that you have, or are working on, a bachelor's degree or certificate in Computer Science, Information Systems, Engineering, Business, or a related field. An understanding of the vulnerability management lifecycle and governance. Familiarity with security and risk standards including ISO , ISO 31000, PCI DSS, NIST, ITIL, COBIT, CVSSv4, and MITRE ATT&CK.

Hands-on operational experience with vulnerability management tools (e.g., Qualys, Tenable, Snyk, trufflehog pro). Understanding of various operating systems (Windows, Unix, MacOS); cloud concepts (secure build images, ephemeral workloads, cloud patching); and networking fundamentals. A full understanding of full stack application development and mobile development on iOS and Android. Deep expertise in writing and running queries to prepare metrics reports and dashboards.

Good understanding of scanning tools for APIs. Ability to report issues clearly and succinctly and adapt communication styles to demonstrate vulnerability severity to technical stakeholders and leadership. Knowledge of general cybersecurity concepts and methods including secure configuration management, data protection and privacy, security monitoring, incident response, governance, risk and compliance, patch management, and enterprise security strategies and architecture. Strong written and verbal communication skills with the ability to interact with senior management and technical SMEs.

Ability to examine issues both strategically and analytically.

Experience

working in cloud and container environments. Penetration testing experience. Application security experience. Automation and scripting experience (e.g., Python, Bash).

Enterprise application development experience. Financial services sector regulatory experience. Attack Surface Management experience. Ready to make an impact with us?

Apply todayThe estimated salary that Indeed, Glassdoor and LinkedIn lists does not represent Nutrien's compensation structure. Nutrien is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics. This job will remain posted until filled.

In accordance with Nutrien policies, you will be required to undergo a background check, and may be required to undergo a substance test. While we appreciate all applications we receive, only candidates under consideration will be contacted. Applicants must meet minimum age requirements, as permitted by law. Our Recruitment Process: Application > Resume Review > Pre-screen/Interview > Offer > Pre-Employment Conditions > Welcome to NutrienTo stay connected to us and for the latest job postings and news, follow us on:LinkedIn, Facebook, Instagram , and X .