Senior Software Engineer, .NET Risk Mitigation - Temporary

Aviso: At Aviso, we are dedicated to improving the financial well-being of Canadians. As a leading wealth management organization, we are committed to leadership, innovation, partnership, responsibility, and community. Working with talented and energetic professionals who exemplify our values every day, you will quickly notice that our people and dynamic ‘oneaviso’ culture sets us apart. If you are looking for interesting and challenging work, at a company committed to its people, find out more about what Aviso has to offer at www.aviso.ca. The Opportunity: We’re looking to fill an opening for a Senior Software Engineer to join our Information Technology team for 12 months. Reporting to the Manager, Software Engineering, the Senior Software Engineer ensures adherence to engineering standards and best practices. This role provides technical guidance to software engineers, collaborating with product leaders and partners to define scalable solutions, while contributing to investigating security scan findings at the code level, distinguishing real vulnerabilities from false positives and driving issues to full remediation. The role requires strong backend and web application knowledge, plus the ability to clearly defend technical decisions and collaborate with developers, security, and business teams to meet strict security standards. Who you are: • Service – You put your clients’ needs first. You advocate service excellence, and work to deliver client-centric solutions, and proactively develop strategic partnerships that allow Aviso Wealth to become a trusted advisor and partner • Execution – You are committed to achieving your goals and to succeed. This includes focusing on “getting things done”, as well as recognizing and taking advantage of opportunities as they arise. You are consistently looking for ways to improve your personal best and see value in continuous improvement. You take accountability for your actions and learn from mistakes • Collaboration – You work collaboratively with others with the common goal of driving positive results. Making meaningful contributions to your team to achieve organizational goals is a priority. You proactively encourage collaboration, build trust and inclusion, and work to establish effective relationships both inside and outside of the organization

What your day looks like: • Review application code and security scan results (e.g., Checkmarx) to identify real vulnerabilities vs. false positives • Investigate findings at the code level to determine which implementation triggers violations • Partner with developers to explain issues, validate fixes, and recommend secure alternatives • Lead technical discussions to challenge false positives and defend decisions with evidence • Work closely with security, DevSecOps, and engineering teams to ensure policies are met without unnecessary disclaimers • Push to fully remediate issues (target = zero findings) rather than accept risk where possible • Support API, backend (.NET), and web‑based applications with a security‑first mindset • Balance security requirements with business and delivery timelines • Continuously improve understanding of secure coding practices and evolving threat patterns