Software developer transition to application security engineer
I’m currently working in Canada at a small-to-medium company where my role has gradually evolved from mainly full-stack software development. I was 507 in CEC and I got tie break when the draw get closer to 507. I retook my IELTS and boosted up yesterday to 510. However, as it is hard to get selected, I discussed with my employer to give me a job description for application security engineer because my responsibilities are also security issues in my job.
My responsibilities now include:
- implementing secure authentication and authorization
- securing APIs and sensitive data
- working with AWS S3 pre-signed URLs and protected file access
- reviewing and mitigating application vulnerabilities
- improving secure coding practices
- handling some infrastructure and application security responsibilities alongside software development
Because of this transition, my manager and I discussed updating my role title to “Application Security Software Engineer,” since my work is now a hybrid of software engineering and application security.
I’m trying to understand whether this title and job scope realistically align with STEM / application security related occupations for Canadian immigration purposes, especially under category-based selection.
I’m not trying to force a mismatch or fake a role because in the past that I applied for open work permit I mentioned software engineer in Imm forms. I genuinely perform both software engineering and application security tasks but I’d like honest feedback from others in tech or immigration who may have gone through something similar.
Would this be considered a reasonable and defensible transition based on the duties involved?