Your browser cookies must be enabled in order to apply for this job. Please contact if you need further instruction on how to do that.

Application Security Specialist

Engineering | Toronto, Ontario, Canada | Full Time

Job Description

About Us

Do you want to be a part of something disruptive and change an entire industry?  Do you want to be a part of a best-in-class culture?  Do you want to be in the first wave of individuals to help shape the growth of a company?  If you are excited about anything you just read, we’d love for you to be a part of the Upchain team!

At Upchain, we are looking to turn the PLM (Product Lifecycle Management) industry on its head.  By 2021, many projects the SaaS PLM industry to be worth over $40 Billion USD, and we are driven to make our mark!  We have the product, we have the vision, and we have the plan…now we need a great team to execute!

Job Description

The Upchain Application Security Specialist is a leadership position covering the security needs for a SaaS based deployed application. The specialist is experienced in an n-tiered cloud software architecture covering development, test and deployment. The specialist is proactive in assessing penetration tests, static and dynamic security scans within the development life cycle and in production. In addition, the specialist is proactive in defining best practices and enforcing multi-site development access, privileges and controls.


Application Security Specialist Responsibilities:

  • Application and Network Security scans using static and dynamic analysis
  • Establish the Security Information and Event Management (SIEM) strategy
  • Security tools’ selection analysis and be an integral part of the decision making
  • Identify security abnormalities and trigger early notification before an event occurs
  • Proactively track and monitor the systems and environment for security attacks
  • Proactive on the latest vulnerabilities and exploits
  • Deep understanding OWASP and application security issues such as Cross-Site Scripting (XSS), SQL injection, man-in-middle and (D)DOS attacks
  • Perform periodic security audits, penetration tests and security assessment on every product release
  • Track the resolution and disposition of all security issues identified during development and in production
  • Define best practices for access control privileges and controls
  • Provide guidance to application engineers in writing secure safe code
  • Collaborate with DevOps and Hosting operations in CICD
  • Provide security technical support in production when needed


Application Security Specialist Qualifications & Skills:

  • Bachelor's / Master’s Degree in Computer Science or related field
  • CISSP certified will be an asset
  • Over 5 years’ experience in Network and Application Security
  • Over 3 years’ experience in web/Java multi-tiered application using Sql Server and MySql
  • Over 3 years’ experience in security protocols including https, crypto ciphers, IPsec, VPN, SFTP