API Security Engineer at Confidential company
About the Job
Hi,
Please check the below details and let me know your thoughts.
Job Title: API Security Engineer
Job Location: Remote Position (No West Coast Candidates)
Job Duration: 12+ Months
Job Description:
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
Bachelor’s degree in a relevant technology field or equivalent combination of education and work experience.
8+ years of engineering or other IT/Security work experience relevant to the position.
Five or more years of interdisciplinary experience in 4 or more of the following: Access Control Systems, Application Security, Application SDLC, Operating Systems, Cryptographic Controls, API Security, and Networking.
Excellent communications skills as well as the ability to build effective relationships with business leaders and stakeholders. Ability to manage multiple, diverse tasks simultaneously and effectively prioritize work; strong organizational skills in a results-oriented environment.
Willingness to work in a highly collaborative environment.
Ability to effectively communicate with technical and non-technical stakeholders.
Solid understanding of IT security best practices. Skilled in designing, implementing, and supporting complex technical solutions.
Ability to troubleshoot complex operational issues.
Extensive experience designing, developing, and implementing serverless solutions within AWS.
Extensive development experience with different API capabilities.
Experience in building and deploying Jenkins pipelines.
Previous experience automating security controls within CI/CD pipelines a plus.
Previous microservice development a plus.
Previous experience in application vulnerability remediation a plus.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Provides expert technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions for securing APIs.
Acts as an internal consultant, advocate, mentor, and change agent.
Viewed as an Information Security expert and critical technical resources across multiple technical areas and business segments.
Partners with other groups to ensure solid, cross-functional decisions are made as a team.
Maintains and demonstrates a strong understanding of enterprise systems, policies, standards, regulatory requirements, and business drivers.
Represents Information Security at enterprise review meetings (ITAC, NPI Reviews, Production Readiness, etc.).
Adheres to and promotes compliance to Information Security policies, standards and best practices.
Leads process improvement and risk mitigation initiatives.
Coaches and mentors more junior staff.
This position will perform the following functions:
API Security
API Scanning
Process Automation
Testing
API Architecture
API Design and Lifecycle management
Work with other dev teams to integrate new security-focused API initiatives and provide support to IT Teams through API integrations.
Provide clear and concise documentation on delivered code as well as customer onboarding and support documentation
Work collaboratively in an agile environment
The contractor must be available for on-call support.
The contractor must work EST hours and be available for off-hours support if issues arise.
Must Have:
API Development
API Discovery
API Scanning
API Security Tooling
AWS API Gateway
AWS Lambda
CICD Pipeline
Cloud Engineering
IaC/Terraform
Python
SAST/SCA Experience
Secure Code Tooling
Security Engineering
serverless engineering
Nice To Have:
AWS ECS Fargate
Groovy (Programming Language)
Please check the below details and let me know your thoughts.
Job Title: API Security Engineer
Job Location: Remote Position (No West Coast Candidates)
Job Duration: 12+ Months
Job Description:
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
Bachelor’s degree in a relevant technology field or equivalent combination of education and work experience.
8+ years of engineering or other IT/Security work experience relevant to the position.
Five or more years of interdisciplinary experience in 4 or more of the following: Access Control Systems, Application Security, Application SDLC, Operating Systems, Cryptographic Controls, API Security, and Networking.
Excellent communications skills as well as the ability to build effective relationships with business leaders and stakeholders. Ability to manage multiple, diverse tasks simultaneously and effectively prioritize work; strong organizational skills in a results-oriented environment.
Willingness to work in a highly collaborative environment.
Ability to effectively communicate with technical and non-technical stakeholders.
Solid understanding of IT security best practices. Skilled in designing, implementing, and supporting complex technical solutions.
Ability to troubleshoot complex operational issues.
Extensive experience designing, developing, and implementing serverless solutions within AWS.
Extensive development experience with different API capabilities.
Experience in building and deploying Jenkins pipelines.
Previous experience automating security controls within CI/CD pipelines a plus.
Previous microservice development a plus.
Previous experience in application vulnerability remediation a plus.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Provides expert technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions for securing APIs.
Acts as an internal consultant, advocate, mentor, and change agent.
Viewed as an Information Security expert and critical technical resources across multiple technical areas and business segments.
Partners with other groups to ensure solid, cross-functional decisions are made as a team.
Maintains and demonstrates a strong understanding of enterprise systems, policies, standards, regulatory requirements, and business drivers.
Represents Information Security at enterprise review meetings (ITAC, NPI Reviews, Production Readiness, etc.).
Adheres to and promotes compliance to Information Security policies, standards and best practices.
Leads process improvement and risk mitigation initiatives.
Coaches and mentors more junior staff.
This position will perform the following functions:
API Security
API Scanning
Process Automation
Testing
API Architecture
API Design and Lifecycle management
Work with other dev teams to integrate new security-focused API initiatives and provide support to IT Teams through API integrations.
Provide clear and concise documentation on delivered code as well as customer onboarding and support documentation
Work collaboratively in an agile environment
The contractor must be available for on-call support.
The contractor must work EST hours and be available for off-hours support if issues arise.
Must Have:
API Development
API Discovery
API Scanning
API Security Tooling
AWS API Gateway
AWS Lambda
CICD Pipeline
Cloud Engineering
IaC/Terraform
Python
SAST/SCA Experience
Secure Code Tooling
Security Engineering
serverless engineering
Nice To Have:
AWS ECS Fargate
Groovy (Programming Language)
Best regards,
Durgavani
629-247-8318
durga@cozentech.com