Description

You will lead the technical strategy for securing APIs through automated scanning, runtime protection, and pattern definition.

Responsibilities

  • Lead technical conversations to establish API management strategies and security patterns.
  • Write security requirements using threat modeling to guide engineers in building secure applications.
  • Engineer automated security solutions and custom APIs using serverless technologies.
  • Collaborate with stakeholders to address information security risks and meet regulatory requirements.
  • Define and implement API discovery, scanning, and security tooling.

Required Skills

  • 8+ years of engineering or IT security experience.
  • Strong expertise in API development, discovery, scanning, and security tooling.
  • Extensive experience designing and deploying serverless solutions using AWS Lambda and AWS API Gateway.
  • Proficiency with Python and IaC using Terraform.
  • Hands-on experience with CI/CD pipelines and Jenkins.
  • Deep understanding of the SDLC and integrating security controls into automated pipelines.
  • Experience with SAST/SCA and secure code tooling.
  • 5+ years of experience in at least four areas: Access Control, Application Security, SDLC, Operating Systems, Cryptographic Controls, API Security, or Networking.
  • Bachelor’s degree in a relevant technology field or equivalent work experience.

Preferred Skills

  • Experience with AWS ECS and Fargate.
  • Proficiency in Groovy.
  • Background in microservices development and application vulnerability remediation.

Education

Any Graduate