PhoenixRecruiter Since 2001
the smart solution for Phoenix jobs

API Security Engineer

Company: TEKsystems Careers
Location: Phoenix
Posted on: September 2, 2024

Job Description:

Open to new opportunities!? API Security Engineer with a Fortune Top 10 giant! Hybrid to Phoenix, AZ
*Description:*
Our client is seeking an API Security Engineer with proven strong technical competence and leadership capability to contribute towards the success of enterprise wide API security initiatives. The API Security Engineer serves as a subject matter expert in API security, performs threat modeling of APIs and plays an integral role in managing, monitoring & reporting on API security risk reduction. The API Security Engineer supports the security champion practice by evangelizing API security principles and controls.
Primary Responsibilities

  • Perform ongoing governance and follow-through with API owners to ensure implementation of threat based requirements.
  • Develop, deliver and keep up-to-date API security standard requirements and design patterns.
  • Validate implementation of API security controls against outputs of vulnerability testing tools to enable auditability and verifiability.
  • Serve as an API security technical advisor to application teams.
  • Evangelize API security design principles.
  • Be recognized as an API security subject matter expert within the organization.
    Security and Technical Experience
    • Direct hands on experience developing and securing web APIs and web applications: REST, SOAP, gRPC.
    • Direct hands-on experience with security testing of web services and web APIs.
    • Solid hands-on experience with leading threat modeling exercises for applications and services.
    • Solid understanding of risk management, security architecture and secure SDLC practices.
    • Strong experience and understanding of API identity and access management controls: OAuth 2.0, OIDC, JWT
    • Strong experience and understanding of familiarity with cryptography controls: Data at rest, in motion and in-use.
    • Experience with industry standards and frameworks: NIST 800-53, NIST CSF, OWASP, SANS Top 25.
    • Experience with Java, Javascript and mobile application development.
    • Familiarity with database architectures: Oracle, SQL and NoSQL Databases.
    • Information security professional certifications encouraged, such as SANS GIAC, CISSP.
      *Skills:*
      golang, api security, security testing, application security, Security, Information security, Cloud, Integration, Software development, Security architecture, Cyber security
      *Additional Skills & Qualifications:*
      Day to Day Expectations:
      • Design and Implement Security Measures: Develop and implement security protocols to protect APIs from threats such as unauthorized access, data breaches, and other vulnerabilities.
      • Conduct Security Assessments: Regularly perform security assessments and penetration testing on APIs to identify and mitigate potential security risks.
      • Monitor API Traffic: Continuously monitor API traffic for unusual or suspicious activity that could indicate a security threat.
      • Collaborate with Development Teams: Work closely with software developers to ensure that security best practices are integrated into the API development lifecycle.
      • Incident Response: Respond to security incidents involving APIs, including investigating breaches and implementing corrective actions.
      • Stay Updated on Security Trends: Keep up-to-date with the latest security trends, threats, and technologies to ensure the APIs remain secure.
      • Documentation and Compliance: Ensure that all security measures and protocols are well-documented and comply with relevant regulations and standards.
        o Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:
        • Medical, dental & vision
        • Critical Illness, Accident, and Hospital
        • 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
        • Life Insurance (Voluntary Life & AD&D for the employee and dependents)
        • Short and long-term disability
        • Health Spending Account (HSA)
        • Transportation benefits
        • Employee Assistance Program
        • Time Off/Leave (PTO, Vacation or Sick Leave)
          About TEKsystems:

          We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

          The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Keywords: TEKsystems Careers, Phoenix , API Security Engineer, Engineering , Phoenix, Arizona

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Arizona jobs by following @recnetAZ on Twitter!

Phoenix RSS job feeds