Job Description:This is a Senior Cyber Engineering role in the API Security team (part of the Application and Infrastructure Security Product Area) within the Enterprise Cybersecurity business unit.The focus of this team is to enable API Security Solutions and processes that will help to improve the Security Posture of our APIs across our infrastructure.The Expertise You Have2+ years of experience in the field of software engineering ideally with a focus on Application or API SecurityStrong knowledge of API protocols/frameworks (e.g., REST, SOAP, GraphQL, gRPC), API gateways, Authentication and Authorization Protocols (OAuth2/OIDC/JWT etc.)Strong understanding of OWASP API Security Top 10 and secure coding practicesFamiliar with common API vulnerabilitiesExpertise in API security frameworks and experience with API security testing tools (DAST, AST, etc.) and runtime API protection platforms is a plusApplication security experience, including Pen Testing, SCA, SAST, DAST, and Web Application Firewalls (WAF) is a plusThe Skills You BringProven knowledge of engineering principles, patterns, and practicesExperience with modern agile engineering approaches and operational excellenceAbility to collaborate effectively with other teams or vendorsExcellent interpersonal and communication skillsStrong analytical skills to address issues and work through ambiguous situations, making timely decisions based on facts and knowledgeA passion for continual learning and mentoring team membersThe Value You DeliverDevelop solutions to tackle real-life problems and meet consumer needsCollaborate with development, operations, and security teams for seamless integrationMonitor platform performance, ensuring alignment with KPIs and SLAsOptimize platform configurations to detect and prevent API threatsContribute to API security initiatives within the broader security roadmapStay ahead of emerging threats and technologies, recommending improvementsIntegrate API security into CI/CD pipelines for continuous testing and monitoringDevelop scripts and tools to streamline processes and analyze dataDocument processes, configurations, and lessons learned for knowledge transfer
#J-18808-Ljbffr