Senior API Security Platform Engineer The Team This is a Senior Cyber Engineering role in the API Security team (part of the Application and Infrastructure Security Product Area) within the Enterprise Cybersecurity business unit. The focus of this team is to enable API Security Solutions and processes that will help to improve the Security Posture of our APIs across our infrastructure. The Expertise You Have 5+ years of experience in the field of software engineering ideally with a focus on Application or API Security Strong knowledge of API protocols/frameworks (e.g., REST, SOAP, GraphQL, gRPC), API gateways, Authentication and Authorization Protocols (OAuth2/OIDC/JWT etc.). Strong Understanding of OWASP API Security Top 10 and secure coding practices. Familiar with common API Vulnerabilities Familiarity with runtime security, eBPF, and traffic monitoring for API discovery would be considered a plus Expertise in API Security frameworks and experience with API Security Testing tools (DAST, AST, etc.) and Runtime API protection platforms would be considered a plus Any application security experience, including Pen Testing, Static Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Web Application Firewalls (WAF) would be considered a plus The Skills You Bring Proven knowledge and experience of engineering principles, patterns and practices Experience with modern agile engineering approaches and focus on operational excellence. You have shown the ability to engage with other teams or vendors in a positive manner to collaborate to achieve a positive outcome Excellent interpersonal and communication skills Strong analytical skills and ability to tackle issues and work through ambiguous situations by making timely decisions based on facts, knowledge, experience, and judgement. You have a passion for continual learning and are always ready to guide, support and/or mentor other members of your team! Skills: OWASP Security API SOAP GraphQL DAST gRPC