Search

Senior Security Engineer

companyDiverse Lynx
locationPhoenix, AZ, USA
PublishedPublished: 6/14/2022
Full Time

Job Summary:
What are the top skills required for this role?
1. API
2. Apigee
3. Hands on WebAPI, and web apps: REST, SOAP, gRPC
4. Knowledge of Java, JavaScript or mobile app development
5. Knowledge of project management desirable

Job Description/ Responsibilities
Client is seeking a Senior API Security Engineer with proven strong technical competence and leadership capability to contribute towards the success of enterprise-wide API security initiatives. The Senior API Security Engineer serves as a subject matter expert in API security, performs threat modeling of APIs and plays an integral role in managing, monitoring & reporting on API security risk reduction. The Senior API Security Engineer supports the security champion practice by evangelizing API security principles and controls.

Primary Responsibilities Perform ongoing governance and follow-through with API owners to ensure implementation of threat-based requirements. Develop, deliver and keep up-to-date API security standard requirements and design patterns. Validate implementation of API security controls against outputs of vulnerability testing tools to enable auditability and verifiability. Serve as an API security technical advisor to application teams. Evangelize API security design principles. Be recognized as an API security subject matter expert within the organization. Security and Technical Experience Direct hands-on experience developing and securing web APIs and web applications: REST, SOAP, gRPC .Direct hands-on experience with security testing of web services and web APIs. Solid hands-on experience with leading threat modeling exercises for applications and services. Solid understanding of risk management, security architecture and secure SDLC practices. Strong experience and understanding of API identity and access management controls: OAuth 2.0, OIDC, JWT Strong experience and understanding of familiarity with cryptography controls: Data at rest, in motion and in-use. Experience with industry standards and frameworks: NIST 800-53, NIST CSF, OWASP, SANS Top 25.Experience with Java, JavaScript and mobile application development. Familiarity with database architectures: Oracle, SQL and NoSQL Databases.•Information security professional certifications encouraged, such as SANS GIAC, CISSP.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.

Loading interface...
Loading interface...
Loading interface...
Loading interface...
Loading interface...
Loading interface...