API Security

Required Skills

API Security

Job Description

Role:API Security

Location: Hyderabad|Mumbai|Bengaluru|Gurugram|Chennai|Pune|Kolkata​

Hybrid Mode Position

Exp: 3 - 8 Years


Requirements

We are seeking a skilled and detail-oriented API Security Engineer to support our development and engineering teams in ensuring the security of APIs and associated cloud-native applications. The ideal candidate will have a strong background in software development, API security, and industry-standard security frameworks and tools.

Key Responsibilities:

  • Support and consult with development and engineering teams on API security best practices.
  • Educate teams on secure coding standards and ensure compliance with security procedures.
  • Perform security risk assessments for proposed application and API changes.
  • Research, design, and help implement security solutions related to API Security, Data Protection, and Identity Protection.
  • Develop and maintain security documentation and guidance tailored for engineering teams.
  • Ensure adherence to security standards such as OWASP API Top 10 and CIS Top 20.
  • Work with cloud platforms like AWS and other modern cloud environments in a development or architecture capacity.

Required Skills & Experience:

  • Minimum 3 years of hands-on experience in software development using one or more of the following languages: .NET, Python, Java/Spring Boot (REST), JavaScript (Node/React), or Go.
  • Strong experience in API security design patterns, architecture, and B2B/A2A/B2C integrations.
  • Familiarity with API security tools such as Noname, Salt, Neosec, etc.
  • Experience with API Management platforms like Mulesoft, Apigee, or similar.
  • Proficient with security testing tools such as OWASP ZAP, Veracode, and Postman.
  • Solid understanding of web technologies including web services, SOA, and web/network protocols.
  • Strong knowledge of application threat modeling and remediation of vulnerabilities aligned with OWASP API Top 10, CIS Top 10, and SANS Top 25.
  • Good understanding of attacker tactics, techniques, and procedures, and corresponding mitigation methods.
  • Deep understanding of authentication, authorization, applied cryptography, and secure system design principles.

Preferred Qualifications:

  • Prior experience in creating technical security documentation.
  • Certifications in security (e.g., CISSP, CEH, CSSLP) are a plus.


Apply now