Talent.com
This job offer is not available in your country.
API Security Engineer

API Security Engineer

TwinPacs Sdn BhdHyderabad
23 days ago
Job description

We are seeking a skilled API Security Engineer to support our development and engineering teams in designing and implementing secure API solutions. The ideal candidate will have a strong background in software development, cloud security, and modern API management practices.

Role : API Security 4-8 Y : Hyderabad | Bangalore | Gurgaon |

Type of Work : Contract 12 M

Mode of Work : WFO - Hyderabad / Bangalore / Gurgaon

Interview Process : 2 Virtual Session + 1 F2F (If :

  • Provide consultation and support to development and engineering teams on API security best practices.
  • Educate teams on security procedures and standards, ensuring compliance across all projects.
  • Research and develop security solutions focusing on API security, data protection, and identity protection.
  • Prepare and maintain security documentation and guidance for development and engineering teams.
  • Conduct security risk assessments for proposed API-related changes.
  • Collaborate with cross-functional teams to integrate secure design and architecture into development workflows.
  • Ensure compliance with industry standards such as OWASP API Top 10, CIS Top 20, etc.
  • Work within AWS or other cloud environments to support secure development and deployment practices.

Required Skills & Experience :

  • 3+ years of experience in software development using one or more of the following- .NET, Python, Java / Spring Boot (REST), JavaScript (Node / React), or GoLang
  • Hands-on experience with API security tools such as Noname, Salt, Neosec, etc.
  • Proficiency in using security and testing tools like OWASP ZAP, Veracode, Postman, etc.
  • Strong understanding of API security concepts, including design patterns, architecture, and B2B / A2A / B2C integrations.
  • Experience with API Management platforms such as Mulesoft, Apigee, etc.
  • Solid foundational knowledge of security engineering, software engineering, authentication, and applied cryptography.
  • Deep understanding of web technologies, web services, web applications, service-oriented architectures, and network / web protocols.
  • Familiarity with application threat modeling and remediation of OWASP API Top 10, CIS Top 10, and SANS Top 25 vulnerabilities.
  • Awareness of attacker tactics, techniques, and procedures (TTPs) and mitigation methods.
  • Sound understanding of authentication / authorization standards, applied cryptography, and secure coding practices.

    • ref : hirist.tech)

    Create a job alert for this search

    Security Engineer • Hyderabad