API Security Engineer - Fort Worth, United States - ScaleneWorks People Solutions LLP

    ScaleneWorks People Solutions LLP
    ScaleneWorks People Solutions LLP Fort Worth, United States

    2 weeks ago

    Default job background
    Technology / Internet
    Description

    Job role : API Security Engineer

    Location : Fort Worth, TX

    Job Type: Contract

    Description:

    Duties: API Security responsibilities:


    • Defines specifications and develop code and utilities, modifies existing programs, prepares test data, and prepares functional specifications.


    • Establishes, participates, and maintains relationships with customers and subject matter experts to remain apprised of direction, architectural and technology trends, risks, and functional/integration issues.


    • Analyzes, designs, develops, codes and implements programs in one or more programming languages, for Web and Rich Internet Applications.

    Create various automated security integration solutions.


    • Work with the API Management platforms to develop APIs, Products, Plans, etc. and test them.


    • Develop UI and API functionality in languages including, but not limited to JavaScript, TypeScript and python.


    • Work with application development personnel and other technical team members to review existing and/or new APIs/web services in support of quality implementations that align with Security policies, procedures, and generally-accepted best practices.


    • Work closely with DevOps and cloud infrastructure architects and engineers to design, implement and manage secure, scalable, and reliable cloud infrastructure environments


    • Participates as a technology advisor to collaborate with Agile squads to deliver business benefits with effective and efficient use of technology Platform(s)


    • Ensures teams are validating for OWASP and performing industry leading application security practices.


    • Performs application program interface security assessments and remediation activities as part of the API security program.


    • Leverages the enterprise SSDLC processes and toolset.

    Skills:


    • Bachelor's degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training


    • 2 years of experience working as a frontend or backend software developer


    • API: Experience with HashiCorp Vault APIs, Cloud APIs and API gateway


    • Experience as a developer on a team consisting of five or more software developers


    • Ability to conduct independent research


    • Broad understanding of web service implementation paradigms (REST, SOAP)


    • Basic understanding of Cryptography concepts: hashing, signing, symmetric/asymmetric encryption and decryption


    • Basic understanding microservice application architecture, software cohesion and software coupling


    • Comfortable learning new programming languages as needed to conduct code reviews


    • Comfortable with the following tools and technologies: Git, SoapUI, Jenkins, Artifactory, SonarQube, Find Bugs, Docker Experience with deploying and configuring API scanning tools


    • Experience in Identity and access management concepts and technical specifications


    • Experience creating continuous integration pipelines (Cloud bees, Jenkins, Buddy, Urban Code, etc.)


    • Experience using integrated development environments (e.g. Visual Studio, Visual Studio Code, Eclipse)


    • Experience with Azure Resource Manager (ARM) and scripting tools, including PowerShell, Azure CLI, JavaScript, Shell scripts, Python, or similar languages.


    • Experience developing solutions that combine data from APIs, endpoints, and databases


    • Outstanding communication, analytical skills and ability to function in a globally diverse work environment


    • Experience working within an agile team (Scrum, Rally, etc.)


    • Familiarity with OWASP and the San's Top 25

    Education and Experience:


    • Bachelor's degree in Computer Science or related field or equivalent experience/certification


    • API security 1 year


    • 2 years working as a Security Engineer


    • 1-year experience developing automation solutions in Python, Java or PowerShell Ability to analyze complex problems and implement solutions and/or workarounds


    • Familiarity with NIST Special Publications (e.g ,800-53, CSF)

    Additional Details Glider Assessment Required? : No Glider Assessment Name (If Applicable) (drop down) : N/A Does Contractor Need Their Own Laptop? : Yes Laptop Specs : Standard specs