| API Security-Technical project manager at Phoenix, Arizona, USA |
| Email: [email protected] |
| From: Gunjan, Intellectt [email protected] Reply to: [email protected] Role: API Security-Technical project manager Relocation : Day 1 onsite to Phoenix, AZ Duration: Contract on C2C Years of Experience: 10+ years Skills: API, Apigee Details: American Express is seeking API Security-Technical project manager with proven strong technical competence and leadership capability to contribute towards the success of enterprise wide API security initiatives. The Senior API Security Engineer serves as a subject matter expert in API security and plays an integral role in managing, monitoring & reporting on API security risk reduction. Primary Responsibilities Perform ongoing governance and follow-through with API owners to ensure implementation of threat-based requirements. Develop, deliver and keep up-to-date API security standard requirements and design patterns. Validate implementation of API security controls against outputs of vulnerability testing tools to enable auditability and verifiability. Serve as an API security technical advisor to application teams. Evangelize API security design principles. Collaborate as API security subject matter expert within the organization. Security and Technical Experience Direct hands on experience developing and securing web APIs and web applications: REST, SOAP, gRPC. Direct hands-on experience with security testing of web services and web APIs. Solid hands-on experience with leading threat modeling exercises for applications and services. Solid understanding of risk management, security architecture and secure SDLC practices. Strong experience and understanding of API identity and access management controls: OAuth 2.0, OIDC, JWT Strong experience and understanding of familiarity with cryptography controls: Data at rest, in motion and in-use. Experience with industry standards and frameworks: NIST 800-53, NIST CSF, OWASP, SANS Top 25. Experience with Java, JavaScript and mobile application development. Familiarity with database architectures: Oracle, SQL and NoSQL Databases. Information security professional certifications such as SANS GIAC, CISSP, CISM. Experience with service-oriented architectures and web services security. Desired Skills: Experience mentoring application security and secure development practices to team. Experience with DevOps processes in a Cloud/SaaS environment. Experience architecting, securing, and operating one or more public cloud environments: Amazon Web Services, Google App Engine, Azure, and Oracle Cloud. Experience with one or more emerging programming languages: Go, Rust. Keywords: golang Arizona API Security-Technical project manager [email protected] |
| [email protected] View all |
| Thu Jul 25 01:14:00 UTC 2024 |