JD:
5+ Experience required
Automation – Python preferred
API Security testing
API specification validation and implementing to CICD
SAML, OpenID, OAuth
Python automation
API Security assessment
CI/CD
Data Theorem, Salt Security, Neo Security, Traceable and Crunch42
CI/CD OWASP API Top 10
REST, GraphQL and gRPC
- Familiarity with Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, and the Open-Source Security Testing Methodology Manual (OSSTMM).
- Hands on experience designing, developing, and testing secure APIs (e.g. with REST, GraphQL and gRPC)
- Experience with software engineering (you can write robust code and can point to specific examples of projects you have successfully delivered in the past)
- Experience automating API security assessments into CI/CD pipelines
- Experience with at least one of the following languages: Python, Java, or JavaScript
- Best shall be candidate experience in API Security, AuthN and AuthZ for APIs and Automation experience. Average shall be candidate with API Security testing skill and triage experience
- In this role the Security Engineer supports efforts to minimize API security risk by discovering, managing, monitoring, and reporting on API security vulnerabilities while supporting the Automation of DevSecOps practice and pipeline.
- Responsibilities include participation in the creation and maintenance of API security specifications, reviewing software designs to ensure appropriate/required security controls have been included in designs, administering API security testing tools (Salt/Neo/Data Theorem), performing API code reviews, attesting compliance with the security requirements, and advising Product development teams on API-related technical issues and questions.
- Candidate will work with Product development community and other technical team members to review existing and/or new APIs/web services in support of Security control implementations that align with Information Security policies, procedures, and accepted best practices
Job Category: Software Developer
Job Type: Full Time
Job Location: Doha