API Security Engineer - No C2C

Overview

On Site
$40 - $50
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

API
API Management
Python
RESTful
Scripting
Security Controls
Vulnerability Scanning
Web Applications
Penetration Testing
POSTMAN
Encryption
Forensics
Cyber Security
DevSecOps
Development Testing
Documentation
Good Clinical Practice
Collaboration
Computer Science
Continuous Delivery
Continuous Integration
Amazon Web Services
Authentication
Authorization
Burp Suite
Cloud Computing
DevOps
Google Cloud Platform
GraphQL
Incident Management
JavaScript
Management
Microsoft Azure
OAuth
OWASP

Job Details

We are looking for a knowledgeable and proactive API Security Engineer to join our security team. In this role, you will be responsible for securing APIs across the organization by identifying vulnerabilities, implementing best practices, and collaborating with development teams to ensure secure design and deployment of APIs.

What you ll be doing :

Design and implement security controls for APIs across internal and external applications.
Conduct API security assessments, including penetration testing, fuzzing, and vulnerability scanning.
Monitor API traffic for anomalies, abuse, and potential threats using API gateways and security tools.
Collaborate with development and DevOps teams to integrate security into the API lifecycle (design, development, testing, deployment).
Define and enforce API security standards, including authentication, authorization, rate limiting, and encryption.
Develop and maintain API security policies and documentation.
Stay current with emerging API threats, vulnerabilities, and security technologies.
Assist in incident response and forensic analysis related to API security breaches.
Evaluate and implement API security tools such as WAFs, API gateways, and runtime protection platforms.

Requirements:
Bachelor s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
3+ years of experience in application or API security.
Strong understanding of RESTful and GraphQL APIs, OAuth2, JWT, and API authentication mechanisms.
Experience with API gateways including configuring authentication, authorization, rate limiting, and threat protection policies (e.g., Apigee, AWS API Gateway, Kong, Azure API Management).
Familiarity with OWASP API Security Top 10 and secure coding practices.
Hands-on experience with tools like Postman, Burp Suite, OWASP ZAP, or similar.
Knowledge of common API vulnerabilities such as injection, broken authentication, excessive data exposure, etc.

Added bonus if you have

Certifications such as: GIAC Web Application Penetration Tester (GWAPT).
Certified API Security Professional (by APIsec University)
Offensive Security Web Expert (OSWE)

Experience with DevSecOps and CI/CD pipeline integration.
Familiarity with cloud-native API security in AWS, Azure, or Google Cloud Platform.
Familiarity with securing and managing API gateways, including policy enforcement, traffic monitoring, and integration with identity providers. Scripting or programming experience (Python, JavaScript, etc.)

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About SSV Technologies Inc