Remote Cybersecurity Engineer (API/Web App Security)

Software Guidance & Assistance, Inc., (SGA), is searching for a Remote Cybersecurity Engineer (API/Web App Security) for a CONTRACT assignment with one of our premier Healthcare Services clients for a Remote position.

Top Skills Needed:
Azure/Entra ID
Scripting (Powershell or Python)
API Security frameworks
OWASP top 10

Responsibilities:
We are seeking an experienced Cyber Security Engineer to join our team, responsible for ensuring the security of our applications and APIs. This role will focus on collaborating with cross functional teams, including developers, UI developers, and API developers, to identify and remediate security vulnerabilities. The ideal candidate will have expertise in API security, UI security, as well as secure coding practices, with the ability to balance security with business needs and enable rapid and secure deployment of applications.

• Collaborate with developers throughout the software development lifecycle to ensure security best practices are integrated into application design and development
• Review scan findings and work with developers to remediate security vulnerabilities and implement fixes within their applications
• Work with application owners to enable single sign on via standards such as SAML or OAuth
• Work with application owners to manage access control via conditional access policies
• Partner with developers to ensure secure coding practices and mitigate security risks
• Provide security guidance and recommendations to development teams to ensure compliance with security standards and regulations
• Develop and maintain security documentation, including threat models, risk assessments, and security requirements
• Stay current with emerging security threats and technologies, applying this knowledge to improve our overall security posture
• Enable the business to rapidly and securely deploy applications balancing security with business needs

Required Skills:

• Related Bachelor's degree or additional related equivalent work experience
• 4+ years related work experience
• 2+ years in Cybersecurity
• 2+ years Information Technology Infrastructure
• 4+ years of experience in cyber security, with a focus on secure development and deployment
• Cybersecurity Engineer Defense and Threat Operations: SSCP
• Cybersecurity Engineer Enterprise Cybersecurity Services: SSCP
• Strong understanding of secure coding practices, threat modeling, and risk assessment
• Experience with Azure / EntraID
• Experience with Single Sign On using SAML or OAuth
• Experience with security tools such as Postman, Burp Suite, etc. and vulnerability management
• Experience with scripting languages such as PowerShell or Python
• Excellent communication and collaboration skills, with the ability to work with technical and non-technical stakeholders
• Strong problem-solving skills, with the ability to analyze complex security issues and develop effective solutions
• Familiarity with API security frameworks and protocols (OAuth, JWT), as well as UI development frameworks and tools
• Experience with the OWASP Top 10 and remediation strategies
• Experience with the creation of both technical and non-technical documentation

Preferred Skills:

• Experience with agile development methodologies
• Experience with CI/CD pipelines and tools such as Jenkins

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.