API Security Architect

Overview

Hybrid
Depends on Experience
Full Time

Skills

API
Amazon Web Services
Authentication
Authorization
CISSP
Cisco Certifications
Cloud Computing
Coaching
Collaboration
Communication
Continuous Integration and Development
DevOps
DevSecOps
Encryption
IBM Websphere DataPower
IT Management
Mentorship
Microsoft Azure
OAuth
OWASP
Regulatory Compliance
Reporting
Risk Assessment
Security Architecture
Security Controls
Stakeholder Engagement
System On A Chip
Threat Modeling
Training

Job Details

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you d like, where you ll be supported and inspired bya collaborative community of colleagues around the world, and where you ll be able to reimagine what s possible. Join us and help the world s leading organizationsunlock the value of technology and build a more sustainable, more inclusive world.

Job Description

The Security Engineer will lead the assessment and enhancement of the security posture across existing and future state API integrations. This role is responsible for evaluating current integration security controls designing a robust future state architecture and guiding cross functional teams in implementing secure scalable and compliant solutions

Key Responsibilities:
Assess Current State
Evaluate existing API and integration security controls across platforms eg DataPower Kong AWS
Identify gaps in authentication authorization encryption and governance
Conduct risk assessments and threat modeling for current integrations

Design Future State:
Define the target security architecture for APIs and integrations aligned with enterprise standards
Recommend security patterns and controls eg OAuth2 JWT mTLS rate limiting WAF
Ensure alignment with compliance frameworks eg OWASP API Top 10 NIST SOC2

Implementation Guidance:
Collaborate with integration architects developers and DevOps teams to embed security into the API lifecycle
Provide hands on support and technical leadership during implementation phases
Develop reusable security components and CICD integrations for automated security checks

Governance Enablement:
Create and maintain security guidelines playbooks and reference architectures
Conduct training and enablement sessions for development and integration teams
Monitor and report on security posture improvements and incident trends

Qualifications:
Strong experience in API security architecture and integration security assessments
Hands on expertise with API gateways eg Kong Apigee cloud platforms AWS Azure and IAM solutions
Proficiency in security protocols and standards OAuth2 OpenID Connect JWT TLSmTLS
Familiarity with DevSecOps practices and CICD pipeline integration
Excellent communication and stakeholder engagement skills
Relevant certifications preferred eg CISSP CCSP AWS Security Specialty GIAC

Life at Capgemini

Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:
Flexible work
Healthcare including dental, vision, mental health, and well-being programs
Financial well-being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well-being benefits like subsidized back-up child/elder care and tutoring
Mentoring, coaching and learning programs
Employee Resource Groups
Disaster Relief

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Capgemini America, Inc.