United Software Group
API Security Architect || PA (Hybrid).
United Software Group, Pittsburgh, Pennsylvania, us, 15289
Role: API Security Architect
Location: Pittsburgh, PA (Hybrid)
Duration: 4+ months
Contract
Must have Skills: Minimum 9+ years of overall experience. Deep understanding of API security best practices (OWASP API Security Top 10) Experience with API security tools and methodologies (penetration testing, API gateways) Strong knowledge of cryptography and authentication protocols Excellent communication and collaboration skills to work with developers and cross-functional teams Frameworks - API security frameworks, various API patterns, Strong Secure by Design Experience - knowing how to build a system securely from scratch Ability to explain why they would recommend a certain course of action in meetings Responsibilities:
Attend Team meetings and Weekly SSG meetings. Focused on building roadmap on different activities to build the program including dashboards. Provide design guidance accordingly Collaborate with stakeholders to define an API security strategy aligned with the overall business objectives Design a secure API architecture. The may involve utilizing secure design patterns, encryption protocols, and authentication/authorization mechanisms Develop a comprehensive framework for API security that defines procedures for API threat modeling, vulnerability assessments, penetration testing, etc. Support the configuration of API gateways to enforce security policies, rate limiting, access control Design and implement robust authentication and authorization mechanisms to control access to API resources based on user roles and permissions. This may include OAuth, OpenID Connect, or API key management solution. Build actionable insight and intelligence that include suspicious activity, potential attacks, and API misuse. Educate developers on API security best practices. Communicate API security risks effectively to stakeholders, including developers, product managers, and line of business leadership.
Location: Pittsburgh, PA (Hybrid)
Duration: 4+ months
Contract
Must have Skills: Minimum 9+ years of overall experience. Deep understanding of API security best practices (OWASP API Security Top 10) Experience with API security tools and methodologies (penetration testing, API gateways) Strong knowledge of cryptography and authentication protocols Excellent communication and collaboration skills to work with developers and cross-functional teams Frameworks - API security frameworks, various API patterns, Strong Secure by Design Experience - knowing how to build a system securely from scratch Ability to explain why they would recommend a certain course of action in meetings Responsibilities:
Attend Team meetings and Weekly SSG meetings. Focused on building roadmap on different activities to build the program including dashboards. Provide design guidance accordingly Collaborate with stakeholders to define an API security strategy aligned with the overall business objectives Design a secure API architecture. The may involve utilizing secure design patterns, encryption protocols, and authentication/authorization mechanisms Develop a comprehensive framework for API security that defines procedures for API threat modeling, vulnerability assessments, penetration testing, etc. Support the configuration of API gateways to enforce security policies, rate limiting, access control Design and implement robust authentication and authorization mechanisms to control access to API resources based on user roles and permissions. This may include OAuth, OpenID Connect, or API key management solution. Build actionable insight and intelligence that include suspicious activity, potential attacks, and API misuse. Educate developers on API security best practices. Communicate API security risks effectively to stakeholders, including developers, product managers, and line of business leadership.