Senior Software Security Architect

We have identified a job opportunity that looks like it may match well with your skills, experience, and job preferences:Job Title: Security Architect SrLocation: Pittsburgh, PA, Dallas, TX, Strongsville, OH, Birmingham, AL and Phoenix, AZ - Hybrid (2 days a week in office)Duration: 06 Months Contract To HireOnly W2Job DescriptionInitiatives/Projects:SSG team - Software Security Group - building out some security capabilities. Enable developers to write secure software across the organization.Industry background: Diverse industry background - heavily regulated industry experience welcomed.Team Dynamic: Team size is 10 members. Contractor will work primarily with the Lead and Manager.Roles and Responsibilities:Attend Team meetings and Weekly SSG meetings.Focused on building roadmap on different activities to build the program including dashboards.Provide design guidance accordinglyCollaborate with stakeholders to define an API security strategy aligned with the overall business objectivesDesign a secure API architecture. The may involve utilizing secure design patterns, encryption protocols, and authentication/authorization mechanismsDevelop a comprehensive framework for API security that defines procedures for API threat modeling, vulnerability assessments, penetration testing, etc.Support the configuration of API gateways to enforce security policies, rate limiting, access controlDesign and implement robust authentication and authorization mechanisms to control access to API resources based on user roles and permissions. This may include OAuth, OpenID Connect, or API key management solution.Build actionable insight and intelligence that include suspicious activity, potential attacks, and API misuse.Educate developers on API security best practices.Communicate API security risks effectively to stakeholders, including developers, product managers, and line of business leadership.Must Have Technical Skills: Overall experience 6+ yearsDeep understanding of API security best practices (OWASP API Security Top 10)Experience with API security tools and methodologies (penetration testing, API gateways)Strong knowledge of cryptography and authentication protocolsExcellent communication and collaboration skills to work with developers and cross-functional teamsFrameworks - API security frameworks, various API patterns,Strong Secure by Design Experience - knowing how to build a system securely from scratchAbility to explain why they would recommend a certain course of action in meetingsSoft Skills: Presenting, Stand out in front of leadership, Articulate, Ability to explain why they would recommend a certain course of action in meetings, Excellent communication and collaboration skills to work with developers and cross-functional teamsRole Differentiator:We are building a program from the ground up around API security posture to provide the business insight, visibility, traceability, actionable intelligence and metrics. This is a different approach from the traditional API Security best practices that most companies employ today. We are taking it a step further and will have a major impact on the business.Interview Process:2 rounds, 1 with manager and the other with the Team Lead.