API Security Engineer

HMG America LLC is the best Business Solutions focused Information Technology Company with IT consulting and services, software and web development, staff augmentation and other professional services. One of our direct clients is looking for API Security Engineer in Los Angeles, CA. Below is the detailed job description.

Position-API Security Engineer
Location-Los Angeles, CA (Onsite-3 days a week) (Need local to CA only)

Job Description
1. Configuring Secured APIs: The primary responsibility is to configure APIs to ensure they are secure. This involves implementing security measures to protect APIs from threats and vulnerabilities.
2. Enhancing Security for Directory Services: The engineer is responsible for enhancing the security of directory services using certificate-based communication. This includes ensuring that communication between services is secure and encrypted
3. Experience with API Security Configurations: The role requires extensive experience with API security configurations. This includes knowledge of best practices and standards for securing APIs

Technical Skills:
1. Expertise in API security mechanisms such as OAuth 2.0, OpenID Connect, API keys, JWT, rate limiting, and IP listing.
2. Security Tools & Frameworks: Experience with API security tools (e.g., Postman, Burp Suite, OWASP ZAP), WAFs, API Gateways, and SIEM tools for monitoring and detecting API threats.
3. Authentication & Authorization: Deep knowledge of authentication protocols, including OAuth, OpenID Connect, SAML, and API token management.
4. Knowledge of Vulnerabilities: Familiarity with the OWASP API Security Top 10, and experience in identifying and mitigating common API vulnerabilities such as injection attacks, improper authentication, and excessive data exposure.
5. Compliance Knowledge: Understanding of relevant security and compliance standards, such as GDPR, PCI DSS, and SOC 2, and their impact on API security.
6. Scripting & Automation: Familiarity with scripting languages (e.g., Python, Bash) to automate security tasks and API security testing.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.