API Consultant

GENERAL FUNCTION :

Securing APIs is essential to "shifting left" the technology development at the Bank. The Individual will lead technical conversations to determine API security items, help establish an API management strategy. They will write best practices and define API patterns while also creating the business and security requirements. They will write requirements with threat modeling in mind to assist engineers with building securely. They will meet with stakeholders and determine criticality of controls and work with application owners to create patterns.

They will collaborate with technical and business stakeholders to address Information Security risks while achieving business objectives, meeting regulatory requirements, and addressing emerging threats. Responsible for providing expertise and support on decisions and priorities regarding the enterprise's overall Information Security strategy and posture.

Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED :

• Bachelor's degree in a relevant technology field or equivalent combination of education and work experience.
• 8 years of engineering or other IT / Security work experience relevant to the position.
• Five or more years of interdisciplinary experience in 4 or more of the following : Access Control Systems, Application Security, Application SDLC, Operating Systems, Cryptographic Controls, API Security, and Networking.
• Excellent communications skills as well as the ability to build effective relationships with business leaders and stakeholders.
• Ability to manage multiple, diverse tasks simultaneously and effectively prioritize work; strong organizational skills in a results-oriented environment.
• Willingness to work in a highly-collaborative environment.
• Ability to effectively communicate with technical and non-technical stakeholders.
• Solid understanding of IT security best practices.
• Skilled in designing, implementing, and supporting complex technical solutions.
• Ability to troubleshoot complex operational issues.
• Extensive experience designing, developing, and implementing serverless solutions within AWS.
• Extensive development experience with different API capabilities.
• Experience in building and deploying Jenkins pipelines.
• Previous experience automating security controls within CI / CD pipelines a plus.
• Previous microservice development a plus.
• Previous experience in application vulnerability remediation a plus.

ESSENTIAL DUTIES AND RESPONSIBILITIES :

This position will perform the following functions :

Required Skills : API, Security, Penetration Testing

Background Check : Yes

Drug Screen : Yes

Notes :

Selling points for candidate :

Project Verification Info : "The information provided below is for Apex Systems AV use only and is not to be distributed publicly, or to any third party. Any distribution of the below information will result in corrective action from Apex Systems Vendor Management. MSA : Restricted Client Letter : Will Provide"

Candidate must be your W2 Employee : Yes

Exclusive to Apex : No

Face to face interview required : No

Candidate must be local : Yes

Candidate must be authorized to work without sponsorship : : No

Interview times set : : No

Type of project : Master Job Title :

Branch Code :