Job Title: Security Engineer
Interview: 1 interview
Job Duration: Long-Term Contract
Job Location: 100% Remote
Essential Qualifications:
- 5+ years of relevant experience in IT Security.
- Hands-on experience with Cloudflare for implementing API security.
- Experience in decrypting API traffic for security inspection.
- Proficiency in API management platforms such as MuleSoft and Apigee.
- Ability to collaborate with API teams to design and document secure API design patterns.
Job Description:
- Provide support to the Cyber Security Operations Center and Threat Detection Teams by recommending and implementing changes, updates, and improvements to endpoint policies.
- Coordinate with infrastructure, engineering, and application project/support teams to ensure new policies/assets are deployed and issues impacting tools and systems are resolved swiftly and effectively without adversely affecting business systems.
- Participate in the on-call rotation.
- Collaborate with the Information Security team to ensure compliance with security policies, procedures, standards, and baseline security configurations.
- Understand and advocate IT Security standards and reference architectures.
- Demonstrate a thorough understanding of malware, threats, vulnerabilities, and their potential impact on the environment.
- Communicate effectively with clients to identify needs and evaluate alternative technical solutions and strategies.
Qualifications:
- 5-7 years of relevant experience in IT Security.
- Hands-on experience with Cloudflare for implementing API security.
- Deep understanding of cryptography concepts: hashing, signing, symmetric/asymmetric encryption and decryption, etc.
- Experience in decrypting API traffic for security inspection, e.g., mTLS, TLS 1.3, etc.
- Proficiency in API management platforms such as MuleSoft, Apigee, etc.
- Ability to collaborate with API teams to design and document secure API design patterns.
- Experience assessing and securing APIs in alignment with OWASP and other security standards.
- Demonstrated knowledge of API design standards, patterns, and best practices.
- Familiarity with industry security regulations and frameworks (MITRE Attack Framework, NIST, CIS CSC, etc.).
- General understanding of key IT components – Secure LDAP, Networking, firewall, load balancing, Federated Identity.
- Familiarity with change management processes, activities, and change review board routines.
- Working knowledge of networking (routing, DNS, common ports, protocols, and firewalls).
- Strong organizational skills with the ability to multitask and work independently on multiple problems and tasks.
- Experience with Python scripting and automation.
Keys to Success in this Role:
- Ability to effectively perform both independently and as a strong cross-functional team contributor.
- Capability to help model and mentor other team members.
