Job Title: Security Architect Sr
Location: Pittsburgh, PA, Dallas, TX, Strongsville, OH, Birmingham, AL and Phoenix, AZ – Hybrid (2-3 days a week in office)
Duration: 06 Months Contract To Hire
Only on W2
Job description:
Initiatives/Projects:
SSG team - Software Security Group - building out some security capabilities. Enable developers to write secure software across the organization.
Industry background: Diverse industry background - heavily regulated industry experience welcomed.
Team Dynamic: Team size is 10 members. Contractor will work primarily with the Lead and Manager.
Roles and Responsibilities:
Attend Team meetings and Weekly SSG meetings.
Focused on building roadmap on different activities to build the program including dashboards.
Provide design guidance accordingly
- Collaborate with stakeholders to define an API security strategy aligned with the overall business objectives
- Design a secure API architecture. The may involve utilizing secure design patterns, encryption protocols, and authentication/authorization mechanisms
- Develop a comprehensive framework for API security that defines procedures for API threat modeling, vulnerability assessments, penetration testing, etc.
- Support the configuration of API gateways to enforce security policies, rate limiting, access control
- Design and implement robust authentication and authorization mechanisms to control access to API resources based on user roles and permissions. This may include OAuth, OpenID Connect, or API key management solution.
- Build actionable insight and intelligence that include suspicious activity, potential attacks, and API misuse.
- Educate developers on API security best practices.
- Communicate API security risks effectively to stakeholders, including developers, product managers, and line of business leadership.
Must Have Technical Skills: Overall experience 6+ years
- Deep understanding of API security best practices (OWASP API Security Top 10)
- Experience with API security tools and methodologies (penetration testing, API gateways)
- Strong knowledge of cryptography and authentication protocols
- Excellent communication and collaboration skills to work with developers and cross-functional teams
- Frameworks - API security frameworks, various API patterns,
- Strong Secure by Design Experience - knowing how to build a system securely from scratch
- Ability to explain why they would recommend a certain course of action in meetings
Soft Skills: Presenting, Stand out in front of leadership, Articulate, Ability to explain why they would recommend a certain course of action in meetings, Excellent communication and collaboration skills to work with developers and cross-functional teams
Role Differentiator:
We are building a program from the ground up around API security posture to provide the business insight, visibility, traceability, actionable intelligence and metrics. This is a different approach from the traditional API Security best practices that most companies employ today. We are taking it a step further and will have a major impact on the business.
Interview Process:
2 rounds, 1 with manager and the other with the Team Lead.
