Omni Inclusive
Job Description
1. Configuring Secured APIs: The primary responsibility is to configure APIs to ensure they are secure. This involves implementing security measures to protect APIs from threats and vulnerabilities.
2. Enhancing Security for Directory Services: The engineer is responsible for enhancing the security of directory services using certificate-based communication. This includes ensuring that communication between services is secure and encrypted
3. Experience with API Security Configurations: The role requires extensive experience with API security configurations. This includes knowledge of best practices and standards for securing APIs
Technical Skills: 1. Expertise in API security mechanisms such as OAuth 2.0, OpenID Connect, API keys, JWT, rate limiting, and IP whitelisting. 2. Security Tools & Frameworks: Experience with API security tools (e.g., Postman, Burp Suite, OWASP ZAP), WAFs, API Gateways, and SIEM tools for monitoring and detecting API threats. 3. Authentication & Authorization: Deep knowledge of authentication protocols, including OAuth, OpenID Connect, SAML, and API token management. 4. Knowledge of Vulnerabilities: Familiarity with the OWASP API Security Top 10, and experience in identifying and mitigating common API vulnerabilities such as injection attacks, improper authentication, and excessive data exposure. 5. Compliance Knowledge: Understanding of relevant security and compliance standards, such as GDPR, PCI DSS, and SOC 2, and their impact on API security. 6. Scripting & Automation: Familiarity with scripting languages (e.g., Python, Bash) to automate security tasks and API security testing.
Technical Skills: 1. Expertise in API security mechanisms such as OAuth 2.0, OpenID Connect, API keys, JWT, rate limiting, and IP whitelisting. 2. Security Tools & Frameworks: Experience with API security tools (e.g., Postman, Burp Suite, OWASP ZAP), WAFs, API Gateways, and SIEM tools for monitoring and detecting API threats. 3. Authentication & Authorization: Deep knowledge of authentication protocols, including OAuth, OpenID Connect, SAML, and API token management. 4. Knowledge of Vulnerabilities: Familiarity with the OWASP API Security Top 10, and experience in identifying and mitigating common API vulnerabilities such as injection attacks, improper authentication, and excessive data exposure. 5. Compliance Knowledge: Understanding of relevant security and compliance standards, such as GDPR, PCI DSS, and SOC 2, and their impact on API security. 6. Scripting & Automation: Familiarity with scripting languages (e.g., Python, Bash) to automate security tasks and API security testing.