Jobs via Dice
Job Description
The Security Engineer will lead the assessment and enhancement of the security posture across existing and future state API integrations. This role is responsible for evaluating current integration security controls, designing a robust future state architecture, and guiding cross‑functional teams in implementing secure, scalable, and compliant solutions.
Key Responsibilities
Assess current state: Evaluate existing API and integration security controls across platforms (e.g., DataPower, Kong, AWS).
Identify gaps in authentication, authorization, encryption, and governance.
Conduct risk assessments and threat modeling for current integrations.
Design Future State
Define the target security architecture for APIs and integrations aligned with enterprise standards.
Recommend security patterns and controls (OAuth2, JWT, mTLS, rate limiting, WAF).
Ensure alignment with compliance frameworks (e.g., OWASP API Top 10, NIST, SOC 2).
Implementation Guidance
Collaborate with integration architects, developers, and DevOps teams to embed security into the API lifecycle.
Provide hands‑on support and technical leadership during implementation phases.
Develop reusable security components and CI/CD integrations for automated security checks.
Governance Enablement
Create and maintain security guidelines, playbooks, and reference architectures.
Conduct training and enablement sessions for development and integration teams.
Monitor and report on security posture improvements and incident trends.
Qualifications
Strong experience in API security architecture and integration security assessments.
Hands‑on expertise with API gateways (e.g., Kong, Apigee), cloud platforms (AWS, Azure) and IAM solutions.
Proficiency in security protocols and standards: OAuth2, OpenID Connect, JWT, TLS/mTLS.
Familiarity with DevSecOps practices and CI/CD pipeline integration.
Excellent communication and stakeholder engagement skills.
Relevant certifications preferred (e.g., CISSP, CCSP, AWS Security Specialty, GIAC).
Life at Capgemini
Flexible work
Healthcare including dental, vision, mental health, and well‑being programs
Financial well‑being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well‑being benefits like subsidized backup child/elder care and tutoring
Mentoring, coaching and learning programs
Employee Resource Groups
Disaster Relief
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
Software Development
#J-18808-Ljbffr
Key Responsibilities
Assess current state: Evaluate existing API and integration security controls across platforms (e.g., DataPower, Kong, AWS).
Identify gaps in authentication, authorization, encryption, and governance.
Conduct risk assessments and threat modeling for current integrations.
Design Future State
Define the target security architecture for APIs and integrations aligned with enterprise standards.
Recommend security patterns and controls (OAuth2, JWT, mTLS, rate limiting, WAF).
Ensure alignment with compliance frameworks (e.g., OWASP API Top 10, NIST, SOC 2).
Implementation Guidance
Collaborate with integration architects, developers, and DevOps teams to embed security into the API lifecycle.
Provide hands‑on support and technical leadership during implementation phases.
Develop reusable security components and CI/CD integrations for automated security checks.
Governance Enablement
Create and maintain security guidelines, playbooks, and reference architectures.
Conduct training and enablement sessions for development and integration teams.
Monitor and report on security posture improvements and incident trends.
Qualifications
Strong experience in API security architecture and integration security assessments.
Hands‑on expertise with API gateways (e.g., Kong, Apigee), cloud platforms (AWS, Azure) and IAM solutions.
Proficiency in security protocols and standards: OAuth2, OpenID Connect, JWT, TLS/mTLS.
Familiarity with DevSecOps practices and CI/CD pipeline integration.
Excellent communication and stakeholder engagement skills.
Relevant certifications preferred (e.g., CISSP, CCSP, AWS Security Specialty, GIAC).
Life at Capgemini
Flexible work
Healthcare including dental, vision, mental health, and well‑being programs
Financial well‑being programs such as 401(k) and Employee Share Ownership Plan
Paid time off and paid holidays
Paid parental leave
Family building benefits like adoption assistance, surrogacy, and cryopreservation
Social well‑being benefits like subsidized backup child/elder care and tutoring
Mentoring, coaching and learning programs
Employee Resource Groups
Disaster Relief
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
Software Development
#J-18808-Ljbffr