48 Api Security Jobs

8-10 years of exp in Cloud Technology, DevSecOps, cloud security, & CI/CD automation. Expertise in Kubernetes security, IAM, API security, & automated compliance frameworks. Hands on exp in Terraform, container security, & zero-trust architecture. Required Candidate profile Manage Enterprise wise Microservices based Applications hosted on AWS Cloud Technology.Exp in CI/CD & DevOps Tools:Jenkins,GitHub Actions,Terraform,AWS Code Pipeline & Kafka.Strong exp in EKS Cluster

Overview Accountability: Hands-On Implementation: Work closely with developers, product teams, and operations to ensure APIs are built, deployed, and maintained in alignment with established governance standards. This includes adhering to PepsiCo's API architecture principles and design guardrails. Technical Enablement: Create and manage reusable API templates, libraries, and frameworks that teams can use, reducing development time while maintaining governance consistency. This involves leveraging PepsiCo's standardized API tooling and documentation standards. Integration Support: Partner with application teams to design integrations that are optimized , secure, and compliant with the enterprise architecture and API governance guidelines. This includes ensuring integrations align with PepsiCo's domain-driven design and API taxonomy. Training and Mentorship: Provide hands-on training, workshops, and code reviews to guide teams on best practices, including error handling, security protocols, and documentation standards. This includes promoting an InnerSource culture to encourage collaboration and reuse of APIs. Monitoring and Optimization: Set up monitoring tools and dashboards for tracking API usage, performance, and compliance, actively working with teams to troubleshoot and improve reliability. This includes using PepsiCo's API management platform to ensure consistent monitoring and alerting. Responsibilities Knowledge of current API technologies, microservices architecture, and cloud-native environments. Familiarity with compliance and regulatory requirements in data handling and cybersecurity. Experience implementing KPIs and dashboards for monitoring API health and usage. Qualifications Key Skills / Required Qualification: Bachelors or Masters degree in Computer Science, Information Technology, or a related field. Ten or more years of experience in IT, with at least five years in API solutions architecture, integration, or related areas. Proven track record of designing and implementing API solutions in a high-scale environment, ideally within SaaS, tech, or digital companies. Strong understanding of API security, authentication, versioning, and lifecycle management. Excellent communication and leadership skills, with experience managing cross-functional teams and influencing stakeholders. Hands-on experience with API management platforms and familiarity with DevOps practices

We are hiring a Senior Node.js Developer with 8+ years of experience for a remote, long-term contract role. The ideal candidate should have hands-on experience with backend development using Node.js, AWS cloud services, and designing scalable microservices. You will design and implement RESTful APIs, ensure API security, apply serverless principles, and contribute to a highly scalable architecture. Strong analytical, problem-solving, and communication skills are a must for success in a remote work environment. Location-Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad,Remote (IST Hours)

Key Responsibilities: Design, develop, and maintain automated test scripts for RESTful APIs using tools like Postman, RestAssured, or similar frameworks. Perform functional, integration, regression, and performance testing of APIs. Develop test strategies, plans, and test cases to ensure comprehensive test coverage. Debug, analyze, and report defects, and work closely with development teams to resolve issues. Integrate automated API tests into CI/CD pipelines using Jenkins, GitLab, or similar tools. Utilize tools like Charles, Fiddler, or Wireshark to debug and inspect API traffic. Monitor API performance and reliability, ensuring compliance with SLAs and performance benchmarks. Collaborate with cross-functional teams to ensure API requirements and specifications are met. Maintain detailed and accurate documentation of test processes, results, and defect tracking. Required Skills: Solid understanding of RESTful web services, JSON, and XML data formats. Proficiency in API testing tools like Postman, RestAssured, SoapUI, or similar. Hands-on experience with automation frameworks and libraries (e.g., TestNG, Cucumber). Expertise in developing and maintaining API automation scripts using tools such as RestAssured, Postman, or similar frameworks. Strong programming skills in Java / Python. Experience in API performance testing using tools like JMeter, LoadRunner, or similar. Experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD). Knowledge of API security best practices, including OAuth, JWT, and token authentication. Knowledge of microservices architecture and its testing strategies.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Skills: Vulnerability Assessment,Penetration Testing,Manual Penetration Testing using OWASP checklists,Static/dynamic testing of mobile applications,OWASP Top 10 Roles and Responsibility: Roles and responsibility: Perform Web Application Security Assessment, API Security Assessment, Mobile Application Security Assessment & Thick Client Security Assessment. Report Preparation etc. Thanks and Regards, Ankita Ghosh

Design and build scalable REST APIs using FastAPI, integrate optimized SQL queries, collaborate with cross-functional teams, ensure secure coding, participate in agile sprints, and deploy services using CI/CD and Docker Required Candidate profile Experienced Python developer with 5+ years in backend/API development using FastAPI, strong SQL proficiency, knowledge of Docker, CI/CD, cloud, and secure coding practices.

We are looking for a MuleSoft Developer with experience in BizTalk to MuleSoft migration or a background in working with BizTalk and MuleSoft separately. The ideal candidate will have strong integration skills, particularly in designing, developing, and migrating APIs and systems using MuleSoft. Key Responsibilities: Lead or assist in migrating BizTalk solutions to MuleSofts Anypoint Platform. Design, develop, and maintain APIs using MuleSoft Anypoint Platform. Collaborate with teams to understand existing BizTalk solutions and define migration strategies. Implement data transformations and system integrations using MuleSoft and other tools. Monitor and troubleshoot integration flows and ensure smooth operations post-migration. Document migration processes and best practices for future projects. Required Skills and Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field. 5+ years of experience in MuleSoft development. Experience with BizTalk Server and MuleSoft Anypoint Platform. Hands-on experience with BizTalk to MuleSoft migration or individual projects with BizTalk and MuleSoft. Strong knowledge of API development, REST, SOAP, and DataWeave. Proficiency in Java, XML, JSON, and MuleSoft connectors. Familiarity with integration patterns and enterprise application integration. Experience with CI/CD pipelines, API Manager, and Runtime Manager. Excellent troubleshooting skills with the ability to handle complex integrations. Preferred Skills: MuleSoft certification (MCD - MuleSoft Certified Developer). Experience with API security best practices, including OAuth 2.0 and JWT. Knowledge of CloudHub and cloud platforms like AWS or Azure. Location-Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad,Remote

IAM Engineer (Functional & Technical) – Expertise in OAuth2.0, CIAM, ForgeRock, Java Full Stack & AWS. Designs & implements secure IAM solutions.

Solid foundations in API exposure space API life-cycle management (API design best practices, discovery, inventory management, governance) API Provider and Consumer journey REST fundamentals API Security OAS fundamentals

Design and maintain Azure-based APIs and integration solutions using Logic Apps, Functions, and API Management. Required Candidate profile 5–10 yrs in C#, .NET, REST APIs, Azure Integration. Team collaboration & system design experience.

This is primarily a lead role, helping drive technical initiative forward with teams, given broad guidance and support. Need to have solid foundations in API exposure space. API life-cycle management (API design best practices, discovery, inventory management, governance) API Provider and Consumer journey REST fundamentals. API Security (AuthN, AuthZ, OpenID/OAuth 2.0/POP/PKCE etc) & OWASP OAS fundamentals too - API documentation, Error code's etc GraphQL is a plus. Must: Be able to write production quality code in Java / Open-Source technologies. Python is good to have, exposure to building sdks is strongly desired. Must: have good hands-on experience on Microservices architecture, Kafka/Message Broker, and Event Driven Architecture. Must: have good hands-on experience on Database technologies (SQL & NoSQL) and design expertise on database modeling etc Be able to take direction from tech leads and drive across teams (once teams are aligned) with minimal guidance. This is key, to not require too much granular guidance. Doesn't need to have telecom background, need to be able to pick up new concepts quickly Hands on Exposure to API Gateways is a strong plus (not a must-to have requirement) as is prior experience with API exposure to customers.

Required Skills: Cyber Risk Risk Mitigation Strategies for Security Controls SAST and DAST Tools Profile: - 5+ years of experience in application/API security, risk management, or related fields - Strong understanding of application security architecture, compliance frameworks, and risk management principles - Experience with application security assessments, risk assessments, and security controls implementation - Excellent analytical, problem-solving, and communication skills - Familiarity with cloud security framework, tools, and technologies (e.g., OSWAP, CSPM, CWPP, CIEM, DAST/SAST) - Certifications in cloud security, risk management, or related fields (e.g., CCSK, CRISC, CISSP) Job Summary: We are seeking a seasoned Cyber Risk Consultant to assess and mitigate risks associated with our private cloud control plane (API Services). The successful candidate will perform risk assessments, identify vulnerabilities, and develop strategies to optimize security and compliance in control plane. Responsibilities: - Conduct risk assessments and security evaluations of private cloud control plane services (API Services) - Identify and prioritize vulnerabilities, threats, and potential attack vectors - Develop and implement risk mitigation strategies and security controls - Evaluate security configurations, policies, and procedures - Assess compliance with industry standards and regulatory requirements (e.g., NIST, SOC 2, PCI-DSS, OSWAP) - Develop and maintain risk management frameworks, playbooks, and reporting dashboards - Stay current with emerging application/API security threats and technologies - Communicate risk and security recommendations to stakeholders

Preferred Technical Skills: Mule 4 , DataWeave , API Manager , Flex Gateway .NET Framework/Core , C#, ASP.NET, WCF API security (OAuth2, JWT, IP filtering), policy enforcement SQL , stored procedures, and relational database integration Runtime Fabric , Docker , Kubernetes , AKS DevOps tools (Azure DevOps, Git, CI/CD pipelines) Cloud integration and security (Azure Required) Strong understanding of networking, cloud security, and system performance optimization

We are looking for an experienced API Developer with at least 3 years of hands-on experience in designing, developing, and maintaining RESTful APIs. The ideal candidate should have strong expertise in backend development, API security, performance optimization, and integration with third-party services.

Expected Role: Security engineering, security architect, manual security code review, threat modeling, cloud security, application security, product security. Proven experience in cybersecurity with a focus on Cloud security, microservices & API Security, AI security, and Zero Trust Architecture. Proficiency in threat modeling and risk assessments across various domains such as AI, Cloud, Network, Infrastructure, and applications. Expertise in security and network architecture, particularly in securing microservices, APIs & cloud native applications. In-depth experience with securing the SDLC, performing secure code reviews, and analyzing penetration testing reports. Proven track record of enhancing cloud security posture and implementing robust controls. Ability to evaluate and recommend mitigation strategies based on penetration testing and threat analysis. Excellent stakeholder management and communication skills. Ability to work independently, lead projects, and mentor junior team members. Bachelors or masters degree in Cybersecurity, Computer Science, Information Technology, or a related field. Strong knowledge of NIST frameworks (including NIST Cybersecurity Framework, NIST 800-53, NIST RMF), COBIT, ISO/IEC 27001, ISO/IEC 42001 and PCI DSS. Pursue relevant certifications such as CISSP, CCSP, CISM, CISA, CEH, Security+ or industry-specific certifications to enhance cybersecurity proficiency and credibility.

Position: API Analyst / Developer Location: Bangalore Budget:20-22 LPA Notice period: 0 to 30 Days Experience: 6+ About the Role We are looking for a skilled API Governance Expert who is also a hands-on developer to join our team. In this hybrid role, your primary responsibility will be to define and enforce API governance frameworks , ensuring that our APIs align with industry standards and organisational objectives. Additionally, you will contribute as a developer within a squad , actively participating in the design, coding, and deployment of software solutions . Key Responsibilities API Governance Establish and enforce API governance frameworks, standards, and best practices across the organisation. Review and approve API designs , ensuring they meet governance criteria, security, and performance benchmarks. Collaborate with teams to implement API lifecycle management , including versioning, documentation, and deprecation policies. Provide guidance on API security, compliance, and performance optimisation . Act as a subject matter expert on API-related governance and serve as a point of contact for queries and escalations. Development Work closely with a development squad to design, develop, and deploy software solutions. Participate in code reviews , ensuring adherence to best practices and coding standards. Assist in API integration with various internal and external systems. Contribute to the continuous improvement of the development process , including CI/CD practices, automated testing, and deployment strategies. Troubleshoot and resolve issues in both governance and development activities. Must Have Knowledge Strong understanding of API governance principles, standards, and best practices . Deep knowledge of RESTful APIs, GraphQL, and microservices architecture . Expertise in API security protocols (e.g., OAuth2, JWT, mTLS). Understanding of API lifecycle management , including versioning, documentation, and deprecation policies. Skills Hands-on experience in one or more modern programming languages (e.g., Java, GoLang, Node.js, Python). Ability to design, build, and maintain APIs following governance best practices. Proficiency with API management platforms (e.g., Apigee, Kong, AWS API Gateway). Strong problem-solving and debugging skills. Excellent communication and leadership skills to influence and mentor teams. Experience Minimum 5 years of experience in API governance, API design, or software development . Proven track record in establishing and enforcing API governance frameworks. Experience working in agile development environments and cross-functional teams. Good to Have Knowledge Familiarity with cloud-based services and DevOps practices (e.g., Docker, Kubernetes, AWS, Azure). Understanding of service mesh technologies (e.g., Istio, Linkerd) and API observability. Knowledge of regulatory and compliance requirements related to API security. Skills Experience in CI/CD pipeline automation and API testing frameworks. Ability to advocate for and drive API-first development within engineering teams. Strong stakeholder management skills to align API governance with business objectives. Experience Exposure to regulated industries , such as financial services. Prior experience in a governance or compliance-focused role . Contributions to open-source API governance tools or frameworks . If you are passionate about API governance, software development, and engineering excellence , wed love to hear from you!

Ideally, looking for a combination of Development and Application Security experience. Job Summary: We are seeking a skilled Application Security Engineer to join our Information Security team. The ideal candidate will have a minimum of four (4) years of experience in application security and a strong background in software development , particularly in .NET, C#, Angular, and React . This role is crucial in ensuring the security of our applications by working closely with development, DevOps, and security teams to identify, remediate, and prevent security vulnerabilities throughout the software development lifecycle (SDLC). Key Responsibilities: Conduct application security assessments, including code reviews, penetration testing, and threat modeling to identify vulnerabilities. Work closely with developers to integrate secure coding practices and provide guidance on remediating security issues. Implement and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools. Develop and enforce security policies, procedures, and best practices for application security. Assist in the design and review of security architecture for new and existing applications. Collaborate with DevOps teams to integrate security into CI/CD pipelines using DevSecOps principles . Research emerging threats, vulnerabilities, and security trends to proactively mitigate risks. Support incident response efforts related to application security breaches. Provide security training and awareness to development teams. Document security findings, mitigation plans, and security controls. Minimum Requirements (Must-Have) 4+ years of experience in application security with a focus on secure software development. Strong background in software development , with hands-on experience in .NET, C#, Angular, and React . Hands-on experience with SAST, DAST, Software Composition Analysis (SCA), and penetration testing tools (e.g., Burp Suite, Checkmarx, Veracode, Fortify, SonarQube ). Solid understanding of OWASP Top 10, SANS 25, and secure coding practices . Experience with threat modeling, risk assessment, and vulnerability management . Knowledge of API security, authentication, and authorization mechanisms (OAuth, JWT, SAML, etc.). Familiarity with container security, Kubernetes security, and cloud security best practices (AWS, Azure, GCP). Experience working in Agile and DevSecOps environments , integrating security into CI/CD pipelines. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to work collaboratively across teams.

F5 is seeking an Associate Technical Account Manager (TAM) to support enterprise customers, including banks and financial institutions , in securing their web applications. This role involves managing deployments, ensuring compliance, and providing proactive security guidance . The ideal candidate has 3+ years of experience in cybersecurity, system integration, or technical account management , preferably in banking, finance, or regulatory environments . Roles and Responsibilities: Act as the primary technical contact for customers, ensuring smooth onboarding and integration of F5 security solutions (WAF, Bot Defense, API Security, DDoS, CDN). Project manage the installation and integration of F5 security as a service solution for Fortune 500 and Global 1000 companies. Support customers with security best practices, audit readiness, and regulatory compliance. Work with customers to identify risks, optimize security postures, and enhance system resilience. Proactively anticipate customer needs and facilitate project success. Act as the primary representative between our customers and F5. Develop and implement best practices for program/project management, communication artifacts, reporting, and capability improvements. Develop models for resource planning and consumption as well as key performance metrics for project/program success. Communicate effectively; organize and prioritize; solve problems and make decisions; build teams and relationships. Minimum Qualifications: Strong technical background with at least 3+ years of system integration within complex environments. Experience working with major load balancers currently on the market. Exposure to cybersecurity solutions or cloud platforms (AWS, GCP, or Azure). Understanding of TCP/IP, HTTP, HTML, Javascript, CSS, and other technologies involved in delivering sophisticated web services. Bachelor's degree in Computer Science, Information Systems, or related engineering discipline, OR equivalent industry work experience. Certification is preferred but optional based on the level of experience. A customer-centric attitude and the ability to communicate well at all levels of an organization. Ability to work in a very fast-paced environment and communicate effectively. Desired Skills: Familiarity with networking concepts (CDNs, application delivery controllers, load balancers, and Web Application Firewalls). Experience of Content Delivery Networks and reverse proxy. Experience in Web Application Firewall, Bot Defense, API Security, DDOS, Reputation Service, and Multi Cloud networking. Experience with at least one of the Cloud Platforms (AWS, Azure, GCP) Basic programming or scripting knowledge (e.g., Python, Terraform). Understanding of containerization technologies like Kubernetes (certifications are a plus). Experience configuring networking equipment like BIG-IP or writing iRules (even if limited).

Must to have Skill: Preferably Male candidates. * 3+ years of backend development in Python , Fast API * Should have extensive experience in building end-to-end APIs and writing Unit Test Cases. * Should have extensive experience working with PostgreSQL/MySQL database * Strong understanding of JWT, session management, and API security * Hands-on experience with Kubernetes and AWS services * Good debugging skills to troubleshoot authentication errors.

We are looking for an experienced API Developer with at least 3 years of hands-on experience in designing, developing, and maintaining RESTful APIs. The ideal candidate should have strong expertise in backend development, API security, performance optimization, and integration with third-party services.

Job description Job Title: Senior Node.js Developer Location: Madhapur Industry: IT Services & Consulting Department: Engineering - Software & QA Employment Type: Full-Time Role Category: Backend Development Job Description: Were looking for a Senior Node.js Developer who thrives in a fast-moving product environment and enjoys building clean, scalable backends that power real-world applications. Youll work with our engineering team to design systems, ship features, and deliver high-performance backend services using NestJS . Key Responsibilities: Build and maintain backend services using NestJS , Node.js, and modern best practices Translate product requirements into scalable, secure, and maintainable services Collaborate closely with front-end and product teams to ship features quickly Own end-to-end delivery from system design to deployment and monitoring Optimize APIs and database queries for performance, reliability, and cost-efficiency Write modular, reusable, and well-tested code Lead by example in code reviews and architecture discussions Set up and maintain CI/CD pipelines and containerized deployments Stay hands-on while mentoring and supporting junior developers on the team Required Skills: 5+ years of experience building production-grade applications with Node.js Strong experience with NestJS and its ecosystem Must have an ability to design DB schema and implementation structure for a given feature based on the requirements. Strong understanding of Messaging queues (RabbitMQ/Kafka), Microservices, Caching (Redis) & Event-Driven Architecture. Experience in implementing JWT, OAuth, API security, and role-based access control (RBAC) . Proficient in TypeScript and modern JavaScript (ES6+) Solid understanding of REST APIs, authentication (OAuth2, JWT), and RBAC Experience working with RDBMS (such as MySQL, PostgreSQL) and MongoDB , including schema design and data modeling Familiar with CI/CD workflows and deployment on cloud platforms (AWS, Azure, or similar) Comfortable with Git and Agile workflows Strong debugging and performance profiling skills Good to have NESTJS Framework skill Bonus / Preferred: Experience in startups or fast-paced product environments Exposure to AI-based code generation tools or LLMs is a huge plus Experience with Redis, message queues, or background job processing Familiarity with containerization (Docker) and basic infrastructure setup Soft Skills: You take ownership — if something’s broken, you fix it Clear, concise communication — especially when writing code or documenting decisions Collaborative mindset — you enjoy bouncing ideas off your teammates Always learning — you keep up with emerging tools and tech

We are looking for a MuleSoft Developer with experience in BizTalk to MuleSoft migration or a background in working with BizTalk and MuleSoft separately. The ideal candidate will have strong integration skills, particularly in designing, developing, and migrating APIs and systems using MuleSoft. Key Responsibilities: Lead or assist in migrating BizTalk solutions to MuleSofts Anypoint Platform. Design, develop, and maintain APIs using MuleSoft Anypoint Platform. Collaborate with teams to understand existing BizTalk solutions and define migration strategies. Implement data transformations and system integrations using MuleSoft and other tools. Monitor and troubleshoot integration flows and ensure smooth operations post-migration. Document migration processes and best practices for future projects. Required Skills and Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field. 5+ years of experience in MuleSoft development. Experience with BizTalk Server and MuleSoft Anypoint Platform. Hands-on experience with BizTalk to MuleSoft migration or individual projects with BizTalk and MuleSoft. Strong knowledge of API development, REST, SOAP, and DataWeave. Proficiency in Java, XML, JSON, and MuleSoft connectors. Familiarity with integration patterns and enterprise application integration. Experience with CI/CD pipelines, API Manager, and Runtime Manager. Excellent troubleshooting skills with the ability to handle complex integrations. Preferred Skills: MuleSoft certification (MCD - MuleSoft Certified Developer). Experience with API security best practices, including OAuth 2.0 and JWT. Knowledge of CloudHub and cloud platforms like AWS or Azure. Location-Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad,Remote

Job title: Principal Security Pentester Experience: 5 - 12 years Skills: Application security, Cloud security , Network security, API security, Reverse engineering, Container, Docker, Kubernetes , Cryptography Must have skills: Application security, Cloud security, Container security and some experience in presenting to senior or executive leadership Security Pen-tester engineer with hacker (Red, Black-box) and cloud pen-testing expertise with passion in identifying and exploiting complex Security problems in distributed, multi-tenant services and infrastructure to help keep our services secure. Who are we? Oracle Analytics organization plays a meaningful role in delivering and supporting best-of-breed cloud solutions to Oracle customers. The Service Excellence team at Oracle Analytics is on the verge of redefining the development paradigms at software giant. With the world moving towards the Cloud, Oracle is at the forefront with tremendous portfolio of Cloud offerings. However, this transformation happens not just at the product level, but also in the process of developing, deploying, and operating these products in the Cloud. Using a combination of ground breaking technologies, continuous process improvements and innovative business transformation methodologies, a small group of us are inventing on the Service Excellence philosophy. Position Overview: A unique opportunity to join a rapidly growing outstanding organization, working in the Oracle Analytics Security team tasked with enabling Oracles large-scale business to seamlessly operate in multiple Cloud Environments. This mission is achieved by helping the Oracle Analytics lines of business scale up and out and meet regulatory demands in global markets.To help combat emerging threats, Oracle employs an innovative Assume Breach strategy and leverages highly niche groups of security experts to strengthen threat detection, response and defense for its enterprise cloud services. Role & Responsibilities: We are looking for hands-on Security Engineer with hacker (Red, Black-box) and cloud pen-testing expertise with passion in identifying and exploiting complex Security problems in distributed, multi-tenant services and infrastructure to help keep our services secure. Oracle Cloud Infrastructure (OCI) provides Infrastructure-as-a-Service. We operate distributed systems at a high scale, worldwide. These are the foundation of our cloud environments. Our customers run their businesses on our cloud, and our mission is to provide them with an outstanding and ever-expanding set of cloud-based services from Oracle Analytics.Within Oracle Analytics Service Excellence org, our Security team conducts penetration testing, hacking, vulnerability discovery / security engineering / Application Security, security reviews, research, and serves as red team. We ensure the security of software and hardware that run our cloud services strive to continuously improve our security stance. These are exciting times in our space. We are growing fast, still at an early stage and working on ambitious new initiatives. A security-focused engineer at any level can have significant technical and business impact. Come shape the future of one of the largest cloud services on earth with us. Qualifications: Some of our people have qualifications like the ones listed below. Our ideal candidate is passionate about security and fostering their knowledge every day. You enjoy diving into complex source code, audits to reveal subtle security vulnerabilities, writing new tools such as fuzzers in languages such as Python, Go or Java, tearing apart an undocumented file format or network protocol and coming up with novel techniques to solve outstanding and exciting security problems. We hope you like working at scale as much as we do much as we do, because Oracle has no shortage of it. Come join us today! General Qualifications: The candidate must have knowledge and experience with: Oracle Cloud Infrastructure (OCI) and/or AWS, Azure, or GCP compute, storage, and network operational experience. Methodical approaches to fixing and solving complex technical problems Issue tracking and teamwork (Jira and Confluence). Producing documentation in support of developed work (KBs, run books, help guides). Linux/Unix system administration including system level knowledge of Linux on OCI Gen 2, creating and completing scripts. Networking and TCP/IP fundamentals. Applying agile methodologies. Working with remote, global teams as well as individuals. Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff as we as team environment Working independently and in a self-directed manner. Preferred Qualifications Proven experience in Security engineering / application / penetration (Red/Black-box) / vulnerabilities Strong application/product/software security background Vulnerability discovery across Cloud services Extensive research or experience with multiple classes of security bugs Emergent threat testing Understand internet networking services, such as DNS, HTTP, etc. Programming and scripting languages (Python, Java, bash are our preferred) Using Ci/CD scripting tools such as Ansible, Puppet, or Chef. Containers and orchestration (Docker, Kubernetes). Oracle Database, MySQL or other RDBMS. Used Kali Linux, BurpSuite, Postman, Nmap.Nessus, Wireshark At least one security certification (OSCP, GPEN, CISSP and etc.) Top 3 abilities / technologies in the ideal candidate: Demonstrated competence in managing large scale cloud Security projects Security lifecycle, Security Pen-testing, hacking Strong sense of ownership, accountability and drive

10+Yrs of exp in backend architecture, API security, and cloud-based microservices. • Expertise in Spring Boot, API Gateway, and Kubernetes (EKS) • Exp. in CI/CD pipeline automation, DevSecOps best practices, and performance tuning. • Required Candidate profile Strong knowledge of AWS networking, IAM policies, and security compliance. • Proven ability to mentor backend developers, optimize system performance, and scale cloud-based architectures.

Tech Stack: FastAPI, Python, React (TypeScript), AWS, OAuth, OIDC Responsibilities : Evaluate Open Source and Commercial platforms for ease of integration, deployment, security and use-case fitment, and help finalize the final solution Implement SSO authentication using OAuth 2.0, OpenID Connect (OIDC), and SAML in our product. Develop authentication flows and secure API endpoints using FastAPI. Implement JWT-based session management and token lifecycle handling. Work with the frontend team to integrate authentication in a React (TypeScript) application. Ensure security best practices (e.g., secure token storage, MFA, CSRF protection). Troubleshoot authentication issues and improve user login experience. Requirements: 2+ years of experience in backend development with Python (FastAPI). Experience integrating SSO using OAuth 2.0, OIDC, or SAML. Experience with React (TypeScript) authentication flows. Strong understanding of JWT, session management, and API security. Hands-on experience with Kubernetes and AWS services Good debugging skills to troubleshoot authentication errors.