204 Api Security Jobs - Page 9

Ideally, looking for a combination of Development and Application Security experience. Job Summary: We are seeking a skilled Application Security Engineer to join our Information Security team. The ideal candidate will have a minimum of 8-12 years of experience in application security and a strong background in software development , particularly in .NET, C#, Angular, and React . This role is crucial in ensuring the security of our applications by working closely with development, DevOps, and security teams to identify, remediate, and prevent security vulnerabilities throughout the software development lifecycle (SDLC). Key Responsibilities: Conduct application security assessments, including code reviews, penetration testing, and threat modeling to identify vulnerabilities. Work closely with developers to integrate secure coding practices and provide guidance on remediating security issues. Implement and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools. Develop and enforce security policies, procedures, and best practices for application security. Assist in the design and review of security architecture for new and existing applications. Collaborate with DevOps teams to integrate security into CI/CD pipelines using DevSecOps principles . Research emerging threats, vulnerabilities, and security trends to proactively mitigate risks. Support incident response efforts related to application security breaches. Provide security training and awareness to development teams. Document security findings, mitigation plans, and security controls. Minimum Requirements (Must-Have) 8-12 years of experience in application security with a focus on secure software development. Strong background in software development , with hands-on experience in .NET, C#, Angular, and React . Hands-on experience with SAST, DAST, Software Composition Analysis (SCA), and penetration testing tools (e.g., Burp Suite, Checkmarx, Veracode, Fortify, SonarQube ). Solid understanding of OWASP Top 10, SANS 25, and secure coding practices . Experience with threat modeling, risk assessment, and vulnerability management . Knowledge of API security, authentication, and authorization mechanisms (OAuth, JWT, SAML, etc.). Familiarity with container security, Kubernetes security, and cloud security best practices (AWS, Azure, GCP). Experience working in Agile and DevSecOps environments , integrating security into CI/CD pipelines. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to work collaboratively across teams.

Are you interested in automating the build and deployment process of the application with ensuring the application security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you. Who we are? Payatu is an ISO9001:27001 certified company focused on driving excellence, growth and innovation to make the cyberworld safe for every organization, product and individual. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual. What we look for outside work parameters? Your expertise is your primary qualification, not your degree or certification. Your publicly known contributions are your credentials. Papers you have written, tools you have developed are your references. Your write-up reflects your interests and ethics. Your published exploits, your CTF scores, and hall of fame listings are the testimonies of your work. Your research paper was published and presented at conferences. You are learning from the community and enthusiastically contributing back. You are a perfect technical fit if: Strong fundamental of application and network protocols. Stronghold on Web application security concept and penetration testing skill. Good command of at least one programming language. Good understanding of OWASP Top 10 and other web-related vulnerabilities as well as logic flaws. Hands-on experience in performing penetration testing of web-based applications preferably in the financial domain. Good to have experience in working alongside the development/QA teams. Good report writing and presentation skills. Should be able to suggest optimum security improvements to application components. You Have All Our Desired Qualities, if: Experience in web application and web service security assessment. You have a history of publishing or presenting good research. You have the knack of finding security bugs in everything you touch. You like automating stuff. You like writing tools. You have excellent written and verbal communication skills and the ability to express your thoughts clearly. You have the skill to articulate and present technical things in business language. You can work independently as well as within a team and meet project schedules and deadlines. You have strong problem solving, troubleshooting, and analysis skills. You are passionate about your area of expertise and self-driven. You are comfortable working in a dynamic and fast-paced work environment. You are Self-driven, proactive, hardworking, team-player. You are working on something on your own in your field apart from official work. Your everyday work will look like: Security assessment of web application and web service on various platforms. Back your findings with Proof-of-concept exploits. Collect evidence and maintain a detailed write-up of the findings. Understand and explain the results with impact on business and compliance status. Explain and demonstrate vulnerabilities to application/system owners. Provide appropriate remediation and mitigations of the identified vulnerabilities. Individually or collaboratively review the system designs, source code, configurations, communications for security gaps. Deliver results within stipulated timelines. Sharpen your saw with continuous research, learning, training on the latest tools and techniques, keeping up with new research, and sharing the same with the ecosystem. Communicate well using verbal and written skills, within and out of the team.

Role & Responsibilities: Design, build, and deploy : Architect and deliver a production-ready SaaS MVP using Python, AWS, Kubernetes, DevOps, and security automation best practices. Cloud security automation : Implement and automate continuous security scanning, infrastructure as code (IaC), vulnerability detection, and IAM policy checks across AWS, Azure, and modern SaaS environments. AI/LLM integration : Integrate and operationalize remediation automation using OpenAI/LangChain and industry-standard security toolkits (Checkov, Prowler, Trivy). DevOps and CI/CD : Set up robust CI/CD pipelines, leverage Docker and Kubernetes for rapid scaling, and automate cloud resource deployment with tools like Terraform/Ansible. Compliance-ready engineering : Ensure product architecture and features meet baseline compliance requirements (SOC2, HIPAA, PCI). Collaboration : Work closely with the founder and Figma/UI designer; communicate technical choices, deliver fast iterations, and document your work for future scaling. Ownership : Take full technical ownership of the MVP from design to initial usersincluding deploy, monitor, and iterate based on early customer feedback. Preferred candidate profile: 5+ years hands-on SaaS development (Python, Kubernetes, AWS, cloud security). Proven expert in DevOps, automation, and multi-cloud infrastructure. Real-world experience with security automation, cloud misconfiguration scanning, IAM best practices, and incident response. Hands-on with Docker, Terraform, Ansible, Chef/Puppet, and scripting for automation. Experience integrating with LLM/AI services (OpenAI, LangChain), API security, and self-service SaaS dashboards. Startup builder mentality: ship fast, trade perfection for validated progress, and care deeply about security outcomes. Excellent communicator, strong documentation habits, and comfortable taking the lead (with UI/UX support). Bonus: Prior work on security/compliance SaaS, MSP tools, or SMB-focused security automation platforms. Familiarity with HIPAA, SOC2 controls, and compliance workflows. Interest in product strategy, feedback, and scaling beyond MVP. Why join us? Founding team status with the potential to play a pivotal, long-term role and shape product direction. Mission-driven: make cutting-edge security automation accessible (and affordable) for SMBs globally. Flexible, remote-first, high-trust environment.

Hiring Mirakl professionals with strong skills in Java, Mirakl APIs/SDKs, REST, microservices, ERP/PIM/OMS integration, Spring Boot, containerized deployments, Postman, API security, Kafka/RabbitMQ, CI/CD