Job Description :
Role: API Security Consultant
Location: Boston, MA
Interview: Phone then Skype
Duration: 6 month
Job description
Responsibilities:
Lead the security aspects of the new build out for API Management rules to support business applications
Manage API policies to ensure the stability and security of the applications
Work with the Cybersecurity, Infosec and CISO team to support building integrations following all security guidelines
Ensure the API solutions are built to enable their processes through automation and orchestration of the security tools.
Working experience in authentication technologies, including OAuth, SAML, and SSO.
Ensure that API security will not block or excessively slow down application delivery.
Ensure that security measures will not compromise API performance.
Provide malicious bot mitigation and protection from API abuse in general.
Ensuring risk-driven prioritization of API security
Experience in integrating Static/Dynamic Scan tools in SDLC process.
Penetration Testing experience.
Technical Knowledge:
Oauth2, SSO, SAML
XML/SOAP Security
PING
IBM API Connect (nice to have)
WAF Antihacking Policies configuration
Content Inspection
J2EE
Fine Grain authorization (Oauth Scopes)