Job Information
System One API Security Architect - REMOTE WORK in Cleveland, Ohio
For immediate consideration, please connect with me on LinkedIn at https://www.linkedin.com/in/dpotapenko and then email your resume, work authorization status, current location, availability, and compensation expectations directly to denis.potapenko@systemone.com - make sure to include the exact job title and job location in your email message.
* REMOTE WORK
API Security Architect :
Software Security Group is building a program from the ground up focused on API security posture. The program aims to provide business insight, visibility, traceability, actionable intelligence, and metrics to enable developers to write secure software across the organization.
Work with the API governance team to ensure security is integrated into the process
Develop a roadmap for various activities to build the API security program, including dashboards
Provide API design guidance for secure API architecture
Collaborate with stakeholders to define an API security strategy aligned with overall business objectives
Design a secure API architecture utilizing secure design patterns, encryption protocols, and authentication/authorization mechanisms
Develop a comprehensive framework for API security, defining procedures for API threat modeling, vulnerability assessments, and penetration testing
Support the configuration of API gateways to enforce security policies, rate limiting, and access control
Design and implement robust authentication and authorization mechanisms to control access to API resources based on user roles and permissions (e.g., OAuth, OpenID Connect, API key management solutions)
Build actionable insight and intelligence, including identification of suspicious activity, potential attacks, and API misuse
Educate developers on API security best practices
Communicate API security risks effectively to stakeholders, including developers, product managers, and line of business leadership
Required Technical Skills and Experience :
Deep understanding of API security best practices, including OWASP (Open Web Application Security Project) API Security Top 10
Experience with API security tools and methodologies (penetration testing, API gateways)
Strong knowledge of cryptography and authentication protocols
Excellent communication and collaboration skills to work with developers and cross-functional teams
Proficiency in API security frameworks and various API patterns
Strong "Secure by Design" experience - knowing how to build a system securely from scratch
Possess in-depth knowledge of how to secure an API (e.g., authentication, authorization, auditing, rate limiting, encryption)
Ability to explain and justify recommended courses of action in meetings
For immediate consideration, please connect with me on LinkedIn at https://www.linkedin.com/in/dpotapenko and then email your resume, work authorization status, current location, availability, and compensation expectations directly to denis.potapenko@systemone.com - make sure to include the exact job title and job location in your email message.
.
System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.