Technical Project Manager

Title : API Security Technical project manager

Location : Phoenix, US ONSITE

Skills required : API; Apigee; Project Management, customer expecting CISSP / CISM Certified candidate.

Primary Responsibilities

• Perform ongoing governance and follow-through with API owners to ensure implementation of threat-based requirements.
• Develop, deliver, and keep up-to-date API security standard requirements and design patterns.
• Validate implementation of API security controls against outputs of vulnerability testing tools to enable auditability and verifiability.
• Serve as an API security technical advisor to application teams.
• Evangelize API security design principles.
• Collaborate as API security subject matter expert within the organization.
• Security and Technical Experience
• Direct hands-on experience developing and securing web APIs and web applications : REST, SOAP, gRPC.
• Direct hands-on experience with security testing of web services and web APIs.
• Solid hands-on experience with leading threat modeling exercises for applications and services.
• Solid understanding of risk management, security architecture and secure SDLC practices.
• Strong experience and understanding of API identity and access management controls : OAuth 2.0, OIDC, JWT.
• Strong experience and understanding of familiarity with cryptography controls : Data at rest, in motion and in-use.
• Experience with industry standards and frameworks : NIST 800-53, NIST CSF, OWASP, SANS Top 25.
• Experience with Java, JavaScript, and mobile application development.
• Familiarity with database architectures : Oracle, SQL and NoSQL Databases.
• Information security professional certifications such as SANS GIAC, CISSP, CISM.
• Experience with service-oriented architectures and web services security.

Desired Skills :

• Experience mentoring application security and secure development practices to team.
• Experience with DevOps processes in a Cloud / SaaS environment.
• Experience architecting, securing, and operating one or more public cloud environments : Amazon Web Services, Google App Engine, Azure, and Oracle Cloud.
• Experience with one or more emerging programming languages : Go, Rust.
25 days ago