Security Engineer
3 weeks ago
We are hiring a Security Engineer with a specialization in APIs to join our DevSecOps team. The ideal candidate will play a crucial role in enhancing our API-centric development approach, managing API security tools, and ensuring the security of our systems within an Azure environment. Our DevSecOps team is focused on high performance, tracking work in a management system to demonstrate progress towards our goals. We value meaningful security work over security theater, emphasizing evidence-backed security measures.
What youll be doing
Own the API security program, including strategic planning, tool selection, and demonstrating program value through metrics.
Implement and manage API security tools, focusing on identifying full-featured API security solutions.
Work closely with development teams to integrate security principles in API development and ensure compliance with security standards.
Support the DevSecOps team in areas such as container security, application security testing tools, and infrastructure as code scanning.
Strategically manage, identify, and track new technologies to ensure a comprehensive security tool stack configuration to address threats and gaps, particularly related to API security.
Build and present business cases on new technologies to address new and emerging risks, as well as gaps identified by external and internal assessors.
Lead work in security controls and requirements identification for large and small technology and business initiatives.
Build strong relationships with other technical personnel to create trust in guidance and insight on security topics.
Maintain and improve policy and standards documentation relating to API security.
What you will need to be successful
Bachelors degree in Information Systems, Cybersecurity or a related field and minimum 2 years relevant experience; or equivalent combination of education and experience.
Demonstrated experience as a professional security engineer and/or software engineer, particularly regarding APIs and modern software architecture.
Experience with Azure cloud environments and familiarity with API management tools like Azure APIM and Kong..
Experience executing and performing security risk assessments for on-premise and cloud-based services.
Advanced security certification (e.g., CISSP, CSSLP, CEH) or demonstrable level of compentency preferred
Agile/Scrum and Microsoft Azure experience are beneficial with expert-level working knowledge of API Security and the concepts and tooling that can help protect them.
Expert knowledge of leading information security frameworks and best practices (OWASP API Top 10, NIST Cybersecurity Framework, ISO27001/2, and CIS Top 20 Controls), and extensive experience applying frameworks to identify appropriate security measures and applying multiple risk treatments
An API attacker mindset that is only satisfied when defense-in-depth controls are in place but will still question assumptions about our existing security posture.
Ability to perform high-quality and effectual threat modeling.
Ability to present complex security recommendations and influence both senior leaders and technology SMEs.
Ability to research, identify and iterate on new security metrics to provide greater visibility on program status and improvement opportunities to senior leadership
Ability to clearly and logically document all procedures related to this role and a passion for keeping documentation up to date
Excellent interpersonal skills including the ability to interact effectively and professionally with individuals at all levels; both internal and external
Team player capable of developing strong collaborative working relationships with internal partners and able to effectively engage and build consensus among cross-functional teams
Experience in financial services or healthcare industries, dealing with sensitive data protection is a plus.
Familiarity with container security, application security testing tools, and infrastructure as code scanning is a plus.
No phone calls or third parties. Candidates must be United States citizens or legal permanent residents. Proof of legal residence and work authorization in the United States is required.
-
Splunk Security Engineer
2 weeks ago
Boston, Massachusetts, United States GuidePoint Security Full timeJob Title: Splunk Security EngineerGuidePoint Security is seeking a highly skilled Splunk Security Engineer to join our team. As a Splunk Security Engineer, you will be responsible for driving complex security-focused deployments of Splunk while working side by side with our customers to solve their unique problems across a variety of use cases.Key...
-
Application Security Sales Engineer
3 weeks ago
boston, United States Legit Security Full timeLegit Security is a cybersecurity company that provides an enterprise SaaS solution designed to protect an organization's software supply chain from attack, covering both on-premises and cloud resources. The company's mission is to safeguard businesses from the growing threats targeting software supply chains, enabling organizations to build secure software...
-
Application Security Sales Engineer
1 week ago
Boston, United States Legit Security Full timeLegit Security is a cybersecurity company that provides an enterprise SaaS solution designed to protect an organization's software supply chain from attack, covering both on-premises and cloud resources. The company's mission is to safeguard businesses from the growing threats targeting software supply chains, enabling organizations to build secure software...
-
Application Security Sales Engineer
7 days ago
Boston, United States Legit Security Full timeLegit Security is a cybersecurity company that provides an enterprise SaaS solution designed to protect an organization's software supply chain from attack, covering both on-premises and cloud resources. The company's mission is to safeguard businesses from the growing threats targeting software supply chains, enabling organizations to build secure software...
-
Application Security Sales Engineer
3 weeks ago
Boston, United States Legit Security Full timeLegit Security is a cybersecurity company that provides an enterprise SaaS solution designed to protect an organization's software supply chain from attack, covering both on-premises and cloud resources. The company's mission is to safeguard businesses from the growing threats targeting software supply chains, enabling organizations to build secure software...
-
Senior Software Engineer
3 weeks ago
Boston, United States Zilla Security Full timeAt Zilla, we are reinventing Identity Security and Identity Governance. Join us to build a world-class solution with a simple and intuitive user experience that stands apart from the complex products in the IT & Security space.As a full-stack engineer at Zilla, you are responsible for the end-to-end delivery of features into the product. We are looking for...
-
Security Engineer
3 weeks ago
Boston, United States Whitridge Associates Full timeWe are seeking a highly skilled Security Engineer to join our team on a contract basis. This role requires a seasoned professional with deep experience in security engineering and operations, particularly with hands-on operational duties. The ideal candidate will be able to work collaboratively in a hybrid setting, with no exceptions to the onsite...
-
Security Engineer
2 months ago
Boston, United States Whitridge Associates Full timeWe are seeking a highly skilled Security Engineer to join our team on a contract basis. This role requires a seasoned professional with deep experience in security engineering and operations, particularly with hands-on operational duties. The ideal candidate will be able to work collaboratively in a hybrid setting, with no exceptions to the onsite...
-
Security Engineer
2 months ago
Boston, United States Whitridge Associates Full timeWe are seeking a highly skilled Security Engineer to join our team on a contract basis. This role requires a seasoned professional with deep experience in security engineering and operations, particularly with hands-on operational duties. The ideal candidate will be able to work collaboratively in a hybrid setting, with no exceptions to the onsite...
-
Security Engineer
3 weeks ago
boston, United States Whitridge Associates Full timeWe are seeking a highly skilled Security Engineer to join our team on a contract basis. This role requires a seasoned professional with deep experience in security engineering and operations, particularly with hands-on operational duties. The ideal candidate will be able to work collaboratively in a hybrid setting, with no exceptions to the onsite...
-
Security Engineer
7 days ago
Boston, United States Whitridge Associates Full timeWe are seeking a highly skilled Security Engineer to join our team on a contract basis. This role requires a seasoned professional with deep experience in security engineering and operations, particularly with hands-on operational duties. The ideal candidate will be able to work collaboratively in a hybrid setting, with no exceptions to the onsite...
-
Security Engineer
3 weeks ago
Boston, United States Whitridge Associates Full timeWe are seeking a highly skilled Security Engineer to join our team on a contract basis. This role requires a seasoned professional with deep experience in security engineering and operations, particularly with hands-on operational duties. The ideal candidate will be able to work collaboratively in a hybrid setting, with no exceptions to the onsite...
-
Security Engineer
2 weeks ago
Boston, United States CPS Insurance Services Full timeWe are hiring a Security Engineer with a specialization in APIs to join our DevSecOps team. The ideal candidate will play a crucial role in enhancing our APIcentric development approach managing API security tools and ensuring the security of our systems within an Azure environment. Our DevSecOps team is focused on high performance tracking work in a...
-
Security Engineer
4 days ago
Boston, United States CPS Insurance Services Full timeWe are hiring a Security Engineer with a specialization in APIs to join our DevSecOps team. The ideal candidate will play a crucial role in enhancing our APIcentric development approach managing API security tools and ensuring the security of our systems within an Azure environment. Our DevSecOps team is focused on high performance tracking work in a...
-
Data Security Engineer
3 weeks ago
Boston, United States firstPRO, Inc Full timefirstPRO is now accepting resumes for a Email Data Security Engineer role in Waltham, MA. This is a direct hire and onsite 3 days per week.We’re looking for an email and data security engineer to join our ranks. Are you an experienced security engineer with strong knowledge and technical expertise? As an email and data security engineer, you will be a key...
-
Data Security Engineer
3 days ago
Boston, United States firstPRO, Inc Full timefirstPRO is now accepting resumes for a Email Data Security Engineer role in Waltham, MA. This is a direct hire and onsite 3 days per week.We’re looking for an email and data security engineer to join our ranks. Are you an experienced security engineer with strong knowledge and technical expertise? As an email and data security engineer, you will be a key...
-
Data Security Engineer
3 weeks ago
Boston, United States firstPRO, Inc Full timefirstPRO is now accepting resumes for a Email Data Security Engineer role in Waltham, MA. This is a direct hire and onsite 3 days per week.We’re looking for an email and data security engineer to join our ranks. Are you an experienced security engineer with strong knowledge and technical expertise? As an email and data security engineer, you will be a key...
-
Platform Security Engineer
2 months ago
Boston, United States Rogue Talent Full timeRogue Talent is hiring a Platform Security Engineer who will be the top voice and key contributor to maturing the modern infrastructure capabilities of a legendary cyber R&D institution based in suburban Boston (hybrid, on-site 3 days/week). Key areas of focus will be containerization (Kubernetes), IaC (Terraform), CI/CD pipelines, automation, RBAC / IAM,...
-
Platform Security Engineer
2 months ago
Boston, United States Rogue Talent Full timeRogue Talent is hiring a Platform Security Engineer who will be the top voice and key contributor to maturing the modern infrastructure capabilities of a legendary cyber R&D institution based in suburban Boston (hybrid, on-site 3 days/week). Key areas of focus will be containerization (Kubernetes), IaC (Terraform), CI/CD pipelines, automation, RBAC / IAM,...
-
Platform Security Engineer
3 weeks ago
boston, United States Rogue Talent Full timeRogue Talent is hiring a Platform Security Engineer who will be the top voice and key contributor to maturing the modern infrastructure capabilities of a legendary cyber R&D institution based in suburban Boston (hybrid, on-site 3 days/week). Key areas of focus will be containerization (Kubernetes), IaC (Terraform), CI/CD pipelines, automation, RBAC / IAM,...
