No more applications are being accepted for this job

API Security Engineer - Gurugram, India - Incedo Inc.

Incedo Inc. Gurugram, India

1 week ago

Description

Job Title: API Security Engineer

Job Location: Gurgaon

5-12 yrs

Job Type: Full-time

Company Overview:

Incedo Inc is a global technology services company that specializes in providing industry-specific, innovative solutions to businesses across various sectors. With a strong presence in North America, Asia, and Europe, Incedo delivers cutting-edge technology services and expertise to clients worldwide. The company's mission revolves around enabling businesses to excel in the digital era by leveraging its deep industry knowledge, technological capabilities, and a commitment to excellence. Incedo's core values of innovation, collaboration, integrity, and customer-centricity underpin its client-centric approach, fostering lasting partnerships and delivering tailored solutions to address each client's unique challenges and opportunities in the ever-evolving digital landscape.

Job Summary:

We are looking for software engineers, who are solid coders, quick learners and can effectively work in a fast-paced startup environment. Role provides amazing opportunities to work on super modern and cutting-edge technology stack - Java, microservices, Kuberntetes, Nginx, Service Meshes, API Gateways, GraphQL, MongoDB, Druid, Pinnot, Kafka, Distributed Systems, Big Data, Machine Learning, Distributed Tracing, Google Cloud Engine, AWS, Web Assembly etc.

Key Responsibilities:

 Conduct comprehensive assessments of API security vulnerabilities and threats.

 Develop and implement security protocols, policies, and procedures for API access.

 Collaborate with cross-functional teams to ensure secure API design, development, and integration.

 Monitor and respond to security incidents, breaches, or unauthorized access attempts.

 Conduct API penetration testing and security reviews to identify vulnerabilities.

 Recommend and implement API security best practices and configurations.

 Stay current with the latest security threats and industry trends.

Required Skill Sets and Qualification:

 Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).

 In-depth knowledge of SOAP, REST, and GraphQL.

 Experience working with various API gateway technologies such as Mule, Kong, and Apigee.

 Proficiency in API Penetration Testing and DDoS attack mitigation.

 Strong understanding of stream transformation.

 Knowledge of F5 and Nginx for routing and load balancing.

 AWS cloud experience.

 Proficiency in Java and

 Familiarity with authentication mechanisms, including Basic, Digest, and token-based authentication.

 Experience with Splunk.

 Experience with Traceable AI is great to have.

 Experience with Akamai or other Content Delivery Networks (CDNs) is a plus.

 Continuous Delivery and Continuous Integration (CD/CI) experience is desirable.

 Proficiency with Unix/Linux server environments.

 Experience in modern tech stack - microservices, docker, kubernetes, cloud platform (AWS/GCS etc) is a must.

 Prior development experience and fair understanding of programming languages and frameworks is a must.

 Proficiency in web app security, vulnerability research, and penetration testing.

 Strong foundation in computer science fundamentals, network security, authentication protocols.

 Strong experience of various pentesting tools like Burpsuite, ZAP etc.

 Strong applied knowledge of attacks in Web/API eco-system - Web attacks, API attacks, API abuse, API Fraud, ATO etc.

 Strong understanding of Application Security Solutions (WAF, RASP etc. ).

 Working knowledge of IAST, DAST, SAST