Cybersecurity Analyst- API Security Testing (Remote)

Join to apply for the Cybersecurity Analyst- API Security Testing (Remote) role at Florida Blue.

As a Cybersecurity Analyst in API Security Testing at Florida Blue, you will play a critical role in protecting our members' sensitive information by identifying and mitigating vulnerabilities in our APIs, ensuring the security and integrity of our digital ecosystem. Your expertise will have a direct impact on safeguarding our organization's reputation and maintaining the trust of our members, while also enabling our business to innovate and grow in a secure and compliant manner.

• Conduct API Security Testing: Design, execute, and analyze API security tests to identify vulnerabilities, weaknesses, and potential threats, using tools such as Postman, Burp Suite, or OWASP ZAP.
• Vulnerability Management: Identify, classify, and prioritize API vulnerabilities, and collaborate with development teams to remediate or mitigate identified issues, ensuring timely and effective risk reduction.
• API Security Compliance: Ensure API security testing aligns with relevant regulatory requirements, such as HIPAA, PCI-DSS, and OWASP guidelines, and maintain compliance with Florida Blue's security policies and standards.
• Threat Modeling and Risk Assessment: Perform threat modeling and risk assessments to identify potential API security risks, and develop strategies to mitigate or eliminate those risks, ensuring the security and integrity of Florida Blue's APIs.
• Security Recommendations and Education: Provide actionable security recommendations to development teams, and educate them on secure coding practices, API security best practices, and the importance of security testing, to promote a culture of security within the organization.

• 5+ years’ experience within Application Development, Cybersecurity, or Information Technology Infrastructure or a combination of the 3.
• Experience with API testing.
• Understanding of OAuth and how it is used to secure APIs.
• Experience with software development OR scripting with PowerShell or Python.
• Current Cybersecurity certification in CSSLP, GCIH, or CEH, or ability to obtain within 180 days of being placed in the role.
• Technical knowledge of security architecture, tools, and controls, with demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and threats; knowledge of security infrastructure including firewalls, data loss prevention, encryption, and endpoint protection appliances.
• Demonstrated knowledge of threat analysis, detection concepts, and OWASP Top 10.
• Knowledge of network infrastructure including routers, switches, firewalls, and associated protocols.
• Experience developing, documenting, and maintaining security procedures.
• Strong communication skills to articulate complex technical information clearly to all levels.
• Experience evaluating security intelligence artifacts for internal stakeholders.
• Related Bachelor’s degree or equivalent work experience in Computer Information Systems with Cybersecurity.

• Bachelor’s degree in a related field.
• Exposure to Project Management methodologies like Waterfall, Agile, Lean, or SAFe.

Physical Demands: Sedentary work; exerting up to 10 pounds of force occasionally.

As a Florida Blue employee, you will thrive in our Be Well, Work Well, GuideWell culture, with comprehensive benefits including medical, dental, vision, life insurance, retirement plan, paid time off, and wellness programs.

Typical annualized salary range: $97,900 - $122,400, with a full salary range of $97,900 - $159,100. Final pay will be determined based on market, internal equity, and experience.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Information Technology

Industries: Hospitals and Healthcare, Non-profit, Government