Cybersecurity Engineer

Title: Cybersecurity Engineer - API and Web App Protection (TS- Sub)

Location: Remote

Duration: 6 months



Must Haves:

Must have scripting experience. Must have Azure experience, preferably EntraID. Must be familiar with OWASP top 10.



Job Description:

We are seeking an experienced Cyber Security Engineer to join our team, responsible for ensuring the security of our applications and APIs. This role will focus on collaborating with cross functional teams, including developers, UI developers, and API developers, to identify and remediate security vulnerabilities. The ideal candidate will have expertise in API security, UI security, as well as secure coding practices, with the ability to balance security with business needs and enable rapid and secure deployment of applications.



Essential Functions

* Collaborate with developers throughout the software development lifecycle to ensure security best practices are integrated into application design and development

* Review scan findings and work with developers to remediate security vulnerabilities and implement fixes within their applications

* Work with application owners to enable single sign on via standards such as SAML or OAuth

* Work with application owners to manage access control via conditional access policies

* Partner with developers to ensure secure coding practices and mitigate security risks

* Provide security guidance and recommendations to development teams to ensure compliance with security standards and regulations

* Develop and maintain security documentation, including threat models, risk assessments, and security requirements

* Stay current with emerging security threats and technologies, applying this knowledge to improve our overall security posture

* Enable the business to rapidly and securely deploy applications balancing security with business needs



Additional Required Qualifications

* 4+ years of experience in cyber security, with a focus on secure development and deployment

* Strong understanding of secure coding practices, threat modeling, and risk assessment

* Experience with Azure / EntraID

* Experience with Single Sign On using SAML or OAuth

* Experience with security tools such as Postman, Burp Suite, etc. and vulnerability management

* Experience with scripting languages such as PowerShell or Python

* Excellent communication and collaboration skills, with the ability to work with technical and non-technical stakeholders

* Strong problem-solving skills, with the ability to analyze complex security issues and develop effective solutions

* Familiarity with API security frameworks and protocols (OAuth, JWT), as well as UI development frameworks and tools



Required Work Experience:

* 4+ years related work experience

* 2+ years in Cybersecurity

* 2+ years Information Technology Infrastructure



Required Education:

* Related Bachelor's degree or additional related equivalent work experience



Required Licenses and Certifications (required within 180 days of FT hire) :

* Cybersecurity Engineer Defense and Threat Operations: SSCP

* Cybersecurity Engineer Enterprise Cybersecurity Services: SSCP



Preferred Qualifications

* Experience with the OWASP Top 10 and remediation strategies

* Experience with the creation of both technical and non-technical documentation

* Experience with agile development methodologies

* Experience with CI/CD pipelines and tools such as JenkinsPosition is offered by a no fee agency.