API Security Consultant
Location: Dorchester, MA
Duration: Through the end of 2018 (strong likelihood of an extension)
- Lead the security aspects of the new build out for API Management rules to support business applications
- Manage API policies to ensure the stability and security of the applications
- Work with the Cybersecurity, Infosec and CISO team to support building integrations following all security guidelines
- Ensure the API solutions are built to enable their processes through automation and orchestration of the security tools.
- Working experience in authentication technologies, including OAuth, SAML, and SSO.
- Ensure that API security will not block or excessively slow down application delivery.
- Ensure that security measures will not compromise API performance.
- Provide malicious bot mitigation and protection from API abuse in general.
- Ensuring risk-driven prioritization of API security
- Experience in integrating Static/Dynamic Scan tools in SDLC process.
- Penetration Testing experience.
- Oauth2, SSO, SAML
- XML/SOAP Security
- IBM API Connect
- WAF Antihacking Policies configuration
- Content Inspection
- Fine Grain authorization (Oauth Scopes)