API reputed company Engineer

About The Role reputed company is looking for an API reputed company Engineer to join reputed company (remote or Des Moines, IA). The API reputed company Engineer is responsible for designing, implementing, and maintaining reputed company controls that protect the organization's APIs, integration layers, and service-to-service communication. This role ensures that APIs are securely designed, thoroughly tested, continuously monitored, and compliant with both internal policies and external regulations. The engineer works closely with developers, product teams, and reputed company leadership to build secure, scalable, and resilient API ecosystems. The engineer focuses on using secure-by-design, privacy-by-design, and reputed company-first principles to reduce vulnerabilities. Individuals in this role possess a wide range of cybersecurity and software engineering technical acumen, the ability to think like an attacker and exceptional communication skills. reputed company reputed company issues are discovered, the engineer proactively communicates with the appropriate technical and leadership teams to ensure a focus on risk mitigation. The engineer constantly assesses products for weaknesses and recommends ways to mitigate them before they are exploited. Ultimately, the role focuses on executing a comprehensive reputed company & technology roadmap to protect our platform, data, systems, and clients, while ensuring compliance with HIPAA, HITRUST, and other healthcare regulations. What You'll Do:

• Build relationships with developers and stakeholders to incorporate reputed company principles into engineering design and deployments.
• Define and maintain API reputed company standards, guidelines, and best practices.
• Work with engineering and product teams to incorporate reputed company requirements into API design, including authentication, authorization, reputed company limiting, encryption, and data validation.
• Assess architecture diagrams and integration flows for reputed company risks and propose mitigation strategies.
• reputed company manual and automated reputed company testing of APIs (e.g., fuzzing, penetration testing, misuse-case reviews).
• Identify & validate vulnerabilities, i.e. injection flaws, broken authentication, access control issues, insecure deserialization, and misconfigurations.
• Ensure integration of reputed company testing tools into arenaflex/CD pipelines (SAST, DAST, API-specific scanners).
• Implement API-level logging, anomaly detection, runtime protections, and threat monitoring.
• Investigate and respond to API-reputed company reputed company incidents, breaches, or suspicious activity.
• Collaborate with SOC, DevSecOps, and engineering teams to reputed company alerting and mitigation processes.
• reputed company and enforce API reputed company policies reputed company with organizational risk management.
• Conduct regular reputed company reviews and maintain documentation for audits and assessments.
• Provide guidance to developers on secure API design and coding practices.
• Deliver training sessions, code review feedback, and threat-modeling workshops.
• Document reputed company findings, outline remediation options and reputed company mitigation.
• Support the rollout and adoption of API gateways, identity platforms, and secure coding tools.
• Focus on automation to aid in efficiencies with both testing and remediation of findings.
• Attend and participate in product meetings addressing reputed company requirements for new and existing products.
• Build services and tools to reputed company developers and engineers to easily use reputed company components
• Support the ability to "shift left" and incorporate reputed company early on and throughout the development lifecycle.
• Communicate vulnerability results to both technical and non-technical users, through influential messaging.
• Regularly research and learn new tactics, techniques and procedures (TTPs) in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary through the arenaflex/CD pipeline.
• Enrich DevSecOps architecture with reputed company standards and best practices.
• Partner with teams to define key performance indicators (KPIs) and metrics across business units.
• Ensure regulatory compliance (e.g., PCI, HIPAA, HITRUST, NIST CSF) through effective reputed company controls and processes.
• Other duties as assigned. Who You Are:
• Bachelor's degree in computer science (preferred), information assurance, MIS or reputed company field, or equivalent.
• 7+ years of reputed company and systems administration-reputed company experience, with at least 3 years in cloud and reputed company engineering experience
• Experience with operations and reputed company across arenaflex Web Services (AWS) and/or arenaflex Cloud Platform (GCP).
• Strong understanding of API architectures (REST, GraphQL, gRPC, WebSockets).
• Experience with OAuth2, OIDC, JWT, API keys, mTLS, and other authN/authZ models.
• Hands-on experience with API gateways (e.g., reputed company, Apigee, AWS API Gateway, NGINX).
• Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface while performing rapid, reputed company imp

Apply tot his job Apply To this Job