Job Description

Locations

• Taguig City, PH, India (Remote)

Salary

Skills Required

• Vulnerability Assessment and Penetration Testing (VAPT)intermediate
• Static Application Security Testing (SAST)intermediate
• API specifications (OpenAPI/Swagger)intermediate
• Secure API design and coding practicesintermediate
• CI/CD pipelinesintermediate
• RESTful APIsintermediate
• GraphQL APIsintermediate
• OAuth2intermediate
• JWTintermediate
• Burp Suiteintermediate
• OWASP ZAPintermediate
• Postmanintermediate
• SonarQubeintermediate
• Checkmarxintermediate
• Fortifyintermediate
• OWASP API Security Top 10intermediate
• Pythonintermediate
• JavaScriptintermediate
• AWSintermediate
• Azureintermediate
• GCPintermediate
• API gatewaysintermediate
• DevSecOpsintermediate
• Analytical skillsintermediate
• Problem-solvingintermediate
• Attention to detailintermediate

Required Qualifications

• 1–3 years of experience in application development, cybersecurity, or API support (experience)
• Basic understanding of RESTful and GraphQL APIs, including authentication methods (OAuth2, JWT) (experience)
• Exposure to VAPT tools such as Burp Suite, OWASP ZAP, Postman, or similar (experience)
• Familiarity with SAST tools like SonarQube, Checkmarx, Fortify or equivalent (experience)
• Awareness of OWASP API Security Top 10 and secure coding principles (experience)
• Basic scripting or programming skills (e.g., Python, JavaScript) (experience)
• Exposure to cloud platforms (AWS, Azure, GCP) and API gateways (experience)
• Understanding of DevSecOps concepts and CI/CD integration (experience)
• Strong analytical and problem-solving abilities with keen attention to detail (experience)

Preferred Qualifications

• API Security Fundamentals (Cloud Academy, Salt Security, etc.) (experience)
• Familiarity with MITRE ATT&CK for APIs or OWASP API Security (experience)

Responsibilities

• Assist in conducting Vulnerability Assessment and Penetration Testing (VAPT) on APIs using industry-standard tools
• Support Static Application Security Testing (SAST) efforts to identify insecure coding patterns in API source code
• Help review API specifications (OpenAPI/Swagger) for potential security gaps
• Collaborate with development teams to implement secure API design and coding practices
• Participate in the integration of security controls into CI/CD pipelines
• Document findings, remediation steps, and best practices for internal and client use
• Stay updated on API security trends, tools, and vulnerabilities

Benefits

• general: Opportunity to learn and develop career
• general: Encouragement to be courageous and experiment daily
• general: Continuous trust and support in an inclusive environment
• general: Growth-minded culture with emphasis on curiosity and feedback
• general: Collaboration with colleagues for exceptional customer outcomes
• general: Opportunity to make critical decisions and embrace challenges
• general: Being part of a responsible technology innovator and force for good
• general: Equal-opportunity employment without discrimination

Tags & Categories