Job Type: Senior Engineer from home
Location: Arizona work from home
Company: American Express

Responsibilities:

• Conduct ongoing oversight and follow-up with API owners to ensure that threat-based requirements are implemented.
• Create, deliver, and maintain current design patterns for API security standards.
• To provide auditability and verifiability, compare API security control implementation to the results of vulnerability testing tools.
• Assist application teams as a technical advisor on API security.
• Promote good API security design practices.
• Become known within the organization as an authority on API security.

Requirements:

• A bachelor’s degree in cybersecurity, information systems, computer science, or a related discipline is required.
• 8+ years of experience in secure API design, development, and deployment techniques.
• REST, SOAP, and gRPC development and security experience dating back at least six years.
• 6+ years of experience testing online services and web APIs for security.
• Leading threat modeling exercises for applications and services for four or more years.
• 6+ years of experience with secure SDLC procedures, secure architecture, and risk management.
• 6+ years of experience with OAuth 2.0, OIDC, and JWT as API identity and access management controls
• 6+ years of expertise with NIST 800-53, NIST CSF, OWASP, and SANS industry standards and frameworks Top 25.
• 4+ years of experience working with Oracle, SQL, and NoSQL database designs.

Preferred Requirements

• Certifications from information security professionals, such as the CISSP and SANS GIAC, are recommended.
• Strong understanding of and familiarity with controls for cryptography: Data in usage, motion, and at rest.
• Knowledge in developing mobile applications and Javascript.
• Self-motivated, assured team player
• Technically Strong Thinker
• Strong talents in collaboration, planning, and execution
• Openness to Learning: Assumes personal accountability for education and skill development. learns how to apply new behaviors, information, and skills. builds upon and makes use of current knowledge. seeks for opportunities to learn from people both inside and outside the organization.
• Adaptability: Exhibits adaptability while working with both individuals and groups in a variety of changing conditions. alters his or her own beliefs or views in reaction to the development of the situation.
• Effective communication skills strong communication skills in both writing and speaking. the capacity to produce reports for the business that are simple to read but which translate complicated threat models.
• mentoring teams on secure development techniques and application security.
• knowledge of DevOps procedures in a cloud-based or SaaS context.
• Experience with Amazon Web Services, Google App Engine, Azure, and Oracle Cloud as well as experience architecting, securing, and running one or more public cloud systems.
• Knowledge of web services security and service-oriented architectures.
• Knowledge of one or more new programming languages, such as Java, Go, or Rust.

Salary: from $110,000 and $190,000 per year, plus bonuses and benefits

Would you like tips on how to find work from home jobs? Keep reading: