Senior Software Engineer

Apply now »

Date: 7 Jan 2025

Location: India, India

Company: Singtel Group

Job description:

  • Working with various application teams and Infosec team to review and identify loopholes in existing and newly developed APIs.
  • Developing a roadmap to implement a leading API Security tool.

Selected candidate will be required to:

  • This role will require strong interaction with application developers to collect application detail, perform API security testing, report security vulnerabilities and recommend remediation of API security vulnerabilities will be part of the responsibilities.
  • The individual should possess strong API and traditional web application penetration testing expertise, and excellent communication and organizational skills.
  • Web application testing, penetration testing, OWASP, and prior scripting/coding experience are a plus.
  • The scope of the duties includes researching security weaknesses within the APIs, developing automated tests, preparing reports and recommendations, collaborating with technical and non-technical staff, and reviewing code to maintain correctness and quality while ensuring security best practices are followed.
  • Work with a small team in determining the changing requirements for API Security and implementing them.
  • Plan the onboarding of the existing catalogue of APIs to the security tool and determine where potential vulnerabilities might exist
  • Work on leading API security tools such as Traceable and noname security.
  • Build a customized roadmap for the deployment of the selected tooling

To succeed, this role’s responsibilities would involve:

  • Subject Matter Expert (SME) in the API Security domain.
  • Strong knowledge of API Security threats and vulnerabilities.
  • Familiar with API security governance documentation and processes.
  • Understand architectures and controls around the APIs for security gaps and inefficiencies.
  • Research, implement, and manage API security tooling and solutions.

Good to have skillset/tools:

  • Security testing tool like Burp suite
  • API testing tools like Traceable, noname
  • Experience in atlassian Dev-ops stack (bitbucket, jira, confluence, bamboo), AWS cloud, Kubernetes
  • Experience working within a Security Operations Centre.
  • Exposure to one or more programming / scripting language.

Role: Senior Engineer

Grade: P3/P4