Job Description

:

About the Company:

----------------------

About the Job:

------------------

This position is a Lead Cyber Security, responsible for API Security in the enterprise. This position will implement strategic initiatives of implementing solutions to secure APIs throughout the phases of SDLC. The ideal candidate will be responsible for identifying, evaluating, and mitigating security vulnerabilities within our API ecosystem. This role requires a proactive approach to security and a strong understanding of API architecture and security best practices.

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

This professional must be highly organized and able to manage various stakeholder requests as they arise with strong multitasking skills and technical acumen. In addition, the professional must also be able to assist mentor team members in the designated areas of responsibility.

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Experience Level: 12+ years

--------------------------------

Location: Hyderabad / Bengaluru

-----------------------------------

Responsibilities Include:

-----------------------------

Conduct regular security assessments and monitor real-time alerts generated from API endpoint monitoring tools.

--------------------------------------------------------------------------------------------------------------------

Develop and maintain a comprehensive vulnerability management program for APIs.

-----------------------------------------------------------------------------------

Implement Shift left practices for API security in the enterprise.

----------------------------------------------------------------------

Collaborate with development teams to ensure secure coding practices are followed.

--------------------------------------------------------------------------------------

Implement and manage API security tools to monitor and protect against threats.

-----------------------------------------------------------------------------------

Keep abreast of the latest security trends, threats, and mitigation techniques in API security.

---------------------------------------------------------------------------------------------------

Required skills:

--------------------

12 years minimum experience in a Application Security.

----------------------------------------------------------

8 plus year of DAST experience with specialization in APIs.

---------------------------------------------------------------

5 plus years of experience in API security.

-----------------------------------------------

Hands-on experience with API security tools and frameworks.

----------------------------------------------------------------

Strong understanding of RESTful and SOAP web services.

----------------------------------------------------------

Knowledge of authentication mechanisms like OAuth, JWT, and API keys.

-------------------------------------------------------------------------

Experience in developing secure coding practices for APIs.

--------------------------------------------------------------

Experience in implementing API security tools.

--------------------------------------------------

Experience with cloud services and their native API security features is desirable.

---------------------------------------------------------------------------------------

Familiarity with the NoName API security tool is a plus.

------------------------------------------------------------

Desirable skills:

---------------------

Bachelors or Masters in Computer Science Engineering.

---------------------------------------------------------

Relevant security certifications (e.g., CISSP, CEH, OSCP) are preferred.

----------------------------------------------------------------------------

Excellent problem-solving and analytical skills.

-----------------------------------------------------

Effective communication skills, both written and verbal.

------------------------------------------------------------

Ability to work independently and as part of a team.

--------------------------------------------------------

Technical Skills: Vulnerability management, API Security, DAST etc.,

------------------------------------------------------------------------

Additional information (if any): Flexible to provide coverage in US morning hours.

--------------------------------------------------------------------------------------

Certification: CISSP, CEH, OSCP and/or other relevant certifications.

-------------------------------------------------------------------------

Weekly Hours:

40

Time Type:

Regular

Location:

IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.