36 Api Security Jobs - Page 2

10-12+ years of software development and testing experience using NodeJS, Nest related technologies Experience working with REST API, API security Experience working with ReactJS Experience with SQL (MSSQL, MySQL), ORM, NoSQL (MongoDB) Experience in Azure development is a plus Experience in Product Development Excellent communication skills Capable of system tuning, code optimization and bug solving Familiar with source control principles and systems Strong problem-solving skills in a fast-paced environment Understanding of SDLC and working experience in agile team is preferred

Node.js experience, TypeScript, JavaScript, NoSQL/Graph databases, and API development. Expertise in GraphQL, Docker, cloud deployment (AWS/Azure), (React.js/AngularJS) is required. Knowledge of API security, logging, Koa.js, and build tools is plus

Mandatory Skills: API Development & SQL Knowledge Apigee Edge API Developer tools: XML, JavaScript, JSON, SOAP, OAuth 2.0 Frameworks/Tools: Spring Boot, Swagger.io, Elastic Search, DBeaver, Postman, Jenkins, JMeter, 42 Crunch Experience with IDEs and scripting DBA knowledge is a plus Should have 50-80% hands-on technical capability Candidate must be trainable and have strong technical aptitude Good to Have: Exposure to broader DevOps practices Familiarity with API security and monitoring tools Jenkins pipeline scripting Understanding of cloud infrastructure (AWS/GCP preferred) Responsibilities: Design, develop, and manage APIs using APIGEE Edge Implement and manage API security, traffic control, analytics, and monitoring Troubleshoot issues and maintain the performance of API gateways Collaborate with backend teams for API integration Maintain detailed documentation of APIs and ensure alignment with business objectives Work Location: (Remote/Hybrid options may apply) Communication: Strong communication & interpersonal skills required Share Resume With Below Details: Current CTC: Expected CTC: Preferred Location: Send Resume To: Contact: 9032956160 Location-Delhi NCR,Bangalore,Chennai,Pune,Kolkata,Ahmedabad,Mumbai,Hyderabad

Communication: Strong communication & interpersonal skills required Mandatory Skills: API Development & SQL Knowledge Apigee Edge API Developer tools: XML, JavaScript, JSON, SOAP, OAuth 2.0 Frameworks/Tools: Spring Boot, Swagger.io, Elastic Search, DBeaver, Postman, Jenkins, JMeter, 42 Crunch Experience with IDEs and scripting DBA knowledge is a plus Should have 50-80% hands-on technical capability Candidate must be trainable and have strong technical aptitude Good to Have: Exposure to broader DevOps practices Familiarity with API security and monitoring tools Jenkins pipeline scripting Understanding of cloud infrastructure (AWS/GCP preferred) Responsibilities: Design, develop, and manage APIs using APIGEE Edge Implement and manage API security, traffic control, analytics, and monitoring Troubleshoot issues and maintain the performance of API gateways Collaborate with backend teams for API integration Maintain detailed documentation of APIs and ensure alignment with business objectives Location: Chennai | Delhi NCR | Pune | Bangalore | Hyderabad | Kolkata

Job Description Principal Security Software Engineer Are you interested in building large-scale distributed software for the cloud? Oracles Service Cloud team is building Software-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security, and an ever expanding set of foundational cloud-based services. Were looking for hands-on engineers with expertise and passion in identifying and resolving difficult security problems in distributed systems, virtualized infrastructure, and highly available services. If this is you, at Oracle you can design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives. An engineer at any level can have significant technical and business impact. As a Principal Security Software Engineer you will review the software design and development for all components of Oracles Service Cloud team. Develops and execute programs and processes to reduce information security risk and strengthen Oracles security posture. You should value simplicity and scale, work comfortably in a collaborative, agile environment, and be excited to learn. Things you'll do:* Penetration testing* Hardening of network, software and firmware* Security tool development (e.g. scanning tools)* Security metrics definition and delivery* Consult across different software development teams* Attack vector modeling* Champion secure coding practices Minimum Qualifications: Bachelors or Masters degree in Computer Science or related field 7+ years of experience in software engineering or related field Experience working in a large cloud or Internet software company preferred Strong application/product/software security background Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff Excellent organizational, verbal and written communication skills Ability to succeed through collaboration and working through internal and external organizations and individuals Prior DevOps or continuous delivery and deployment experience preferred Strong security testing experience with Fortify, Burp, Zap or Webinspect. Thorough understanding of latest security principles, techniques, and protocols. Security certifications is a plus. Skills Required: Application architecture and design reviews; Penetration Testing and Vulnerability assessments; Web Services and API security assessments; Product Security Assessments and Threat Modeling; Dynamic Vulnerability Scanning using automated application scanners; Execute Secure Code Audits using manual and automated methods to review product codes; Secure SDLC Processes including DevOps and Agile; Knowledge of languages, including Java, .Net, PHP, C++, and XML; Security Testing tools, including Nmap, Nessus, Web Inspect, BurpSuite, ZAP Scanner, Fortify Secure code scanner, SOAP UI, Kali Linux, and Metasploit; Operating Systems including Windows and Linux; Cryptographic algorithms, hashing algorithms, encryption; and Network and web related protocols, including TCP/IP, TLS/SSL, HTTP, and FTP. Detailed Description and Job Requirements As a member of the software security team, you will assist in defining and developing software for tasks associated with the security testing of software applications. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs. Develop, implement, and enforce Oracles security policies. Develop, implement, and manage Oracles compliance with operational security procedures. Develop Security Review threat model and operationalization standards for cloud services to be built and deployed into Oracles Service cloud. Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law. Career Level - IC4 Career Level - IC4 Responsibilities Supports the strengthening of Oracles security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance.Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required.Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents.Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required.Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In Security role, may manage the creation, review and approval of corporate information security policies.Mentors and trains other team members. Compiles information and reports for management.

Job Description Principal Security Software Engineer Are you interested in building large-scale distributed software for the cloud? Oracles Service Cloud team is building Software-as-a-Service technologies that operate at high scale in a broadly distributed multi-tenant cloud environment. Our customers run their businesses on our cloud, and our mission is to provide them with best in class compute, storage, networking, database, security, and an ever expanding set of foundational cloud-based services. Were looking for hands-on engineers with expertise and passion in identifying and resolving difficult security problems in distributed systems, virtualized infrastructure, and highly available services. If this is you, at Oracle you can design and build innovative new systems from the ground up. These are exciting times in our space - we are growing fast, still at an early stage, and working on ambitious new initiatives. An engineer at any level can have significant technical and business impact. As a Principal Security Software Engineer you will review the software design and development for all components of Oracles Service Cloud team. Develops and execute programs and processes to reduce information security risk and strengthen Oracles security posture. You should value simplicity and scale, work comfortably in a collaborative, agile environment, and be excited to learn. Things you'll do:* Penetration testing* Hardening of network, software and firmware* Security tool development (e.g. scanning tools)* Security metrics definition and delivery* Consult across different software development teams* Attack vector modeling* Champion secure coding practices Minimum Qualifications: Bachelors or Masters degree in Computer Science or related field 7+ years of experience in software engineering or related field Experience working in a large cloud or Internet software company preferred Strong application/product/software security background Ability to effectively assess and communicate risks and appropriate levels of urgency to management and engineering staff Excellent organizational, verbal and written communication skills Ability to succeed through collaboration and working through internal and external organizations and individuals Prior DevOps or continuous delivery and deployment experience preferred Strong security testing experience with Fortify, Burp, Zap or Webinspect. Thorough understanding of latest security principles, techniques, and protocols. Security certifications is a plus. Skills Required: Application architecture and design reviews; Penetration Testing and Vulnerability assessments; Web Services and API security assessments; Product Security Assessments and Threat Modeling; Dynamic Vulnerability Scanning using automated application scanners; Execute Secure Code Audits using manual and automated methods to review product codes; Secure SDLC Processes including DevOps and Agile; Knowledge of languages, including Java, .Net, PHP, C++, and XML; Security Testing tools, including Nmap, Nessus, Web Inspect, BurpSuite, ZAP Scanner, Fortify Secure code scanner, SOAP UI, Kali Linux, and Metasploit; Operating Systems including Windows and Linux; Cryptographic algorithms, hashing algorithms, encryption; and Network and web related protocols, including TCP/IP, TLS/SSL, HTTP, and FTP. Detailed Description and Job Requirements As a member of the software security team, you will assist in defining and developing software for tasks associated with the security testing of software applications. Provide technical leadership to other software developers. Specify, design and implement modest changes to existing software architecture to meet changing needs. Develop, implement, and enforce Oracles security policies. Develop, implement, and manage Oracles compliance with operational security procedures. Develop Security Review threat model and operationalization standards for cloud services to be built and deployed into Oracles Service cloud. Duties and tasks are varied and complex needing independent judgment. Fully competent in own area of expertise. Oracle is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law. Career Level - IC4 Responsibilities Supports the strengthening of Oracles security posture, focusing on one or more of the following: risk management; regulatory compliance; threat and vulnerability management; incident management and response; security policy development and enforcement; privacy; information security education, training and awareness (ISETA); digital forensics and similar focus areas.Risk Management: Brings advanced level skills to assess the information security risk associated with existing and proposed business operational programs, systems, applications, practices and procedures in very complex, business-critical environments. May conduct and document very complex information security risk assessments. May assist in the creation and implementation of security solutions and programs.Regulatory Compliance: Brings advanced level skills to manage programs to establish, document and track compliance to industry and government standards and regulations, e.g. ISO-27001, PCI-DSS, HIPAA, FedRAMP, GDPR, etc. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements to the business. Participates in industry forums monitoring developments in regulatory compliance.Threat and Vulnerability Management: Brings advanced level skills to research, evaluate, track, and manage information security threats and vulnerabilities in situations where in-depth analysis of ambiguous information is required.Incident Management and response: Brings advanced level skills to respond to security events, identifying possible intrusions and responding in line with Oracle incident response playbooks. May operate as Incident Commander on serious incidents.Digital Forensics: Brings advanced level skills to conduct data collection, preservation and forensic analysis of digital media independently, where an advanced understanding of forensic techniques is required.Other areas of focus may include duties providing advanced level skills and knowledge to manage Information Security Education, Training and Awareness programs. In Security role, may manage the creation, review and approval of corporate information security policies.Mentors and trains other team members. Compiles information and reports for management.

Job Description Minimum Qualifications 10+ years of experience in security engineering, detection engineering, or cloud security. Strong expertise in application security, API security, and SaaS-specific threat detection. Experience with SIEM, SOAR, and detection-as-code tools (e.g., Splunk, OpenSearch, KQL, Sigma). Proficiency in log analysis, security telemetry engineering, and anomaly detection in cloud applications. Experience integrating security controls into SaaS applications and microservices. Good programming and automation skills. Preferred Qualifications Experience with automated threat simulations, MITRE ATT&CK mappings, and adversary emulation. Knowledge of risk quantification methods and security metrics for executive reporting. Familiarity with cloud-native security tools. Hands-on experience in threat intelligence-driven detection engineering. Security certifications (e.g., GIAC GCDA/GCFA, AWS Security Specialty, GCP Security Engineer, OSCP). Career Level - IC5 Responsibilities 1. SaaS-Application Centric Detection Research & Engineering Develop and refine application-layer security detections for FAaaS, Spectra, and other critical LoBs, focusing on business logic abuse, API security threats, and identity-based attacks. Research and engineer detections for SaaS-specific attack vectors. Leverage detection-as-code frameworks (e.g., Sigma, OpenSearch, KQL) to automate the development and tuning of detection rules. Work closely with application security teams to enhance telemetry and ensure that security observability is embedded in SaaS products. 2. Proactive Security Controls & Mitigative Capabilities Move beyond traditional monitoring by implementing proactive security controls to mitigate threats before exploitation. Collaborate with development teams to integrate security controls into SaaS applications for real-time anomaly detection and automated response. Drive continuous security validation efforts through automated adversary simulation and detection effectiveness testing. 3. Cross-Team Integration & Real-Time Threat Intelligence Sharing Drive collaboration between Detection Engineering, Incident Response, and Red Teams by aligning detection research with real-world attack simulations and post-incident learnings. Develop automated feedback loops to reduce false positives, false negatives, and coverage gaps. Work with Incident Response to develop automated triage and enrichment mechanisms for SaaS security incidents. 4. Risk-Based Detection Engineering & Security Metrics Shift towards a risk-based detection approach, ensuring that high-impact threats are prioritized based on their potential financial and reputational consequences. Provide executive-level visibility into detection efficacy by quantifying the impact of mitigated threats and aligning detection efforts with business risk. Develop security dashboards and reporting to communicate detection outcomes, including risk coverage, adversary trends, and operational efficiency. 5. Proactive Threat Hunting & Data Anomaly Analysis Expand threat hunting and anomaly detection capabilities to identify previously unknown threats affecting SaaS customers and cloud applications. Utilize advanced data analytics and behavioral anomaly detection to identify stealthy attacks that evade traditional detection methods. Reduce reliance on SOC-driven escalations by proactively analyzing security telemetry for signs of compromise. Work closely with data scientists to enhance the use of ML/AI-driven security analytics for predictive threat detection. #LI-DNI

Job Title: APIGEE Developer Work Location: (Remote/Hybrid options may apply) No. of Positions: 1 Experience Required: 5+ Years Communication: Strong communication & interpersonal skills required Role Type: Individual Contributor Mandatory Skills: API Development & SQL Knowledge Apigee Edge API Developer tools: XML, JavaScript, JSON, SOAP, OAuth 2.0 Frameworks/Tools: Spring Boot, Swagger.io, Elastic Search, DBeaver, Postman, Jenkins, JMeter, 42 Crunch Experience with IDEs and scripting DBA knowledge is a plus Should have 50-80% hands-on technical capability Candidate must be trainable and have strong technical aptitude Good to Have: Exposure to broader DevOps practices Familiarity with API security and monitoring tools Jenkins pipeline scripting Understanding of cloud infrastructure (AWS/GCP preferred) Responsibilities: Design, develop, and manage APIs using APIGEE Edge Implement and manage API security, traffic control, analytics, and monitoring Troubleshoot issues and maintain the performance of API gateways Collaborate with backend teams for API integration Maintain detailed documentation of APIs and ensure alignment with business objectives Location: Delhi, Mumbai, Bengaluru, Chennai, Ahmedabad, Pune, Kolkata,Hyderabad, Pan India

Design, develop, and maintain backend APIs and cloud integration services using Azure Logic Apps, .NET/C#, and REST standards. Ensure performance, observability, and security of inter-system communication and automation. Required Candidate profile Developer with strong skills in API design, Azure integration services, C#/.NET backend development, and SQL. Must have hands-on exp with event-driven architecture and enterprise-grade Solutions

Position: API Analyst / Developer Location: Bangalore Budget:20-22 LPA Notice period: 0 to 30 Days Experience: 6+ About the Role We are looking for a skilled API Governance Expert who is also a hands-on developer to join our team. In this hybrid role, your primary responsibility will be to define and enforce API governance frameworks , ensuring that our APIs align with industry standards and organisational objectives. Additionally, you will contribute as a developer within a squad , actively participating in the design, coding, and deployment of software solutions . Key Responsibilities API Governance Establish and enforce API governance frameworks, standards, and best practices across the organisation. Review and approve API designs , ensuring they meet governance criteria, security, and performance benchmarks. Collaborate with teams to implement API lifecycle management , including versioning, documentation, and deprecation policies. Provide guidance on API security, compliance, and performance optimisation . Act as a subject matter expert on API-related governance and serve as a point of contact for queries and escalations. Development Work closely with a development squad to design, develop, and deploy software solutions. Participate in code reviews , ensuring adherence to best practices and coding standards. Assist in API integration with various internal and external systems. Contribute to the continuous improvement of the development process , including CI/CD practices, automated testing, and deployment strategies. Troubleshoot and resolve issues in both governance and development activities. Must Have Knowledge Strong understanding of API governance principles, standards, and best practices . Deep knowledge of RESTful APIs, GraphQL, and microservices architecture . Expertise in API security protocols (e.g., OAuth2, JWT, mTLS). Understanding of API lifecycle management , including versioning, documentation, and deprecation policies. Skills Hands-on experience in one or more modern programming languages (e.g., Java, GoLang, Node.js, Python). Ability to design, build, and maintain APIs following governance best practices. Proficiency with API management platforms (e.g., Apigee, Kong, AWS API Gateway). Strong problem-solving and debugging skills. Excellent communication and leadership skills to influence and mentor teams. Experience Minimum 5 years of experience in API governance, API design, or software development . Proven track record in establishing and enforcing API governance frameworks. Experience working in agile development environments and cross-functional teams. Good to Have Knowledge Familiarity with cloud-based services and DevOps practices (e.g., Docker, Kubernetes, AWS, Azure). Understanding of service mesh technologies (e.g., Istio, Linkerd) and API observability. Knowledge of regulatory and compliance requirements related to API security. Skills Experience in CI/CD pipeline automation and API testing frameworks. Ability to advocate for and drive API-first development within engineering teams. Strong stakeholder management skills to align API governance with business objectives. Experience Exposure to regulated industries , such as financial services. Prior experience in a governance or compliance-focused role . Contributions to open-source API governance tools or frameworks . If you are passionate about API governance, software development, and engineering excellence , wed love to hear from you!

Ideally, looking for a combination of Development and Application Security experience. Job Summary: We are seeking a skilled Application Security Engineer to join our Information Security team. The ideal candidate will have a minimum of 8-12 years of experience in application security and a strong background in software development , particularly in .NET, C#, Angular, and React . This role is crucial in ensuring the security of our applications by working closely with development, DevOps, and security teams to identify, remediate, and prevent security vulnerabilities throughout the software development lifecycle (SDLC). Key Responsibilities: Conduct application security assessments, including code reviews, penetration testing, and threat modeling to identify vulnerabilities. Work closely with developers to integrate secure coding practices and provide guidance on remediating security issues. Implement and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools. Develop and enforce security policies, procedures, and best practices for application security. Assist in the design and review of security architecture for new and existing applications. Collaborate with DevOps teams to integrate security into CI/CD pipelines using DevSecOps principles . Research emerging threats, vulnerabilities, and security trends to proactively mitigate risks. Support incident response efforts related to application security breaches. Provide security training and awareness to development teams. Document security findings, mitigation plans, and security controls. Minimum Requirements (Must-Have) 8-12 years of experience in application security with a focus on secure software development. Strong background in software development , with hands-on experience in .NET, C#, Angular, and React . Hands-on experience with SAST, DAST, Software Composition Analysis (SCA), and penetration testing tools (e.g., Burp Suite, Checkmarx, Veracode, Fortify, SonarQube ). Solid understanding of OWASP Top 10, SANS 25, and secure coding practices . Experience with threat modeling, risk assessment, and vulnerability management . Knowledge of API security, authentication, and authorization mechanisms (OAuth, JWT, SAML, etc.). Familiarity with container security, Kubernetes security, and cloud security best practices (AWS, Azure, GCP). Experience working in Agile and DevSecOps environments , integrating security into CI/CD pipelines. Strong analytical and problem-solving skills. Excellent communication skills, with the ability to work collaboratively across teams.