API Security Testing Consultant-SME

Role: API Security Testing ConsultantSME.

Location: Remote with open for travel to Collegeville PA as per business need.

Start Date: Immediate.

Specific skill set: API security setting up API framework documentation creating playbooks for API Incident management hands on in Traceable. aigood working knowledge on API testing using BurpPostmanTenable.

Years of experience needed: 8 years.

Technical Skills:

• Policies and Standards
• Security requirements for API development
• Authentication and authorization standards
• Data protection guidelines
• ThirdParty API integration guidelines
• API versioning and deprecation policies
• Security incident response and reporting
• Establish CrossFunctional Governance Review Committee
• Establish a process for identifying and categorizing APIs based on their exposure and criticality.
• Develop a standardized review process which covers Architecture/Design Access Controls Logging etc.
• Develop Service Catalog for API Security Consulting & Testing services.
• Services should include architecture review threat modeling code review Pen testing and security training.
• Design and deploy ticketing workflow for managing requests ServiceNow.
• Integrating API security in the CI/CD pipeline
• Assess our current state by conducting an inventory of all APIs and evaluating security posture Traceable.
• Establish an EnterpriseWide API catalog should be maintained by designated owners Enterprise Postman
• Monitor and Detect API security threats Traceable.

Certifications Needed:

• ITIL Preferred APIsec Certified Expert (ACE).