CEF

Senior Security Analyst - APSEC/API Security

CEF

full-time

Posted on:

Origin:  • 🇺🇸 United States

Visit company website
AI Apply
Manual Apply

Salary

💰 $110,000 - $130,000 per year

Job Level

Senior

Tech Stack

Cloud

About the role

  • Looking to start an exciting new career? City Electric Supply offers excellent career opportunities for people who are friendly, motivated, and passionate about providing incredible customer service.
  • About City Electric Supply: CES is a family-owned electrical wholesaler with the benefits of a worldwide service network and the personal service of a neighborhood store. Our \"customer service first\" core value has allowed us to grow continually for over 65 years while keeping our founding principle of empowering people to make local business decisions. CES now employs more than 7,400 people at over 1,000 branches world-wide of which there are over 500 branches across North America. Our vision is to add 30-35 branches a year, while staying true to our Company values.

Requirements

  • Implement, optimize, and manage internal and external API penetration testing program.
  • Manage third party API penetration tests.
  • Internal and external penetration testing of applications, websites, with primary focus on API’s.
  • Engagement with Devops for security best practices on secure API coding.
  • Working with Devops to implement API monitoring and protection solutions.
  • Create data reporting and recommendations for resolution/mitigation and engaging stakeholders.
  • Engage on alerts from various security tools and performing forensics activity as well as correlation as warranted.
  • Creating automation through various security systems such as for alerts.
  • Creating custom detection rulesets.
  • Lead and engage in incidents response driving to incident closure and recommending best practices to prevent future occurrence.
  • Debrief stakeholders on assessments findings, provide remediation recommendations and assist with deployment of security best practices.
  • Perform API architecture reviews.
  • Engage stakeholders on new projects from a security perspective (such as deployment of a new product, new server builds where API’s are concerned etc.).
  • Security technical assessment of all departments internal and external tools.
  • Review of infrastructure from a security perspective such as and not limited to, firewall rules review, server builds, GPO’s review, MDM Policy, network architecture reviews etc.
  • Stay updated on API OWASP Security Risks and taking appropriate measures.
  • Optimization of security tools.
  • Creation of dashboards for security related information.