Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Fiserv

API Security Engineer

Fiserv

API Security Engineer developing and implementing a best-in-class API security program at Fiserv. Focused on end-to-end API security for securing critical ecosystems in financial services.

Posted 6/23/2026full-timeBerkeley Heights • Florida, New Jersey • 🇺🇸 United StatesMid-LevelSenior💰 $110,000 - $186,000 per yearWebsite

Tech Stack

Tools & technologies
CloudSaltStack

About the role

Key responsibilities & impact
  • Implement and tune runtime controls (e.g., behavioral detection, anomaly and abuse prevention, bot defense, schema enforcement, mTLS/OAuth validation, rate limiting, and threat response) across API gateways, service mesh, and edge layers.
  • Partner with engineering teams to define and promote secure API patterns (authentication/authorization, input validation, error handling, pagination, idempotency, versioning, and least-privilege access).
  • Build automation that embeds API security into CI/CD (policy-as-code, automated checks against Open API specs, secrets scanning, SAST/DAST/API testing, and runtime-to-ticket workflows).
  • Develop dashboards and analytics using API telemetry and security findings to measure risk, adoption, control effectiveness, and program outcomes.
  • Help define governance for API inventories, ownership, classification, security requirements, exception handling, and control validation.
  • Work with product and platform teams to integrate security requirements into backlog planning, threat modeling, design reviews, testing, release readiness, and incident response.
  • Map controls and program outcomes to relevant industry frameworks and expectations (e.g., NIST, ISO 27001, PCI DSS, FAPI, and OWASP guidance).

Requirements

What you’ll need
  • 5+ years related IT and cyber protection experience desired.
  • Strong foundation in API security concepts: authN/authZ (OAuth2/OIDC, JWT), session/token handling, scopes/claims, rate limiting, schema validation, and common API abuse patterns.
  • Practical experience with runtime protection in one or more of API gateways, WAF/WAAP, service mesh, ingress controllers, or specialized API security platforms.
  • Experience building automation in CI/CD and cloud-native environments (policy-as-code, scripting, pipelines, Git-based workflows).
  • Ability to use data and telemetry (logs, traces, metrics) to detect issues, tell a clear story, and drive priorities and working knowledge of secure software development and DevSecOps practices, and the ability to influence engineering outcomes through partnerships.
  • Comfort collaborating across security, SRE, platform, and application teams with clear communication, pragmatic decision-making, and strong follow-through.
  • Expert knowledge of and experience with maintaining cyber technologies that can protect operational API systems, such as: Traceable Salt Security NoName
  • Bachelor’s degree in computer science, or a relevant field, or an equivalent combination of education, work, and/or military experience.

Benefits

Comp & perks
  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Professional development opportunities

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
API securityOAuth2OIDCJWTsession handlingtoken handlingrate limitingschema validationDevSecOpsautomation
Soft Skills
communicationdecision-makingcollaborationinfluencepartnershipproblem-solvingprioritizationfollow-throughclear storytellingpragmatism