Security Engineer

• You will focus on securing API interactions within an organisation, with a specific emphasis on using HashiCorp Vault for secrets management and access control.
• Architecting, deploying, and managing HashiCorp Vault for secure secrets management, identity-based access, and data encryption across different environments (cloud, on-premises).
• Leading the design and implementation of secure API authentication, authorization, and data protection mechanisms, using Vault's capabilities for dynamic secrets, token management, and encryption as a service.
• Secure API integrations across platforms, ensuring understanding of enterprise security standards and compliance requirements.
• Manage secrets and credentials for applications, including policy enforcement and automated rotation.
• Automate security configurations and enforcement across environments using infrastructure-as-code and configuration management tools.
• Collaborate with DevOps, IAM, and application teams to embed security into the API lifecycle and CI/CD pipelines.
• Conduct API security assessments, penetration testing, and remediation planning.
• Monitor API traffic and logs for anomalies, and respond to incidents involving API.
• Integrate HashiCorp Vault / CyberArk Vault with applications to secure API keys, tokens, and other credentials.
• Develop and implement secure API authentication and authorization mechanisms using Vault.
• Ensure data handling for API interactions.

Lead Engineer, API Security

Security Program Manager