Register Here to Apply for Jobs or Post Jobs. X

API Security Engineer

Job in Japan
Full Time position
Listed on 2021-01-15
Job specializations:
  • IT/Tech
    Mobile Technology, Network Administrator, IT Project Manager, IT Graduate, AWS
Job Description & How to Apply Below
API Security Engineer Department: Security
Location: Tokyo, Japan or WFAA (Work From Anywhere Anytime) .
Job Type: Permanent
Japanese level N3
Salary:
Mid-level 8m-10m, Senior rage is 12-14M (yen)
About the Security Team Although cyber security is everyone’s responsibility, our security team is primarily responsible for solving some of the most challenging and exciting problems to mitigate cyber threats that are common organization-wide and industry-wide. As the digital world moves exponentially, we are constantly aligning our cyber security strategy, especially in today’s dynamic environment. Consequently, Information Security is very important to us and excel to implement the latest cyber resilience and cyber security practices. Your Duties & Responsibilities • Understands our business and market before thinking about technology and security solutions. • Communicates effortlessly with a culturally diverse team across multiple time zones; resolves conflict professionally and pragmatically. • A self-starter and takes initiative to drive progress while building rapport with internal and external stakeholders. • Catalogs and inventories internal, external, and 3rd party integrated APIs. • Configures automated scanning and alert tuning of all external and internal APIs using custom and off-the shelf security tools.
• Collaborates with internal and external stakeholders to configure testing of internal, external, and 3rd party integrated APIs throughout the full development lifecycle. • Performs architectural and code reviews for API gateways and identity management solutions. • Threat models and conducts risk assessments for API gateways and identity management solutions. • Collaborates with internal and external penetration testing team(s) to validate findings in APIs; provides expert and pragmatic solutions for remediation. • Assists and provides expert consultation in the procurement process of security vendor tooling (i.e. RFP, NDA, MSA) as well as post-sales issue remediation. • Works with current and potential merchants on security due diligence reviews and provides expert consultation on minimum security baselines. • Provides evidence for gap assessments and periodic audits commonly associated with Finance (i.e. SOX 404, PCI-DSS, Cobit, ISO 27001, NIST CSF, etc.) • Presents at leadership and executive meetings risks discovered in APIs as well as pragmatic solutions to mitigate. • Proactively schedules and leads meetings with internal and external stakeholders to manage expectations and ensure alignment with overall business strategy. • Catalogs and inventories all FaaS (e.g. Google Cloud Functions, AWS Lambda, etc.) services. • Configures automated scanning and alert tuning of all FaaS services. • Creates custom automated testing tools using common programming languages (e.g. Python, Go)
• Manages and contributes frequently to organizational Git repositories and ensures that security testing exists and is automated in developer pipelines. • Stays abreast and researches changes in the security industry to leverage emerging technology that will benefit Paidy. • Configures and tunes alert thresholds in SIEM (Security Information and Event Management). • Provides expert consultation and assists in the security architecture design of current and future API Gateway services. • Provides expert consultation and assists in the security architecture of identity management services. • Collaborates with internal and external penetration testing team(s) to validate findings in mobile applications and API gateway services; provides expert and pragmatic solutions for remediation. • Presents and participates in regular security awareness training sessions with technical and non-technical staff. • Develops and documents API gateway and identity management accreditation packages into standardized, reusable components. Your skills and experience ▪ At least 5 years of bone fide API development and hardening. ▪ Evangelist of simplicity, standardization, and automation using modern DevOps tools. ▪ Experience in securing AWS identity management solutions in regulated industries. ▪ Experience in securing backend APIs for mobile. ▪ Strong IT knowledge across cloud, application, software, hardware, and networking technologies.
▪ Can effortlessly explain the relationship between APIs and business needs using past experience. ▪ If given a sample business process and API, can explain what it does and how best to secure it without having to use a search engine. ▪ Ability to communicate findings clearly with specific remediation recommendations beyond regurgitating CVE scores. equired Education S. Computer Science -or- Significant, verifiable open-source API security contributions Required Certifications: None Desired Certifications: ▪ eWPTXv2 ▪ AWS Security or Professional ▪ OSCP Direct Report (who reports to this person) Negotiable
Position Requirements
Bachelor, 5 to 6 Years work experience
Additional Information / Benefits
API Security Engineer Department: Security
Location: Tokyo, Japan or WFAA (Work From Anywhere Anytime) .
Job Type: Permanent
Japanese level N3
Salary:
Mid-level 8m-10m, Senior rage is 12-14M (yen)
About the Security Team Although cyber security is everyone’s responsibility, our security team is primarily responsible for solving some of the most challenging and exciting problems to mitigate cyber threats that are common organization-wide and industry-wide. As the digital world moves exponentially, we are constantly aligning our cyber security strategy, especially in today’s dynamic environment. Consequently, Information Security is very important to us and excel to implement the latest cyber resilience and cyber security practices. Your Duties & Responsibilities • Understands our business and market before thinking about technology and security solutions. • Communicates effortlessly with a culturally diverse team across multiple time zones; resolves conflict professionally and pragmatically. • A self-starter and takes initiative to drive progress while building rapport with internal and external stakeholders. • Catalogs and inventories internal, external, and 3rd party integrated APIs. • Configures automated scanning and alert tuning of all external and internal APIs using custom and off-the shelf security tools.
• Collaborates with internal and external stakeholders to configure testing of internal, external, and 3rd party integrated APIs throughout the full development lifecycle. • Performs architectural and code reviews for API gateways and identity management solutions. • Threat models and conducts risk assessments for API gateways and identity management solutions. • Collaborates with internal and external penetration testing team(s) to validate findings in APIs; provides expert and pragmatic solutions for remediation. • Assists and provides expert consultation in the procurement process of security vendor tooling (i.e. RFP, NDA, MSA) as well as post-sales issue remediation. • Works with current and potential merchants on security due diligence reviews and provides expert consultation on minimum security baselines. • Provides evidence for gap assessments and periodic audits commonly associated with Finance (i.e. SOX 404, PCI-DSS, Cobit, ISO 27001, NIST CSF, etc.) • Presents at leadership and executive meetings risks discovered in APIs as well as pragmatic solutions to mitigate. • Proactively schedules and leads meetings with internal and external stakeholders to manage expectations and ensure alignment with overall business strategy. • Catalogs and inventories all FaaS (e.g. Google Cloud Functions, AWS Lambda, etc.) services. • Configures automated scanning and alert tuning of all FaaS services. • Creates custom automated testing tools using common programming languages (e.g. Python, Go)
• Manages and contributes frequently to organizational Git repositories and ensures that security testing exists and is automated in developer pipelines. • Stays abreast and researches changes in the security industry to leverage emerging technology that will benefit Paidy. • Configures and tunes alert thresholds in SIEM (Security Information and Event Management). • Provides expert consultation and assists in the security architecture design of current and future API Gateway services. • Provides expert consultation and assists in the security architecture of identity management services. • Collaborates with internal and external penetration testing team(s) to validate findings in mobile applications and API gateway services; provides expert and pragmatic solutions for remediation. • Presents and participates in regular security awareness training sessions with technical and non-technical staff. • Develops and documents API gateway and identity management accreditation packages into standardized, reusable components. Your skills and experience ▪ At least 5 years of bone fide API development and hardening. ▪ Evangelist of simplicity, standardization, and automation using modern DevOps tools. ▪ Experience in securing AWS identity management solutions in regulated industries. ▪ Experience in securing backend APIs for mobile. ▪ Strong IT knowledge across cloud, application, software, hardware, and networking technologies.
▪ Can effortlessly explain the relationship between APIs and business needs using past experience. ▪ If given a sample business process and API, can explain what it does and how best to secure it without having to use a search engine. ▪ Ability to communicate findings clearly with specific remediation recommendations beyond regurgitating CVE scores. equired Education S. Computer Science -or- Significant, verifiable open-source API security contributions Required Certifications: None Desired Certifications: ▪ eWPTXv2 ▪ AWS Security or Professional ▪ OSCP Direct Report (who reports to this person) Negotiable
Questions to answer on applying for this job
  • whats your japanese level
Contact Information
Contact Name: 雄大ヒューマニティー
Contact Phone: 08050243689
Preferred method of contact: Email with CV via Application Box below.
Apply for this Job Posting Here:
To apply for this job, you need to provide some contact details for the employer or HR recruiter. Begin your free application by entering your email address (If already registered, you'll be asked to enter your password). Otherwise, you will initially need to enter some basic details with your first application.
Email Address Please enter a valid Email address.
How this Free Jobsite works - How to apply for jobs.
• To apply for any job, you must provide some contact details for the employer or HR recruiter. When you Register Here or Above with your first application (if you have not already done so), you will be asked to confirm your contact email address is valid via your email inbox.
• You will be asked to confirm a login password so to be able to make further applications in future visits.
• Once registered, you may also save CV / Resume summary details into the optional Resume format (This default format is easy for companies to read, and when available, it is sent as part of your application to a company to assist your application).
• Alternatively or additionally, you may attach your own original Resume document and 2 other supporting files as part of your application (Those files must be within the maximum combined size stated, and are not stored on this jobsite when you submit them).
• You must write or paste an introduction / cover letter into the application box.
• When you click the "Apply" button, your cover letter, Resume summary (if you have saved one on this site), contact details, and/or your own attached files are submitted as part of your application.
• Once you submit an application for any job on this site, it is solely the responsibility and decision of the company or employer you have applied to on whether they accept, review, process or respond to that application.
 
 
 
Search for further Jobs Here:
(Enter less keywords for more results. Suggestions may be selected)
Location
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
LOGIN Area - Jobsite