×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

API Security Engineer

Job in Tempe, Maricopa County, Arizona, 85280, USA
Listing for: OpenLoop
Full Time position
Listed on 2026-06-08
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

About Open Loop

Open Loop was co‑founded by CEO Dr. Jon Lensing and COO Christian Williams with a vision to bring healing anywhere. Our tele‑health support solutions are designed to streamline and simplify the go‑to‑market care delivery for companies offering meaningful virtual support to patients across a wide range of specialties throughout all 50 states.

Company Culture

We maintain a relatively flat organizational structure where everyone is encouraged to bring ideas to the table and make things happen. This aligns with our core values of Autonomy, Competence, and Belonging, empowering employees to perform their best work.

The Role

Open Loop is hiring an API Security Engineer (remote or Des Moines, IA). The engineer will design, implement, and maintain security controls that protect our organization’s APIs, integration layers, and service‑to‑service communication. This role ensures that APIs are securely designed, thoroughly tested, continuously monitored, and compliant with internal policies and external regulations.

What You’ll Do
  • Build relationships with developers and stakeholders to incorporate security principles into engineering design and deployments.
  • Define and maintain API security standards, guidelines, and best practices.
  • Work with engineering and product teams to incorporate security requirements into API design, including authentication, authorization, rate limiting, encryption, and data validation.
  • Assess architecture diagrams and integration flows for security risks and propose mitigation strategies.
  • Perform manual and automated security testing of APIs (e.g., fuzzing, penetration testing, misuse‑case reviews).
  • Identify & validate vulnerabilities, such as injection flaws, broken authentication, access control issues, insecure deserialization, and misconfigurations.
  • Integrate security testing tools into CI/CD pipelines (SAST, DAST, API‑specific scanners).
  • Implement API‑level logging, anomaly detection, runtime protections, and threat monitoring.
  • Investigate and respond to API‑related security incidents, breaches, or suspicious activity.
  • Collaborate with SOC, Dev Sec Ops , and engineering teams to develop alerting and mitigation processes.
  • Develop and enforce API security policies aligned with organizational risk management.
  • Conduct regular security reviews and maintain documentation for audits and assessments.
  • Provide guidance to developers on secure API design and coding practices.
  • Deliver training sessions, code‑review feedback, and threat‑modeling workshops.
  • Document security findings, outline remediation options, and oversee mitigation.
  • Support the rollout and adoption of API gateways, identity platforms, and secure coding tools.
  • Focus on automation to aid efficiencies with both testing and remediation of findings.
  • Attend and participate in product meetings addressing security requirements for new and existing products.
  • Build services and tools to enable developers and engineers to easily use security components.
  • Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.
  • Communicate vulnerability results to both technical and non‑technical users with influential messaging.
  • Research and learn new tactics, techniques, and procedures (TTPs) in public and closed forums, and work with colleagues to assess risk and implement or validate controls via the CI/CD pipeline.
  • Enrich Dev Sec Ops  architecture with security standards and best practices.
  • Partner with teams to define key performance indicators (KPIs) and metrics across business units.
  • Ensure regulatory compliance (PCI, HIPAA, HITRUST, NIST CSF) through effective security controls and processes.
  • Other duties as assigned.
Who You Are
  • Bachelor’s degree in computer science (preferred), information assurance, MIS, or related field, or equivalent.
  • 7+ years of security and systems administration‑related experience, with at least 3 years in cloud and security engineering.
  • Experience operating and securing platforms on Amazon Web Services (AWS) and/or Google Cloud Platform (GCP).
  • Strong understanding of API architectures (REST, Graph

    QL, gRPC, Web Sockets).
  • Experience with OAuth2, OIDC, JWT, API keys, mTLS, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search