API Security Analyst

IBM

Taguig, Philippines

1-3 Years

Save

Posted 10 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Introduction

We are looking for a passionate and detail-oriented Junior API Security Consultant to join our cybersecurity team. This role is ideal for someone with foundational experience in API development or security and a strong interest in securing modern applications. You will support senior consultants in assessing and improving API security, including hands-on testing and secure design practices.

Your Role And Responsibilities

Assist in conducting Vulnerability Assessment and Penetration Testing (VAPT) on APIs using industry-standard tools.
Support Static Application Security Testing (SAST) efforts to identify insecure coding patterns in API source code.
Help review API specifications (OpenAPI/Swagger) for potential security gaps.
Collaborate with development teams to implement secure API design and coding practices.
Participate in the integration of security controls into CI/CD pipelines.
Document findings, remediation steps, and best practices for internal and client use.
Stay updated on API security trends, tools, and vulnerabilities.

Preferred Education

Bachelor's Degree

Experience

Required technical and professional expertise

13 years of experience in application development, cybersecurity, or API support.
Basic understanding of RESTful and GraphQL APIs, including authentication methods (OAuth2, JWT).
Exposure to VAPT tools such as Burp Suite, OWASP ZAP, Postman, or similar.
Familiarity with SAST tools like SonarQube, Checkmarx, Fortify or equivalent.
Awareness of OWASP API Security Top 10 and secure coding principles.
Basic scripting or programming skills (e.g., Python, JavaScript).
Exposure to cloud platforms (AWS, Azure, GCP) and API gateways.
Understanding of DevSecOps concepts and CI/CD integration.

Soft Skills