Remote Security Engineer (API Specialist) Job in United States HealthEquity

Who you are

• Bachelor's degree in Information Systems, Cybersecurity or related field and minimum 2 years’ relevant experience
• Experience as a professional security engineer and/or software engineer, particularly with APIs and modern software architecture
• Experience with Azure cloud environments and API management tools like Azure APIM and Kong
• Experience conducting security risk assessments for on-premise and cloud-based services
• Advanced security certification (e.g., CISSP, CSSLP, CEH) or demonstrable competency
• Agile/Scrum and Microsoft Azure experience beneficial
• Expert-level knowledge of API Security concepts and tooling
• Knowledge of leading information security frameworks and best practices (OWASP API Top 10, NIST Cybersecurity Framework, ISO27001/2, and CIS Top 20 Controls)
• Ability to perform high-quality threat modeling
• Ability to present complex security recommendations
• Ability to research and iterate on new security metrics
• Documentation skills for procedures related to this role
• Excellent interpersonal skills
• Team player capable of developing strong collaborative working relationships
• Experience in financial services or healthcare industries is a plus
• Familiarity with container security, application security testing tools, and infrastructure as code scanning is a plus

Desirables

• Agile/Scrum knowledge
• Azure experience
• Financial services know-how
• Healthcare industry familiarity
• Container security awareness
• AppSec tools familiarity
• IaC scanning familiarity

What the job involves

• Oversee the API security program through strategic planning and tool selection
• Collaborate with development teams to integrate security principles in API development
• Manage and improve policy and standards documentation relating to API security