Share this Job

API Security Engineer

Publish Date: Jul 25, 2021

Location: Aguascalientes City, Aguascalientes, Mexico

Company: Atos

About Atos

Atos is a global leader in digital transformation with 110,000 employees in 73 countries and annual revenue of € 12 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions. The Group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos|Syntel, and Unify. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.




Hybrid QA The API security engineer is responsible for establishing and executing the API security testing program using various API Pentest tools & manual methodologies. This role will require strong interaction with Axos application developers to collect application detail, perform API security testing, report security vulnerabilities and recommend remediation of API security vulnerabilities will be part of the responsibilities. The individual should possess strong API and traditional web application penetration testing expertise, excellent communication and organizational skills. Web application testing, penetration testing, OWASP, prior scripting/coding experience is a plus. The scope of the duties includes researching security weaknesses within the APIs, developing automated tests, preparing reports and recommendations, collaborating with technical and non-technical staff, and reviewing code to maintain correctness and quality while ensuring security best practices are followed. • Develop and maintain an accurate inventory of RESTful APIs • Perform continuous security testing on on-prem, cloud, mobile applications and APIs. • Detects configuration and implementation flaws • Systematically hack all attack points using common hacker techniques • Identify the most critical vulnerabilities across all of your native and third-party APIs • Instantly get alerts on new, changed, and exposed APIs via Teams • Uncover shadow APIs leaking customer data • Create findings reports and communicate to stakeholders • Recommend and implement improvements to testing processes/methodologies. • Develop the set of security standards and best practices, recommending enhancements as needed • Create repeatable methods to assess, measure, and communicate the overall quality of a project and deliver key metrics to assess the overall effectiveness of the quality engineering team. Qualifications • Experience in building, validating, and testing RESTful API's • Prior experience in API & web application penetration testing • Knowledge of open security testing standards and projects, including OWASP • Experience with leveraging web app and API penetration testing tools • Use experience and creativity to drive your manual penetration testing efforts • OSCP, CEH, GWAPT, GPEN, or similar certification.

Here at Atos, we want all of our employees to feel valued, appreciated, and free to be who they are at work. Our employee lifecycle processes are designed to prevent discrimination against our people regardless of gender identity or expression, sexual orientation, religion, ethnicity, age, neurodiversity, disability status, citizenship, or any other aspect which makes them unique. Across the globe, we have created a variety of programs to embed our Atos culture of inclusivity, and work hard to ensure that all of our employees have an equal opportunity to contribute and feel that they are exactly where they belong.