Share this Job

API Security Engineer Sr

Publication Date:  Jan 28, 2023
Ref. No:  448982

Mexico City, MX, 6600

About Atos

Atos is a global leader in digital transformation with 107,000 employees and annual revenue of over € 11 billion. European number one in cybersecurity, cloud and high performance computing, the Group provides tailored end-to-end solutions for all industries in 71 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos is a SE (Societas Europaea), listed on Euronext Paris and included in the                                                           CAC 40 ESG and Next 20 Paris Stock indexes.


The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education, and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.



The API security engineer is responsible for establishing and executing the API security testing program using various API Pentest tools & manual methodologies. This role will require strong interaction with Axos application developers to collect application detail, perform API security testing, report security vulnerabilities and recommend remediation of API security vulnerabilities will be part of the responsibilities. The individual should possess strong API and traditional web application penetration testing expertise, excellent communication and organizational skills. Web application testing, penetration testing, OWASP, prior scripting/coding experience is a plus. The scope of the duties includes researching security weaknesses within the APIs, developing automated tests, preparing reports and recommendations, collaborating with technical and non-technical staff, and reviewing code to maintain correctness and quality while ensuring security best practices are followed.


• Develop and maintain an accurate inventory of RESTful APIs • Perform continuous security testing on the on-prem, cloud, mobile applications, and APIs.

• Detects configuration and implementation flaws

• Systematically hack all attack points using common hacker techniques

• Identify the most critical vulnerabilities across all of your native and third-party APIs

• Instantly get alerts on new, changed, and exposed APIs via Teams

• Uncover shadow APIs leaking customer data

• Create findings reports and communicate to stakeholders

• Recommend and implement improvements to testing processes/methodologies.

• Develop the set of security standards and best practices, recommending enhancements as needed

• Create repeatable methods to assess, measure, and communicate the overall quality of a project and deliver key metrics to assess the overall effectiveness of the API security.

Here at Atos, we want all of our employees to feel valued, appreciated, and free to be who they are at work. Our employee lifecycle processes are designed to prevent discrimination against our people regardless of gender identity or expression, sexual orientation, religion, ethnicity, age, neurodiversity, disability status, citizenship, or any other aspect which makes them unique. Across the globe, we have created a variety of programs to embed our Atos culture of inclusivity, and work hard to ensure that all of our employees have an equal opportunity to contribute and feel that they are exactly where they belong.