API Security Engineer

Arab Bank • Full-time • عمان, JO • 1d ago

Job Description:

We are looking for a Mid-Level API Security Engineer with 3–5 years of hands-on experience in API, Kubernetes, and SIEM security. The role will focus on securing APIs, enhancing Kubernetes security, and building automation for security operations. The candidate should be comfortable writing scripts and using automation frameworks to streamline API security enforcement, monitoring, and incident response.

Accountabilities and Key Roles :

API Security

Implement and enforce API security policies (mTLS, OAuth2.0, JWT, HMAC, rate limiting, schema validation).
Conduct API threat modeling and risk assessments based on OWASP API Security Top 10.
Monitor and analyze API traffic for anomalies and attacks, automating detection where possible.
Support secure API lifecycle management (design → deployment → monitoring).

Kubernetes & Container Security

Secure Kubernetes workloads (RBAC, pod security, network policies, admission controllers).
Deploy and manage container runtime security tools (e.g., Aqua, Prisma, NeuVector, Trivy).
Automate Kubernetes security checks and compliance validations in CI/CD pipelines.
Write scripts or policies to enforce secure configurations across clusters.

SIEM & Security Monitoring

Onboard API and Kubernetes logs into SIEM (QRadar, Splunk, LogRhythm, or equivalent).
Create automated correlation rules, dashboards, and alerts for API and container threats.
Build custom parsers or integrations to enrich SIEM data from APIs and microservices.
Support incident response with automated playbooks (e.g., containment scripts, log queries).

Automation & Scripting

Develop scripts (Python, Bash, Go, or similar) for automating:
API log collection and parsing
SIEM rule deployment and tuning
Kubernetes policy validation (OPA, Kyverno, Gatekeeper)
Security testing of APIs in CI/CD pipelines
Build integrations with DevOps tooling (GitLab CI, Jenkins, Terraform, Helm).
Automate repetitive tasks in API security operations to reduce manual overhead.

Required Skills:

Strong understanding of API security concepts and standards (OAuth2.0, OIDC, TLS, JWT).
Experience securing Kubernetes clusters and containerized workloads.
Hands-on with SIEM platforms (QRadar, Splunk, LogRhythm).
Proficiency in scripting/automation using Python, Bash, or Go.
Familiarity with DevSecOps practices and pipeline integrations.
Strong analytical and troubleshooting skills with focus on automation.

Preferred Skills:

Experience with Apigee Hybrid/Edge, Kong, or other API gateways.
Exposure to infrastructure as code (Terraform, Helm, Ansible).
Knowledge of Cloud Security (GCP, AWS, Azure).
Familiarity with Zero Trust, DLP, and advanced threat detection in API ecosystems.
Experience with automation frameworks like Ansible, or custom API integrations.

Soft Skills:

Strong collaboration with DevOps, SOC, and Cloud teams.
Effective communicator with ability to explain technical issues to non-technical stakeholders.
Proactive, self-motivated, and detail-oriented.
Strong time management with ability to prioritize incidents and projects.