Security Specialist – API & Microservices

About the role

We are seeking a proactive Security Specialist to design, implement and manage secure architectures for modern application environments. The role focuses on API security, micro‑services, and embedding security throughout DevSecOps pipelines.

Key responsibilities

• Design and implement secure API and micro‑services architectures following industry best practices.
• Develop and enforce API security frameworks, including authentication, authorization and threat‑protection mechanisms.
• Integrate security controls into CI/CD pipelines (SAST, DAST, secret scanning) and ensure continuous monitoring.
• Manage consent and identity management services to meet data‑privacy regulations.
• Conduct security assessments, vulnerability testing and risk analysis across applications and infrastructure.
• Collaborate with development, DevOps and product teams to embed security throughout the software development lifecycle.
• Monitor, investigate and respond to security incidents, providing timely mitigation and reporting.
• Stay current with emerging threats, tools and compliance standards.

Required profile

• Proven experience in application security, API security or related cybersecurity roles.
• Strong analytical and problem‑solving abilities with clear communication skills.
• Relevant certifications such as CISSP, CEH, CISM or cloud‑security credentials are a plus.

Required skills

• API security standards: OAuth2.0, OpenID Connect, JWT, API gateways.
• Micro‑services architecture and secure API development.
• DevSecOps tools: CI/CD security, SAST, DAST.
• Consent and identity management solutions.
• Cloud platforms: AWS, Azure, GCP (optional).
• API management platforms: Apigee, Kong, MuleSoft.

What we offer

• Opportunity to work on modern, scalable and secure architectures.
• Exposure to cutting‑edge cloud and API security technologies.
• Collaborative, growth‑driven environment.