We need a 'Cyber Security Engineer' with 2-5 years of experience to protect our APIs, infrastructure, and data. The ideal candidate will have expertise in API security, infrastructure protection, and compliance (including GDPR).
Key Responsibilities:
1. Implement and monitor security measures for APIs, microservices, and infrastructure.
2. Conduct API security assessments, focusing on BOLA and other OWASP API top 10 risks.
3. Perform infrastructure vulnerability assessments and penetration testing.
4. Develop and implement security policies aligned with GDPR and other regulations.
5. Design robust authentication and authorization mechanisms.
6. Respond to security incidents across APIs and infrastructure.
7. Collaborate with development teams to integrate security into the SDLC.
8. Stay current with API, infrastructure, and data protection security trends.
Strong knowledge of:
- API security best practices (BOLA, OWASP API Security Top 10)
- Infrastructure security (firewalls, IDS/IPS, SIEM)
- GDPR and other relevant data protection regulations
- Cloud security (AWS)
- Containerization and microservices security
- API gateways, OAuth 2.0, JWT
- Security testing tools (e.g., OWASP ZAP, Burp Suite)
- Infrastructure-as-Code and security automation
- Familiarity with DevSecOps practices
Skill(s) required
Amazon Web Server (AWS)Amazon Web Services (AWS)APIsOAuth
UniAcco (by Adventum Student Living Private Limited) intends to build a cutting-edge, technology-based platform to provide end-to-end solutions to international students to achieve their dreams. We started the journey with UniAcco (a global student accommodation platform) in 2019 and launched UniCreds (marketplace for education loans) in 2020 our third vertical UniScholarz, which was recently launched, is a global counseling platform that offers effective mentoring by specialized counselors. These three consumer tech-led companies enable students to have the most hassle-free experience in reaching their educational goals free of cost. Because we believe dreams shouldn't be compromised under any circumstances.