API Security Engineer - MTBNY


IT - PA - Erie, PA
Erie, Pennsylvania
Locations: Erie, Dunkirk, Geneva, Wellsville
Posted On: October 29, 2025
Last Day to Apply: November 03, 2025
Pay: $80.00 to $105.00 per hour

API Security Engineer 

The API Security Engineer is responsible for architecting and enforcing enterprise-grade security controls around critical API gateways used in payment, lending, and core banking ecosystems. This role is essential for protecting sensitive financial data while enabling digital transformation at scale.

Key Responsibilities:

  • Design and implement API authentication and authorization frameworks (OAuth2, OIDC, SAML, JWT) with strong encryption (TLS/SSL).
  • Configure advanced security controls on API gateways (Microsoft APIM, Kong, Apigee) including rate limiting, IP whitelisting, and DDoS mitigation.
  • Implement logging, monitoring, and alerting aligned to SOX, FFIEC, and PCI-DSS audit standards.
  • Partner with engineering and architecture teams to enforce secure coding standards and SDLC governance.
  • Conduct API penetration testing, threat modeling, and vulnerability scans with continuous remediation tracking.
  • Develop incident response procedures for API-related security incidents.

Required Skills:

  • 5+ years in application or API security engineering.
  • Deep expertise with API security protocols and encryption.
  • Hands-on with APIM/Kong/Apigee and identity solutions (Azure AD, Okta).
  • Strong understanding of banking regulations, PCI compliance, and FFIEC guidance.
  • SIEM and vulnerability scanning tool experience (Splunk, Tenable, Qualys).
© 2025 Powered by TalentNest | Privacy Policy
Skip to the main content