Key Responsibilities: ● API Logic Security: Hunt for Business Logic vulnerabilities (BOLA/IDOR, Mass Assignment) that traditional firewalls miss. ● Authentication & Authorization: Design and validate OAuth2, OIDC, and JWT implementations to ensure users can only access their own data. ● Attack Simulation: Script automated attacks against the API Gateway to test rate limiting and fraud detection rules. ● Gateway Hardening: Work with the Platform team to configure the API Gateway (Kong, or Azure API Gateway) for maximum security. Technical Requirements: ● Strong scripting skills (Python) to automate API attacks. ● Expertise in REST and GraphQL security. ● Deep knowledge of OAuth 2.0 and OpenID Connect (OIDC) flows. ● Experience with API Security tools (Postman, Burp Suite, 42Crunch).
Pay: ₹2,000,000.00 - ₹2,500,000.00 per year
Benefits:
- Cell phone reimbursement
- Flexible schedule
- Food provided
- Health insurance
- Life insurance
Work Location: In person
