Senior Application Security Engineer

About the Role

We are looking for a hands-on API Security Engineer who is passionate about building security directly into applications and APIs. This role focuses on designing and implementing real production security controls to protect critical digital banking services and financial transactions.

This is an engineering-focused security role where you will work closely with product and platform teams to build scalable and effective security solutions.

Key Responsibilities

• Design, develop, and implement API security controls such as authorization checks, input validation, and abuse prevention mechanisms.
• Protect APIs against business logic vulnerabilities including BOLA/IDOR, mass assignment, and workflow abuse.
• Design and validate secure implementations of OAuth 2.0, OpenID Connect (OIDC), and JWT across internal and external APIs.
• Develop and maintain automated security testing and attack simulation tools to cont...