API Security Lead Engineer

Pune, Noida, Bengaluru
December 15, 2025
Full Time
Apply Now

Job Description

We are looking for an experienced API Security Engineer with a strong focus on HashiCorp Vault to design, implement, and manage secure API access and secrets management solutions.
This role combines security engineering, architectural design, and leadership, ensuring secure API interactions across cloud and on-prem environments while meeting enterprise security and compliance standards.

🛠️ Key Responsibilities

  • Architect, deploy, and manage HashiCorp Vault for:
    • Secrets management
    • Identity-based access control
    • Data encryption
  • Design and implement secure API authentication, authorization, and data protection mechanisms
  • Use Vault features such as:
    • Dynamic secrets
    • Token management
    • Encryption as a Service
  • Secure API integrations across platforms while aligning with enterprise security and compliance standards
  • Manage application secrets and credentials with policy enforcement and automated rotation
  • Automate security configurations using Infrastructure as Code (IaC) and configuration management tools
  • Collaborate with DevOps, IAM, and application teams to embed security into:
    • API lifecycle
    • CI/CD pipelines
  • Conduct API security assessments, penetration testing, and remediation planning
  • Monitor API traffic and logs to detect anomalies and respond to incidents
  • Integrate HashiCorp Vault / CyberArk Vault with applications to protect:
    • API keys
    • Tokens
    • Credentials
  • Implement secure OAuth2, JWT, OpenID Connect, and API gateway security patterns
  • Ensure secure data handling across API interactions

🎓 Essential Qualifications

  • Bachelor’s or Master’s degree in:
    • Computer Science
    • Software Engineering
    • Management Information Systems
    • Or equivalent relevant experience

Preferred Experience & Skills

  • 8–10 years of experience in:
    • Cyber Security
    • API Security
    • Vault Management
  • Hands-on experience with API security platforms:
    • MuleSoft
    • Apigee
    • AWS API Gateway
  • Experience with secrets management tools:
    • HashiCorp Vault
    • CyberArk Conjur
  • Knowledge of automation & configuration tools:
    • Terraform
    • Ansible
    • SALT
  • Strong understanding of:
    • OAuth2
    • OpenID Connect
    • JWT
    • API Gateway security patterns
  • Experience with cloud-native environments:
    • AWS / Azure / GCP
  • Proficiency in scripting & automation:
    • Python
    • Bash
    • YAML
  • Experience with:
    • Container security
    • Kubernetes
  • Security certifications are a plus:
    • CISSP
    • CCSP
    • GIAC
    • API security certifications

🎁 What We Offer

  • Comprehensive mindfulness programme with premium Calm membership
  • Volunteer Paid Time Off (after 6 months)
  • Company volunteer & donation matching programme
  • Employee Assistance Program (EAP)
  • Personalized wellbeing support via OnTrack programme
  • On-demand digital learning library for professional growth
  • Additional local benefits

🏢 Hybrid Work Policy

Employees are expected to work from a Rockwell Automation location on Mondays, Tuesdays, and Thursdays, unless business obligations require otherwise.

🔑 Key Skills

API Security
HashiCorp Vault
Cyber Security
Automation
Configuration Management
Architectural Design
Penetration Testing
Python
Cloud Security (AWS / Azure / GCP)
Kubernetes Security

Related Jobs