This role is about building security into those APIs , not reviewing them after the fact.

We are looking for a hands‑on security engineer who codes, understands how attackers break APIs, and uses that mindset to build real, production security controls.

Job Responsibilities

• Build and ship API security controls used by product teams (authZ checks, validation, abuse prevention).
• Defend against business logic attacks (BOLA/IDOR, mass assignment, workflow abuse).
• Design and validate OAuth2, OIDC, JWT implementations across internal & external APIs.
• Build automated attack simulations to test the controls you deploy.
• Define security patterns for partner integrations & Open Banking APIs.

What We’re Looking For

• Bachelors Degree in Computer Science or equivalent field.
• Strong software engineering background (you write production‑quality code).
• Hands‑on Application / API Sec...