Application Security Architect @ Rapid API

INACTIVE

Full-Time

Application Security Architect

Rapid API

51-200 employees

Global hub for discovering and connecting to APIs

Senior

Remote in USA

Required Skills

Kubernetes

Node.js

AWS

Terraform

Requirements

7+ years of application security experience
3+ years of application penetration testing experience
3+ years of experience with AWS
Deep experience with Kubernetes and container-based environments
Support multiple languages: Node.js, GraphQL, and terraform
Experience building secure pipelines and familiarity with modern secure development practices
Experience partnering with teams to support regulatory frameworks (such as ISO 27001:2013, NIST 800-53, GDPR, PCI-DSS, FedRAMP)
Ability to translate technical security details into product development roadmaps and security frameworks
Strong planning, execution, and collaborative skills

Responsibilities

Work closely with leadership on developing roadmaps and outlining projects to remediate product security gaps
Develop security requirements and aid in architecture designs for the product, engineering, and development teams
Review security controls with project owners to ensure security requirements are appropriately implemented
Build CI/CD enhancements and automation to ensure a security-first strategy
Review and analyze SAST tooling to provide actionable feedback to developers
Be a subject matter expert on container security and deliver guidance to development and platform engineering teams
Translate complex threat modeling and security assessments by providing actionable/easy-to-read reports for product and development teams
Participate in security incident response activities and drive remediation
Actively engage and advise on secure coding practices for development teams
Mentor security engineers and software developers on effectively designing and implementing secure products
Work closely with the compliance team to define innovative and alternative approaches to meet regulatory obligations associated with data governance (Security, Privacy and Availability) requirements

Rapid is a team of creators delivering the next-generation API platform built for the modern developer. Our users range from independent developers to the largest companies in the world. We work hard to make it easy for developers to build, use, and share APIs faster while providing enterprise-wide visibility and governance. As a result, entrepreneurs and enterprises can concentrate on creating value and business outcomes.

How do we make this happen? Rapid is the creator of RapidAPI Hub, the world’s largest API hub, where more than 4 million developers discover, evaluate and integrate more than 40,000 APIs from leading companies like Twilio, Microsoft and Google and more. Rapid also offers RapidAPI Studio, which provides developers with a single, connected experience to design, develop, test, monitor and publish their APIs. For enterprise organizations, Rapid offers RapidAPI Enterprise Hub, a private, customizable version of the public hub that enables the company’s developers, customers, and partners to find, manage, and connect to hundreds of internal APIs, as well as external API subscriptions.

We operate at scale when the opportunity is even greater. We offer you the opportunity to make a difference and empower developers to build modern software through API innovation while doing the most critical work of your career.

Application Security Architect position plays a critical role in supporting product and development efforts in a growing global environment. You will be responsible for building, implementing, and supporting tooling to ensure that the RapidAPI platform is implemented with security best practices. You should be able to work in a fast-paced environment with a passion for providing an excellent developer experience while ensuring security guardrails are in place to build secure solutions.

YOU HAVE:

- 7+ years of application security experience

- 3+ years of application penetration testing experience

- 3+ years of experience with AWS

- Deep experience with Kubernetes and container-based environments

- Support multiple languages: Node.js, GraphQL, and terraform

- Experience building secure pipelines and familiarity with modern secure development practices

- Experience partnering with teams to support regulatory frameworks (such as ISO 27001:2013, NIST 800-53, GDPR, PCI-DSS, FedRAMP)

- Ability to translate technical security details into product development roadmaps and security frameworks

- Strong planning, execution, and collaborative skills

YOU WILL:

- Work closely with leadership on developing roadmaps and outlining projects to remediate product security gaps

- Develop security requirements and aid in architecture designs for the product, engineering, and development teams

- Review security controls with project owners to ensure security requirements are appropriately implemented

- Build CI/CD enhancements and automation to ensure a security-first strategy

- Review and analyze SAST tooling to provide actionable feedback to developers

- Be a subject matter expert on container security and deliver guidance to development and platform engineering teams

- Translate complex threat modeling and security assessments by providing actionable/easy-to-read reports for product and development teams

- Participate in security incident response activities and drive remediation

- Actively engage and advise on secure coding practices for development teams

- Mentor security engineers and software developers on effectively designing and implementing secure products

- Work closely with the compliance team to define innovative and alternative approaches to meet regulatory obligations associated with data governance (Security, Privacy and Availability) requirements

This is an opportunity to play a key role in a fast-growing and high-scale startup company distributed across the globe. This role may not be for everybody as we are looking for individuals who are willing to challenge the “status quo” and are looking to influence and change the way in which Security, Privacy and Compliance to regulatory obligations are defined and achieved for our Enterprise Customers and Developer community.

This is an opportunity to play a key role in a fast-growing and high-scale startup company distributed across the US, Europe, and Israel. You’ll be taking our product to the next level within a high-talent-density team and out-of-the-box thinking. Having raised $150 million in a Series D investment round in 2022; you’ll be working with a team that is scaling globally, fast.

If this sounds like you, click apply below! We’d love to hear from you.

Rapid API

View

Website

View Company Profile

RapidAPI, the world's largest API Hub, offers a unique value proposition for developers around the globe, providing a centralized platform to discover, evaluate, integrate, and monitor APIs. Their culture fosters collaboration and innovation, with a team of developers working from diverse locations such as San Francisco, Tel Aviv, Tallinn, Berlin, and other remote areas. The company's competitive advantage lies in its comprehensive API management system, which includes designing, testing, monitoring, building, and publishing APIs, all within a single dashboard, making it a leader in the tech industry.

Company Stage

Series D

Total Funding

$272.5M

Headquarters

San Francisco, California

Founded

2015

Growth & Insights

Headcount

6 month growth

↓ -1%

1 year growth

↓ -26%

2 year growth

↑ 19%

INACTIVE