Home / Jobs / Senior API Security Engineer

Senior API Security Engineer

📍 jobr.pro • kuala lumpur, kuala lumpur, Malaysia • Posted June 24, 2026

Full-time Posted June 24, 2026
Apply Now

Job Description

Key Responsibilities

  • API Logic Security: Hunt for Business Logic vulnerabilities (BOLA/IDOR, Mass Assignment) that traditional firewalls miss.
  • Authentication & Authorization: Design and validate OAuth2, OIDC, and JWT implementations to ensure users can only access their own data.
  • Attack Simulation: Script automated attacks against the API Gateway to test rate limiting and fraud detection rules.
  • Gateway Hardening: Work with the Platform team to configure the API Gateway (Kong, or Azure API Gateway) for maximum security.
  • Auth & Partner Integration: Deliver new security design patterns and components for authentication, authorization, SSO, MFA, and Partner security. Standardize how we consume external APIs (Open Banking) and how we secure our own exposed endpoints.

Technical Requirements

  • Strong scripting skills (Python) to automate API attacks.
  • Expertise in REST and GraphQL security.
  • Deep...

Apply for This Position

Ready to take the next step? Click the button below to submit your application.

Submit Application