See yourself in this role

In this position, you’ll join the Network and Application Protection team, a part of the broader Cyber and Information Security (CIS) division. Your role will include collaboration with a wide range of stakeholders, including architects, cyber security operations, networks and application teams, to deploy and persistently enhance security solutions that safeguard our assets.

What You’ll Do

• Act as a Subject Matter Expert (SME) on API Security for the wider technology community
• Cultivate an extensive understanding of the products, with a focus on solutions that are crucial for enhancing our overall API Security
• Support the development and maintenance of API Security guidelines, best practices and life-cycle phases for infrastructure and application teams throughout the bank
• Define criteria and evaluate relevant API security solutions
• Drive the adoption of new ideas and technologies in the API security domain including discovery, management, anomaly detection and protection
• Propose recommendations for automated security auditing and testing solutions for APIs and take charge of their implementation

What You Have

• 5+ years of experience in securing APIs as a security consultant or security-focused engineer
• Good understanding of current web applications and API threat landscapes
• Deep technical expertise with Web and API Security relevant technologies (OAuth, SAML, TLS/SSL, OpenAPI)
• Practical familiarity with security infrastructure, notably Azure AD, WAF, and API Gateways (like Apigee, Azure APIM)
• Experience in working within an Agile framework

Nice to have

• Experience with security frameworks (e.g., OWASP, CIS, STIG, NIST Zero Trust)
• Cyber security qualifications, such as CEH, CISSP and CompTIA Security+
• Experience with deploying an API Security Platform (e.g. noname security, Salt Security, etc.) and/or enforcing policy (OPA/Rego, XACML)

We Offer

• We gather like-minded people:
  • Friendly team and enjoyable working environment
  • Engineering community of industry’s professionals
  • Flexible schedule and opportunity to work remotely
  • Relocation within our 50+ offices
• We provide growth opportunities:
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning, Get Abstract, O’Reilly, Cloud Guru
  • Language classes on English and Polish for foreigners
• We cover it all:
  • Stable income (Employment Contract or B2B)
  • Regular assessments and salary reviews
  • Participation in the Employee Stock Purchase Plan
  • Referral bonuses
  • Benefits package (health insurance, multisport, shopping vouchers)
  • Corporate and social events
• We may contact chosen candidates only

About EPAM

• EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential

Why EPAM