The Senior Analyst will build and adapt high-impact security solutions and tools for the APIs to enable new business opportunities by mitigating associated risks. Work on designing, implementing and promoting intuitive, on-demand, self-serve security controls for the business line teams producing APIs that are context relevant, low maintenance and always available.
- Develop and maintain API blueprints, guidelines, implement best-practices and performance tuning techniques.
- Responsible for ensuring the security of all API’s across the Authority and guiding in terms of Security requirements when it comes to API’s and integrations
- Collaborate with other teams across the organization and embrace challenging, complex environment with focus on delivering valued services based on continuous improvement and visibility.
- Ensure Security Architecture alignments with security governance and infrastructure team.
- Work with product owners and developers to identify security threads and resolve security impediments.
- Work with IT leaders, product owners and developers to establish an API enablement framework.
- Serve as a Subject Matter Expert (SME) in the API Security domain for the Authority.
- Maintain body of knowledge (APISec BoK) on emerging API Security threats and vulnerabilities.
- Contribute to authoring of the API security governance documentation and processes.
- Explore and analyze the existing architectures and controls around the APIs for security gaps and inefficiencies.
- Champion API security requirements and mitigations.
- Reason about and propose security improvements to the API designs, implementations and deployments.
- Create context-relevant and risk-based systematic solutions for the APIs.
- Develop tooling for automated and continuous verification of the security posture of the APIs.
- Research, implement, and manage API security tooling and solutions.
- Understanding and appreciation of the attack surface, and security related concerns associated with APIs.
- Grade 12 Certificate with 5 ‘O’ level with credit or better including Mathematics and English.
- Degree in B. Eng./BSc. Electronics & Telecommunications Engineering/Computer Science/Information Technology.
- Any of the below certifications
- Certified Information Systems Security Professional (CISSP) or equivalent Certification
- Certified Ethical Hacker, CEH
- Other Relevant ICT Certifications.
- Must be a member of the Information and Communication Technology Association of Zambia (ICTAZ) with a valid practicing license.
Minimum Experience Required
- Not less than four (4) years’ ICT experience and two (2) years of Information and or Cyber Security in a similar position in an organisation with a similar size of operations.
To apply for this job please visit careers.napsa.co.zm.