Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join a team to secure APIs and web applications, reviewing specs and advising on best practices.
- Company: A forward-thinking client focused on enhancing application security in a remote work environment.
- Benefits: Enjoy remote work flexibility with occasional trips to London and a competitive contract.
- Why this job: Make a real impact in cybersecurity while collaborating with key stakeholders and enhancing your skills.
- Qualifications: Mid-level experience in API security, knowledge of OWASP, and ability to communicate technical risks effectively.
- Other info: This role operates inside IR35, ensuring compliance and security in your contract work.
The predicted salary is between 36000 - 60000 £ per year.
Our client is looking to hire mid-level API & Application Security Specialist to join them on a 6-month initial contract, to work remotely with some occasional trips to the London site. This role will be operating INSIDE IR35.
Key Skills Required:
- Deep knowledge of OWASP API Top 10
- Able to review Swagger/Open API specs for vulnerabilities
- Advise on secure API design patterns
- Familiar with fallback controls such as WAF's, API gateways
- Experience using SIEM/logging tools to track API threats
- Familiarity with NIST, OWASP SAMM, or internal security frameworks
- Experience producing risk dashboards/reports for API's
- Able to translate technical risks into business language, collaborating with key stakeholders
If interested in this role, please apply today :)
API / Web Application Security Specialist | Remote Contract employer: Korn Ferry
Contact Detail:
Korn Ferry Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land API / Web Application Security Specialist | Remote Contract
✨Tip Number 1
Familiarise yourself with the OWASP API Top 10 vulnerabilities. Being able to discuss these in detail during your interview will show your deep understanding of application security and demonstrate your expertise.
✨Tip Number 2
Prepare examples of how you've reviewed Swagger/Open API specs in the past. Highlight specific vulnerabilities you identified and how you advised on secure design patterns, as this will showcase your practical experience.
✨Tip Number 3
Brush up on your knowledge of fallback controls like WAFs and API gateways. Be ready to discuss how you've implemented these tools in previous roles to mitigate risks associated with API threats.
✨Tip Number 4
Think about how you can translate technical risks into business language. Prepare to share examples of how you've communicated security issues to stakeholders, as this skill is crucial for the role.
We think you need these skills to ace API / Web Application Security Specialist | Remote Contract
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the API / Web Application Security Specialist position. Familiarise yourself with key skills like OWASP API Top 10 and secure API design patterns.
Tailor Your CV: Customise your CV to highlight relevant experience in API security, including any work with Swagger/Open API specs, SIEM tools, and risk reporting. Use specific examples that demonstrate your expertise in these areas.
Craft a Compelling Cover Letter: Write a cover letter that not only outlines your qualifications but also shows your enthusiasm for the role. Mention how your skills align with the company's needs and your ability to communicate technical risks to stakeholders.
Proofread Your Application: Before submitting, carefully proofread your application materials. Check for spelling and grammatical errors, and ensure that all information is clear and concise. A polished application reflects your attention to detail.
How to prepare for a job interview at Korn Ferry
✨Know Your OWASP API Top 10
Make sure you have a solid understanding of the OWASP API Top 10 vulnerabilities. Be prepared to discuss each one and how they can impact application security, as this will likely be a key focus during your interview.
✨Review Swagger/Open API Specs
Familiarise yourself with Swagger and Open API specifications. You might be asked to review a sample spec for vulnerabilities, so practice identifying potential security issues and suggesting improvements.
✨Understand Secure API Design Patterns
Be ready to discuss secure API design patterns and fallback controls like WAFs and API gateways. Demonstrating your knowledge in these areas will show that you can advise on best practices effectively.
✨Translate Technical Risks into Business Language
Prepare to explain how you would communicate technical risks to non-technical stakeholders. Being able to translate complex security concepts into business language is crucial for collaboration and decision-making.
