Our client is a financial institution providing the United States with a safe, flexible, and stable monetary system. They are seeking an API Cloud Security Specialist. In this role you will be responsible for the strategy, design, deployment, and maintenance of effective security solutions in cloud, local, and hybrid environments.
This role is onsite inWashington, DC. Per our client contract, candidates must be US Citizens.
Responsibilities
• Develop API integration architecture documentation outlining integrations across cloud systems
• Define data models and perform attribute mapping between cloud platforms
• Build and maintain automation scripts and orchestration processes (e.g., serverless functions, scheduled jobs, event-driven handlers)
• Design and implement resilient, secure API integrations to support end-to-end data access management solutions
• Conduct thorough testing and maintain detailed documentation for cloud integrations
• Support data loss prevention (DLP) and cloud access security broker (CASB) initiatives
• Collaborate across teams as a Cloud Security Engineer SME to support the design, development, implementation, and monitoring of cloud platforms, applications, and tools
• Provide technical guidance to cloud engineering teams on secure implementation practices
• Develop and maintain security configuration guides and operational playbooks
Qualifications
• Required Experience:
ο Extensive hands-on experience with REST APIs, including implementing, securing, automating, testing, and documenting integrations
ο Strong knowledge of resilient integration patterns, including error handling, retry logic, and monitoring approaches
ο Proficiency in scripting and automation languages used for security orchestration
• Preferred Qualifications:
ο AWS Certified Security – Specialty (strongly preferred)
ο AWS Certified Solutions Architect – Associate or Professional
• Preferred experience integrating platforms such as ServiceNow, Collibra, and Saviynt
• Experience designing and implementing cloud-native, serverless architectures and services
• Proven experience architecting and deploying security controls across public cloud environments
• Hands-on experience applying DevSecOps practices, including CI/CD pipelines and Infrastructure-as-Code methodologies
• Experience implementing Cloud Access Security Broker (CASB) solutions to enhance SaaS security and visibility
• Strong understanding of security principles and technologies across IAM, security engineering, network security design, security operations, architecture, cloud security, data loss prevention, zero trust, DevSecOps, and vulnerability management
• Demonstrated federal experience with deep knowledge of implementing cybersecurity requirements, including the NIST Cybersecurity Framework, OMB Memorandum M-22-09, and NIST SP 800-53
• Advanced analytical, problem-solving, and troubleshooting skills, with the ability to independently resolve complex security challenges
• Proven ability to deliver technical security advisory services with a proactive approach—identifying risks, asking critical questions, and collaborating with stakeholders to ensure security objectives are achieved