API Security Engineer
Job description
Security and trust are foundational to NexaGuard. As API Security Engineer, you’ll secure our auth flows, APIs, and data access patterns, partnering closely with Engineering and Compliance to strengthen our platform posture.
-
Design and implement secure authentication/authorization across services (RBAC/ABAC, JWT/OAuth patterns).
-
Run threat models and security reviews for new features and integrations.
-
Build security automation: SAST/DAST, dependency scanning, secrets management, CI/CD gates.
-
Partner with incident response and post-incident hardening efforts.
-
Support audit readiness (e.g., SOC 2-style controls) with evidence-friendly engineering practices.
Requirements
5+ years in application security, product security, or backend security engineering.
Strong understanding of web security (OWASP), API risks, and modern auth patterns.
Experience with security tooling and automation in CI/CD pipelines.
Ability to communicate risks clearly to engineers and non-technical stakeholders.
Bonus: experience in privacy/security compliance environments.
Benefits
Salary Range: $160,000 – $260,000
Competitive compensation and equity opportunity
Medical, dental, and vision coverage
401(k) plan
Generous PTO and paid holidays
Paid parental leave
Learning & professional development budget
Skills
What happens after you apply
You’ll receive a private tracking link immediately. Our team reviews applications and follows up with qualified candidates.
NexaGuard is an equal opportunity employer. Candidate information is processed for recruiting purposes and handled securely.