API Security Manager

• API Security Manager
• Location: Melbourne (CBD)
• Employment Type: Permanent Full-Time
• Base Salary: $160,000 + Superannuation
• Short-Term Incentive: Up to 20% of base salary (at-target)
• Total Package: $209,600 (at-target, including super)
• Join a leading Australian enterprise as an API Security Specialist, taking ownership of Akamai API Security to strengthen cyber resilience across a complex technology environment.

 
About the Role
This role sits within a Cyber Defence team responsible for protecting the organisation's API attack surface and DNS infrastructure. Akamai API Security is already deployed at enterprise scale, and this role takes ownership of it. You will drive BAU operations, mature the capability, and ensure the platform delivers continuous, measurable risk reduction across the enterprise.
 
In addition to API security, you will support and enhance critical DNS security capabilities across the organisation. This is a hands-on ownership role, not a project delivery role. You will be expected to know the platform deeply, identify gaps proactively, and operate with minimal direction.
 
Key Responsibilities
 
API Security - Platform Ownership & BAU
Take full ownership of Akamai API Security post-implementation, including day-to-day operations, health monitoring, alert triage, and platform configuration. Maintain and continuously improve API discovery, risk scoring, and threat detection across enterprise environments. Manage the remediation backlog, prioritising shadow APIs, unauthenticated endpoints, and high-risk exposures in collaboration with product and engineering teams.
Drive platform maturity through tuning, policy refinement, and expanding coverage to new APIs and business units. Own the vendor relationship with Akamai, including roadmap engagement, support escalations, and licence management. Integrate API security controls into CI/CD pipelines and developer workflows where not already established. Provide regular, executive-ready reporting on API risk posture.
 
DNS Security
Lead the design, implementation, and ongoing management of DNS security controls across organisational domains. Manage key management, zone signing, and rollover processes to ensure cryptographic integrity and availability. Monitor DNS infrastructure for anomalies, hijacking attempts, and misconfigurations. Collaborate with network and infrastructure teams on DNS architecture changes with security implications.
 
Controls & Governance
Maintain control frameworks and evidence artefacts aligned to cyber security policies and regulatory obligations. Support risk assessments, internal audits, and third-party assurance reviews across API and DNS security domains. Contribute to the broader Cyber Controls program spanning data encryption, network gateway security, and external posture management.
 
Stakeholder Engagement
Engage confidently with stakeholders from engineering through to executive level. Produce clear, concise risk and status reporting consumable without translation by a Head of Technology or CISO. Represent the API Security and DNS control domains in governance forums, architecture reviews, and risk discussions.
 
Key Skills & Experience

Essential

• Demonstrated experience owning and operating an enterprise API security platform in a BAU capacity, not just implementation or advisory.
• Hands-on knowledge of API gateway technologies, OWASP API Security Top 10, API discovery, and risk prioritisation.
• Working knowledge of DNS security architecture, key management, and DNS threat vectors (hijacking, cache poisoning, tunnelling).
• Experience in a large, complex enterprise environment, ideally regulated (aviation, financial services, utilities, or equivalent).
• Ability to translate technical risk into business impact for non-technical audiences.
• Strong written and verbal communication skills, with the ability to produce executive-ready content.

Desirable

• Direct hands-on experience with Akamai API Security.
• Familiarity with Akamai Kona WAF and Bot Management.
• Exposure to external attack surface management and security posture tooling (e.g. BitSight).
• Relevant certifications such as CISSP, CCSP, or equivalent.

 
Keyword Search
API Security Manager| API Security Specialist| Application Security Manager| Cyber Security Manager | Senior API Security Engineer
 
If you are keen to learn more, feel free to give me a call on 📱03 8080 7260 or send your resume to 📎nick.reddy@peoplebank.com.au.

We are always keen to connect with talented professionals, referrals are highly encouraged and appreciated.
 
🔗 Don’t miss this great opportunity!



Peoplebank and Leaders IT are committed to creating a diverse and inclusive workplace where everyone belongs. We welcome applications from people of all backgrounds, identities, and experiences. If you need adjustments to the recruitment process due to your circumstances, please let us know—we’re here to support you.