Moderna

API Security Engineer

Moderna  •  $146k - $234k/yr  •  Cambridge, MA (Onsite)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

The Role:

As a Cybersecurity Engineer, you will help design, implement, and mature Moderna’s approach to API security across modern applications, platform services, and AI-enabled use cases. This role is primarily focused on securing APIs and the systems that expose and consume them, including improving visibility, control, and risk reduction across a growing set of application and integration patterns, with support for initiatives such as AI Gateway and other shared platforms where needed.

The ideal candidate brings strong hands-on experience with API security concepts and controls, and can work effectively across engineering, architecture, and security teams to improve how APIs are exposed, authenticated, monitored, and governed. This role also calls for someone who is forward thinking about how identity and trust models are evolving, including how to secure service identities, machine-to-machine access, and emerging agentic patterns where software agents interact with APIs, tools, and sensitive data on behalf of users or systems.

Here’s What You’ll Do:

  • Help design, implement, and mature Moderna’s API security capabilities across enterprise applications, shared services, integrations, and AI-related platforms.
  • Support the evaluation, deployment, and operationalization of API security technologies used for API discovery, posture assessment, traffic monitoring, anomaly detection, and policy enforcement.
  • Partner with application, platform, and engineering teams to identify insecure API designs, weak authentication or authorization patterns, excessive data exposure, and other common API security risks.
  • Perform API-focused threat modeling and security assessments for modern services, microservices, integrations, and AI-enabled workflows.
  • Define and promote secure API engineering practices, including strong authentication, authorization, rate limiting, schema validation, secrets handling, and secure service-to-service communication.
  • Help shape security approaches for non-human and agentic identity models, including how services, automation, and software agents authenticate to APIs, obtain scoped access, and interact with sensitive systems safely.
  • Analyze API telemetry and findings to identify abuse paths, misconfigurations, shadow APIs, and control gaps, then work with stakeholders to drive remediation.
  • Collaborate with broader security teams to connect API security findings with cloud, application, identity, and detection engineering workflows.
  • Provide practical engineering guidance that helps teams improve API security while preparing for new trust and identity challenges introduced by automation and AI-enabled systems.

Here’s What You’ll Bring to the Table:

  • 5+ years of experience in cybersecurity, application security, platform security, or a related engineering discipline, with meaningful hands-on experience in API security.
  • Strong understanding of API security risks and controls, including authentication, authorization, token handling, rate limiting, data exposure, input validation, and service-to-service trust models.
  • Experience assessing or securing REST, GraphQL, or other modern API patterns in cloud-native or distributed application environments.
  • Experience working with engineering and platform teams to improve API design, security posture, and operational controls.
  • Familiarity with API gateways, service meshes, reverse proxies, or related control points used to secure and observe API traffic.
  • Ability to perform threat modeling and technical risk assessments for APIs, integrations, backend services, and machine-to-machine interaction patterns.
  • Working knowledge of identity and access concepts relevant to non-human identities, workload identities, and emerging agentic access patterns is strongly preferred.
  • Working knowledge of cloud and application security fundamentals, including identity, secrets management, logging, and common security design patterns.
  • Familiarity with AI-enabled architectures or gateway patterns is a plus, particularly where APIs are used to broker access to models, tools, or sensitive data flows.
  • Strong analytical and troubleshooting skills, with the ability to turn technical findings into pragmatic remediation guidance.
  • Strong written and verbal communication skills, with the ability to work across technical and non-technical stakeholder groups.
  • undefined

Pay & Benefits

At Moderna, we believe that when you feel your best, you can do your best work. That’s why our benefits and well-being resources are designed to support you—at work, at home, and everywhere in between.

  • Competitive healthcare, plus voluntary benefit programs to support your unique needs
  • A holistic approach to well-being, with access to fitness, mindfulness, and mental health support
  • Family planning benefits, including fertility, adoption, and surrogacy support
  • Generous paid time off, including vacation, volunteer days, sabbatical, global recharge days, and a discretionary year-end shutdown
  • Savings and investments to help you plan for the future
  • Location-specific perks and extras


The salary range for this role is $145,900.00 - $234,200.00. This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An individual’s position within the salary range will be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, experience, skills, performance, and business or organizational needs.
The
successful candidate may be eligible for an annual discretionary bonus, other incentive compensation, or equity award, subject to company plan eligibility criteria and individual performance.

About Moderna

Since our founding in 2010, we have aspired to build the leading mRNA technology platform, the infrastructure to reimagine how medicines are created and delivered, and a world-class team. We believe in giving our people a platform to change medicine and an opportunity to change the world.

By living our mission, values, and mindsets every day, our people are the driving force behind our scientific progress and our culture. Together, we are creating a culture of belonging and building an organization that cares deeply for our patients, our employees, the environment, and our communities.

We are proud to have been recognized as a Science Magazine Top Biopharma Employer, a Fast Company Best Workplace for Innovators, and a Great Place to Work in the U.S.

If you want to make a difference and join a team that is changing the future of medicine, we invite you to visit modernatx.com/careers to learn more about our current opportunities.

Our Working Model 

As we build our company, we have always believed an in-person culture is critical to our success. Moderna champions the significant benefits of in-office collaboration by embracing a 70/30 work model. This 70% in-office structure helps to foster a culture rich in innovation, teamwork, and direct mentorship. Join us in shaping a world where every interaction is an opportunity to learn, contribute, and make a meaningful impact.

Moderna is a smoke-free, alcohol-free, and drug-free work environment.

Equal Opportunities

Moderna is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry or citizenship, ethnicity, disability, military or protected veteran status, genetic information, sexual orientation, marital or familial status, or any other personal characteristic protected under applicable law. Moderna is a place where everyone can grow. If you meet the Basic Qualifications for the role and you would be excited to contribute to our mission every day, please apply!

Moderna is an E-Verify Employer in the United States. We consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Accommodations

We’re focused on attracting, retaining, developing, and advancing our employees. By cultivating a workplace that values diverse experiences, backgrounds, and ideas, we create an environment where every employee can contribute their best.

Moderna is committed to offering reasonable accommodations to qualified job applicants with disabilities. Any applicant requiring an accommodation in connection with the hiring process and/or to perform the essential functions of the position for which the applicant has applied should contact the Accommodations team at leavesandaccommodations@modernatx.com

Export Control Notice
This position may involve access to technology or data that is subject to U.S. export control laws, including the Export Administration Regulations (EAR). As such, employment is contingent upon the applicant’s ability to access export-controlled information in accordance with U.S. law. Due to the nature of the work and regulatory requirements, only individuals who qualify as U.S. persons (citizens, permanent residents, asylees, or refugees) are eligible for this position. For this role Moderna is unable to sponsor non-U.S. persons to apply for an export control license.
#LI-CK1

-

Moderna

About Moderna

Moderna is a leader in the creation of the field of mRNA medicine. Through the advancement of mRNA technology, Moderna is reimagining how medicines are made and transforming how we treat and prevent disease for everyone. By working at the intersection of science, technology and health for more than a decade, the company has developed medicines at unprecedented speed and efficiency, including one of the earliest and most effective COVID-19 vaccines.

Moderna's mRNA platform has enabled the development of therapeutics and vaccines for infectious diseases, immuno-oncology, rare diseases and autoimmune diseases. With a unique culture and a global team driven by the Moderna values and mindsets to responsibly change the future of human health, Moderna strives to deliver the greatest possible impact to people through mRNA medicines. For more information about Moderna, please visit modernatx.com and connect with us on X (formerly Twitter), Facebook, Instagram, YouTube and LinkedIn.

This Moderna page is not the appropriate place to report adverse events (side-effects) for any products. If you are or someone you know is experiencing a side effect, please reach out to your healthcare professional. Moderna is continuously monitoring the safety of its products. We encourage you to report any side effects directly to us at 1‑866‑MODERNA (1‑866‑663‑3762).

Industry
Biotech & Life Sciences
Company Size
5,001-10,000 employees
Headquarters
Cambridge, Massachusetts
Year Founded
2010
Social Media