Authentication and Authorization --
Oauth2.0 Client Credentials, Authorization grant etc.
JWT /JWE
SSO/SAML
Security
SSL Process
Certificates
Cryptography -
Hashing, Hashing Algorithms
HTTP Protocols
Load Balancers (preferable)
Network Infrastructure
WAF/Akamai
DNS/ Datacenter exposure
CISSP or CompTIA+ or relevant Certification. This is preferable if they need to be able to understand our issues solve our problems right away.