Lead Software Engineer(Platform)

U.S. BankIrving, TX
Hybrid

About The Position

Be a part of transformational change where integrity matters, success inspires and great teams collaborate and innovate. As the fifth-largest bank in the United States, we’re one of the country’s most respected, innovative, ethical and successful financial institutions. We’re looking for people who want more than just a job – they want to make a difference! U.S. Bank is seeking a Platform Engineer who will contribute toward the success of our technology initiatives as part of our enterprise API, AI, and platform engineering transformation journey. About the Team The Platform Engineering team designs, builds, and operates secure, compliant, and scalable API, AI, and cloud-native platforms that power digital services across the organization. We function as a platform engineering organization , enabling domain teams to accelerate delivery through self-service infrastructure, strong governance, and automation-first design . We partner closely with Cloud Engineering, IAM, Information Security, Networking, and FinOps teams to ensure our platforms meet regulatory expectations while delivering a high-quality developer experience. Our mission is to enable secure, standardized, and high-performance platform ecosystems across hybrid and multi-cloud environments while enforcing enterprise standards through automation and policy-driven controls.

Requirements

  • Bachelor’s degree, or equivalent work experience
  • Six to eight years of relevant experience
  • 7+ years of experience in platform engineering, API gateway engineering, or cloud infrastructure
  • Strong hands-on expertise with Apigee (OPDK, Hybrid) including platform architecture, proxy development, deployment, and troubleshooting
  • Proven experience in enterprise API gateway engineering , including: API proxy lifecycle (design, build, deploy, operate ) Traffic management, mediation, transformation, caching, and analytics Gateway performance tuning and high-throughput optimization
  • Strong systems engineering / systems administration background , including: Linux/Unix system administration Networking fundamentals (DNS, TCP/IP, load balancing, TLS, firewalls) Troubleshooting at OS, network, and application layers
  • Experience operating and supporting large-scale distributed systems and platforms in production environments
  • Hands-on experience with Apigee platform installation, configuration, upgrades, and operations (OPDK or Hybrid)
  • Deep understanding of API security standards , including OAuth 2.0, JWT, mTLS , API key management, and secure token flows
  • Experience with Kubernetes platforms (EKS, AKS, GKE) and containerized workloads
  • Strong experience building and maintaining CI/CD pipelines for platform and API deployments
  • Experience with Infrastructure-as-Code (Terraform, Helm, Ansible) for provisioning and managing platform resources
  • Experience integrating platforms with enterprise identity providers (Entra ID / Azure AD, SAML, RBAC )
  • Hands-on experience with secrets management ( HashiCorp Vault, Azure Key Vault)
  • Strong understanding of networking architecture , including private connectivity, ingress, reverse proxies, and gateway integration patterns
  • Experience with observability and monitoring tools (Prometheus, Grafana, Splunk, Datadog, ELK)
  • Strong troubleshooting and debugging skills across API gateways, Kubernetes, networking, and backend integrations
  • Ability to work across development, platform, and operations domains , bridging gaps between application and infrastructure teams
  • Experience with WAF / Akamai platform Integration with Gateways
  • Hands-on experience designing and implementing Azure Load Balancer, Azure Application Gateway, and Azure Front Door
  • Strong experience with AWS load balancing services , including ALB, NLB, and API Gateway integrations
  • Experience configuring and troubleshooting F5 BIG-IP (LTM/GTM) for enterprise traffic management
  • Deep understanding of Layer 4 and Layer 7 load balancing patterns
  • Experience with SSL/TLS termination, certificate management, and mTLS configurations
  • Knowledge of DNS routing, traffic steering, failover, and global load balancing strategies
  • Experience integrating load balancers with API gateways (Apigee) and Kubernetes ingress controllers
  • Hands-on experience troubleshooting network latency, connection failures, TLS handshake issues, and routing problems across environments

Nice To Haves

  • Experience designing and operating enterprise API platforms at scale (Apigee Hybrid / multi-cloud gateway architectures)
  • Experience evaluating and implementing AWS API Gateway, Azure API Management , or other modern gateway solutions
  • Experience designing or implementing GraphQL gateway architectures or federated APIs
  • Exposure to AI / GenAI gateway platforms , including secure access and model routing
  • Experience working in regulated environments (financial services, healthcare, etc.)
  • Familiarity with DevOps and SRE practices , including SLIs, SLOs, error budgets, and reliability engineering
  • Knowledge of Kubernetes networking, ingress controllers, and service mesh concepts
  • Relevant certifications in cloud platforms, Kubernetes, or API management technologies

Responsibilities

  • Design, build, and operate the enterprise API and AI platform supporting multiple business domains (Finance, HR, Supply Chain)
  • Own the API and AI gateway platform lifecycle , including account topology, RBAC, network architecture, governance, CI/CD automation, and disaster recovery
  • Develop, deploy, and manage API proxies, shared flows, and gateway policies to enable secure and scalable API exposure
  • Design and implement multi-cloud gateway architectures leveraging Apigee, AWS API Gateway, and Azure API Management
  • Implement secure network connectivity , including Azure Private Link, private endpoints, Private DNS Zones, and network policy enforcement
  • Develop and maintain Terraform modules to automate provisioning and lifecycle management of API gateway and platform resources
  • Enable self-service platform consumption through validated YAML manifests and automated deployments via CI/CD pipelines (e.g., Shield CI/CD)
  • Integrate platform and gateway capabilities with Entra ID (Azure AD) using SAML SSO, SCIM provisioning, and enterprise RBAC patterns
  • Manage service authentication, secrets, and key rotation using HashiCorp Vault and Azure Key Vault
  • Implement and enforce API security controls , including OAuth 2.0, JWT, API keys, mTLS , and threat protection policies
  • Enforce security and compliance controls , including audit logging, policy-as-code, tagging, access controls, and governance standards
  • Embed infrastructure and supply-chain security scanning into CI/CD pipelines.
  • Design and implement GraphQL gateway architectures for backend orchestration and modern API consumption patterns
  • Design for resiliency and cost efficiency , including resource optimization, capacity planning, cost allocation, and chargeback models
  • Own cross-region disaster recovery strategies , replication design, and RPO/RTO adherence for platform services
  • Implement observability and monitoring using tools such as Prometheus, Grafana, Splunk, Datadog, and AppDynamics
  • Lead incident response, troubleshooting, and root cause analysis (RCA) for platform and gateway-related issues
  • Govern secure data and API sharing patterns , ensuring proper access controls, auditing, and usage monitoring
  • Partner with Cloud, IAM, Security, Networking, and FinOps teams to ensure alignment with enterprise architecture and regulatory requirements
  • Provide technical leadership and mentorship to engineering teams and drive platform adoption and best practices

Benefits

  • Healthcare (medical, dental, vision)
  • Basic term and optional term life insurance
  • Short-term and long-term disability
  • Pregnancy disability and parental leave
  • 401(k) and employer-funded retirement plan
  • Paid vacation (from two to five weeks depending on salary grade and tenure)
  • Up to 11 paid holiday opportunities
  • Adoption assistance
  • Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service