Senior System Engineer - Platform/API

About The Position

Requirements

• 5+ years of experience with Apigee Edge / Apigee X including proxy development, custom policy creation, API product configuration, and environment management.
• Strong experience with Kong API Gateway (OSS or Enterprise), including declarative configuration, plugin development, service mesh integration, and hybrid deployment.
• Expertise in designing and building scalable, secure, and reusable RESTful APIs.
• Proficient in using OpenAPI/Swagger specifications for API documentation and contract-first development.
• Knowledge of API versioning strategies, rate limiting, quota management, and caching policies.
• Advanced proficiency in Java and Python for backend logic, service integration, and policy extensions.
• Hands-on experience with Google Cloud Platform (GCP) services including: Apigee X Cloud Run Cloud Functions Cloud Pub/Sub IAM & VPC Cloud Monitoring & Logging
• Familiar with GCP networking concepts (VPC peering, load balancing) and hybrid/multi-cloud API deployments.
• Proficient in building CI/CD pipelines using tools such as Jenkins, GitHub Actions, and Google Cloud Build for automated testing, deployment, and rollback.
• Strong experience with Terraform for Infrastructure as Code (IaC) to provision and manage API gateway components and cloud infrastructure.
• Version control using Git, branching strategies, and release automation.
• Deep knowledge of API security models, including OAuth 2.0, JWT, API Keys, and SAML-based integrations.
• Implementation of TLS, encryption, input validation, and secure token handling.
• Awareness of compliance standards such as PCI-DSS, SOC2, and HIPAA.
• Experience with Cloud Monitoring (Stackdriver), Prometheus, Grafana, ELK Stack, or equivalent observability platforms.
• Implementation of health checks, alerting, distributed tracing, and performance dashboards.
• Root cause analysis (RCA) and proactive issue detection using logs, metrics, and traces.
• Experience integrating APIs with enterprise systems, microservices, and cloud-native platforms.
• Familiarity with event-driven architectures and messaging services such as Kafka or Cloud Pub/Sub.
• Skilled in performance tuning of API proxies and gateways for low latency and high throughput.
• Implementation of caching strategies, load balancing, fault tolerance, and retry mechanisms.

Nice To Haves

• Experience with Node.js and scripting languages (e.g., Bash, Shell) is a plus.
• Experience with Kubernetes (GKE preferred) and containerization using Docker.
• Familiarity with Istio, Linkerd, or other service mesh technologies.
• Knowledge of managing and customizing Apigee or Kong Developer Portals.
• Exposure to GraphQL, gRPC, WebSockets, and asynchronous messaging patterns.
• Experience with advanced API security tools like Google Cloud Armor, WAFs, or bot mitigation solutions.
• Proficiency in GitLab CI, ArgoCD, Spinnaker, or similar modern CI/CD tools.
• Familiarity with secrets management tools such as HashiCorp Vault or GCP Secret Manager.
• Experience with API testing and validation tools like Postman, SoapUI, ReadyAPI, or Karate.
• Working knowledge of distributed tracing and observability tools such as OpenTelemetry, Jaeger, or Zipkin.
• Integration of monitoring systems with incident response tools like PagerDuty or Opsgenie.
• Google Cloud Certifications (e.g., Apigee API Engineer, Professional Cloud Architect).
• Certified Kubernetes Administrator (CKA) or other relevant DevOps/cloud certifications.
• Industry experience in retail, e-commerce, finance, or healthcare with API-driven systems.
• Understanding of regulatory requirements like GDPR, HIPAA, or PSD2 in API environments.
• Bachelor’s Degree in Computer Science, Software Engineering, Information Systems, or equivalent practical experience.

Responsibilities

• Lead the end-to-end design and development of APIs that facilitate secure, high-performance communication across distributed systems.
• Create API specifications using OpenAPI/Swagger, ensuring consistent documentation and developer-friendly interface contracts.
• Implement advanced traffic management policies (e.g., spike arrest, quota enforcement, request/response transformation, mediation, logging).
• Build and extend API functionality using Java and Python, integrating with microservices, data services, or third-party systems.
• Establish consistent API patterns, naming conventions, and versioning strategies that promote reuse and maintainability.
• Design APIs optimized for Google Cloud services, integrating with GCP-native components such as Cloud Functions, Cloud Run, Cloud Pub/Sub, and Cloud Storage.
• Configure and manage API proxies, developer portals, and key gateway components in Apigee Edge/X Enterprise environments.
• Administer Apigee instances hosted on GCP (Apigee X or hybrid), including runtime and control plane setup, VPC peering, and Security configurations.
• Monitor platform health, debug proxy execution flows, and resolve errors in real time to ensure 24/7 uptime and minimal latency.
• Optimize platform performance through tuning of connection pools, caching layers, circuit breakers, and distributed tracing.
• Develop custom plugins and extensions for Apigee as required to support business-specific logic.
• Enhance developer onboarding and productivity through well-documented APIs, sandbox environments, and intuitive developer portal interfaces.
• Define and implement Infrastructure as Code (IaC) using Terraform, automating the provisioning and configuration of gateway resources, environments, and network routing.
• Develop and maintain robust CI/CD pipelines using Jenkins, integrating static code analysis, unit/integration testing, approval workflows, and automated rollback strategies.
• Ensure secure and scalable multi-environment deployment patterns (Dev/Test/Prod), maintaining consistent configurations across environments.
• Integrate pipelines with code repositories (Git), secrets management (Vault), and artifact registries (e.g., Artifactory).
• Leverage GCP services like Cloud Build, Artifact Registry, and Secret Manager to build and secure deployment pipelines for API infrastructure.
• Enforce API security by implementing authentication and authorization mechanisms using OAuth 2.0, API keys, SAML, and JWT.
• Integrate with enterprise identity providers (e.g., Okta, Azure AD) for secure access control and identity federation.
• Perform regular security assessments and apply mitigations for known vulnerabilities (e.g., OWASP API Top 10).
• Ensure compliance with data protection and audit requirements (PCI, SOC2, HIPAA), including access logging, token handling, and data redaction.
• Utilize GCP Identity and Access Management (IAM), Identity-Aware Proxy (IAP), and VPC Service Controls to secure API access and protect sensitive data.
• Advocate for and implement Zero Trust principles at the API layer, ensuring secure east-west and north-south traffic using mutual TLS, fine-grained access controls, and real-time threat analytics.
• Implement observability and monitoring tools such as Dynatrace, Grafana, or ELK to gain visibility into API performance, usage trends, and error rates.
• Use GCP-native observability tools (Cloud Monitoring, Cloud Logging, Cloud Trace) to monitor API traffic and proactively resolve anomalies.
• Analyze telemetry data to identify bottlenecks, optimize latency, and proactively address issues before they impact users.
• Define health checks, alerts, and auto-remediation scripts to minimize downtime and maximize SLA adherence.
• Participate in on-call rotations and lead root cause analysis (RCA) sessions for high-priority incidents.
• Use KPIs such as latency, error rates, request volumes, and uptime to drive performance tuning and system improvements.
• Act as a technical liaison between architecture, development, DevOps, and InfoSec teams, ensuring seamless API integration and security compliance.
• Participate in design and architecture review boards (ARB) to validate API standards, design choices, and reuse of common components.
• Mentor junior engineers and provide guidance on API management best practices, gateway design, and automation strategies.
• Champion API-first development culture, driving adoption of modular, loosely coupled, and domain-driven services.
• Collaborate with cloud engineering and platform teams to ensure alignment with GCP architecture principles and multi-region resilience strategies.
• Collaborate with product teams to define API consumption models, pricing tiers, and usage metrics that align with organizational goals and customer needs.
• Participate in failure testing and chaos engineering exercises to validate API resiliency, scalability, and recovery under real-world failure scenarios.
• Manage the complete lifecycle of APIs — from planning, design, implementation, publishing, monitoring, deprecation, and retirement.
• Maintain an API catalog and ensure consistency with enterprise metadata and documentation requirements.
• Define and enforce governance policies related to API access control, rate plans, naming standards, SLAs, and operational handoff.
• Ensure API lifecycle activities adhere to GCP governance models, including organization policies, folder structure, and audit logging.
• Stay current with the latest advancements in API gateways, edge computing, cloud-native technologies, and DevOps practices.
• Evaluate and prototype new tools, patterns, and methods to improve productivity, quality, and time to market.
• Participate in proof-of-concept (PoC) initiatives, research assignments, and vendor evaluations to drive platform innovation.
• Continuously review and enhance existing services to improve reusability, security posture, and developer experience.
• Lead PoCs using emerging GCP API features (e.g., Apigee Advanced Security, Cloud Endpoints, Cloud Armor) and share findings with the engineering community.

Benefits

• Competitive Wages & Paid Time Off
• Stock Purchase Plan & 401k with Employer Contributions Starting Day One
• Medical, Dental, & Vision Insurance with Optional Flexible Spending Account (FSA)
• Team Member Health/Wellbeing Programs
• Tuition Educational Assistance Programs
• Opportunities for Career Growth