Senior System Engineer - Platform​/API

The Sr Systems Engineer Platform – API Gateway is responsible for developing, managing, and optimizing enterprise API platforms using both Apigee and Kong. This role ensures secure, scalable, and highly available API traffic across cloud and on‑prem environments, supporting enterprise integration and modernization initiatives. The engineer will operate and evolve a dual‑gateway strategy, supporting Apigee (cloud-native) and Kong (on‑prem / hybrid / cloud), while enabling standardization, observability, and long‑term migration.

This position is an on site role located in Springfield, MO.

• Lead the end-to-end design and development of APIs that facilitate secure, high-performance communication across distributed systems.
• Create API specifications using OpenAPI/Swagger, ensuring consistent documentation and developer-friendly interface contracts.
• Implement advanced traffic management policies (e.g., spike arrest, quota enforcement, request/response transformation, mediation, logging).
• Build and extend API functionality using Java and Python, integrating with microservices, data services, or third-party systems.
• Establish consistent API patterns, naming conventions, and versioning strategies that promote reuse and maintainability.
• Design APIs optimized for Google Cloud services, integrating with GCP-native components such as Cloud Functions, Cloud Run, Cloud Pub/Sub, and Cloud Storage.
• Configure and manage API proxies, developer portals, and key gateway components in Apigee Edge/X Enterprise environments.
• Administer Apigee instances hosted on GCP (Apigee X or hybrid), including runtime and control plane setup, VPC peering, and Security configurations.
• Monitor platform health, debug proxy execution flows, and resolve errors in real time to ensure 24/7 uptime and minimal latency.
• Optimize platform performance through tuning of connection pools, caching layers, circuit breakers, and distributed tracing.
• Develop custom plugins and extensions for Apigee as required to support business-specific logic.
• Enhance developer onboarding and productivity through well-documented APIs, sandbox environments, and intuitive developer portal interfaces.
• Define and implement Infrastructure as Code (IaC) using Terraform, automating the provisioning and configuration of gateway resources, environments, and network routing.
• Develop and maintain robust CI/CD pipelines using Jenkins, integrating static code analysis, unit/integration testing, approval workflows, and automated rollback strategies.
• Ensure secure and scalable multi‑environment deployment patterns (Dev/Test/Prod), maintaining consistent configurations across environments.
• Integrate pipelines with code repositories (Git), secrets management (Vault), and artifact registries (e.g., Artifactory).
• Leverage GCP services like Cloud Build, Artifact Registry, and Secret Manager to build and secure deployment pipelines for API infrastructure.
• Enforce API security by implementing authentication and authorization mechanisms using OAuth 2.0, API keys, SAML, and JWT.
• Integrate with enterprise identity providers (e.g., Okta, Azure AD) for secure access control and identity federation.
• Perform regular security assessments and apply mitigations for known vulnerabilities (e.g., OWASP API Top 10).
• Ensure compliance with data protection and audit requirements (PCI, SOC2, HIPAA), including access logging, token handling, and data redaction.
• Utilize GCP Identity and Access Management (IAM), Identity-Aware Proxy (IAP), and VPC Service Controls to secure API access and protect sensitive data.
• Advocate for and implement Zero Trust principles at the API layer, ensuring secure east‑west and north‑south traffic using mutual TLS, fine‑grained access controls, and real‑time threat analytics.
• Implement observability and monitoring tools such as Dynatrace, Grafana, or ELK to gain visibility into API performance, usage trends, and error rates.
• Use GCP-native observability tools (Cloud Monitoring, Cloud Logging, Cloud Trace) to monitor API traffic and proactively resolve anomalies.
• Analyze telemetry data to identify bottlenecks, optimize latency, and proactively address issues before they…