Principal Engineer – Platform API Architect
Washington Staffing
API Architect
Core Responsibilities
Define the end-to-end API strategy (REST/GraphQL/Async), standards, and reference architectures.
Lead API domain modeling and contract-first design (OpenAPI/AsyncAPI/GraphQL SDL).
Own non-functional requirements—security, performance, reliability, observability, and cost.
Govern API lifecycle: versioning, deprecation, backward compatibility, and documentation.
Partner with product, platform, and app teams to translate business workflows into APIs.
Build API gateways, auth, rate limiting, and monetization.
Review designs/PRs; mentor engineers; run design reviews and ADRs.
Technical skills (must-have)
Protocols & styles: REST best practices, GraphQL (e.g., Apollo Server/Federation), gRPC; event-driven and async patterns (webhooks, pub/sub, SAGA).
API contracts & tooling: OpenAPI/Swagger, AsyncAPI, Postman.
Security: OAuth2/OIDC, JWT, mTLS, secrets management, scopes/claims, fine-grained auth (ABAC/RBAC), threat modeling, OWASP API Top 10.
Gateways & mesh: Experience with API gateways (Apigee/Gloo GW), service mesh (Istio/Linkerd), rate limiting, caching, quota, and WAF.
Cloud & runtime: Containers + Kubernetes.
DevOps & IaC: CI/CD (e.g., GitHub Actions/Jenkins), Terraform for infra, automated schema validation and contract tests in pipelines.
Observability: Distributed tracing, metrics, logging, SLOs/error budgets.
Data & performance: Caching layers, pagination, idempotency, consistency strategies, schema evolution; performance tuning/load testing.
Integration patterns: Orchestration vs. choreography, retries/backoff, DLQs, eventual consistency patterns for long-running flows.
Nice-to-have
GraphQL expertise with Apollo Server/Federation and schema governance.
Knowledge of Neo4j/graph modeling for complex relationship queries exposed via APIs.
Experience designing provisioning/automation APIs (idempotent operations, workflow status, async jobs).
Familiarity with IBM/RH integration stacks (e.g., IBM RIA) and API gateway policy authoring.
Architecture & design expectations
Produce API domain maps, sequence/flow diagrams, and canonical models.
Define versioning (URI/header), pagination, error standards, and naming conventions.
Establish reference implementations (auth, retry/circuit breaker, correlation IDs).
Choose sync vs. async boundaries; define SAGA/compensation for multi-service workflows.
Create golden paths and reusable templates (service scaffold, CI pipeline, Helm chart).
Security, compliance, and governance
Enforce zero-trust principles; design least-privilege scopes and token lifecycles.
Data protection: PII handling, encryption in transit/at rest, key rotation.
Compliance awareness, audit trails.
API catalog/portal ownership (e.g., Backstage) and consumer onboarding SLAs.
Delivery & leadership
Run API design reviews; uphold standards via linters and CI gates.
Drive stakeholder alignment (product, security, data, platform).
Mentor engineers; build a community of practice for API design.
Communicate trade-offs clearly; write ADRs and decision logs.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.