[Remote] Senior API Cloud Engineer
Note: The job is a remote job and is open to candidates in USA. Transflo is a company that focuses on cloud engineering and integration architecture. The Senior API Cloud Engineer will design, build, and operate the integration fabric connecting Transflo's platform to its customers and third-party partners, leading the development of resilient and secure integration patterns.
Responsibilities
- Design and implement enterprise-grade REST APIs, WebSocket connections, and Webhook patterns to enable reliable, high-throughput connectivity between Transflo systems, customers, and third-party partners
- Define and enforce API contracts, versioning strategies, and backward-compatibility policies that support long-lived integrations
- Architect resilient integration patterns including retry logic, circuit breakers, dead-letter queues, and idempotency controls
- Evaluate and select appropriate integration patterns (synchronous vs. asynchronous, request/response vs. event-driven) based on SLA requirements and partner capabilities
- Produce clear API documentation, OpenAPI specifications, and integration playbooks for both internal teams and external partners
- Build and maintain integration services using AWS API Gateway, Lambda, Step Functions, CloudFront, SQS, SNS, and EventBridge as primary building blocks
- Design event-driven architectures using AWS EventBridge to decouple services, trigger workflows, and enable real-time data propagation across the Transflo ecosystem
- Leverage AWS SQS and SNS for reliable asynchronous messaging, fan-out patterns, and cross-service communication
- Use AWS Step Functions to orchestrate multi-step integration workflows with built-in error handling, branching, and state management
- Optimize API Gateway configurations including throttling, caching, custom authorizers, usage plans, and request transformation
- Deploy and manage CloudFront distributions for low-latency API delivery and edge security enforcement
- Implement and govern modern authentication and authorization patterns including OAuth 2.0, OpenID Connect (OIDC), HMAC signature verification, and bearer token-based access control
- Enforce zero-trust security principles at the API layer, including mTLS, IP allowlisting, secrets management via AWS Secrets Manager or Parameter Store, and least-privilege IAM policies
- Conduct and support security design reviews, threat modeling, and remediation of API-layer vulnerabilities
- Partner with the security team to maintain compliance with relevant data protection standards and partner SLA commitments
- Author and maintain Terraform modules for all integration infrastructure — API Gateway stages, Lambda functions, event buses, queues, topics, and IAM roles
- Build and manage CI/CD pipelines in Azure DevOps (ADO) for automated testing, deployment, and rollback of integration services
- Use AWS CloudFormation (including SAM/CDK where applicable) for stack management and resource provisioning
- Enforce infrastructure drift detection, policy-as-code guardrails, and environment promotion gates (dev to staging to production)
- Champion DevSecOps practices: integrate SAST/DAST scanning, dependency auditing, and secrets detection directly into pipeline workflows
- Establish comprehensive monitoring and alerting for all integration endpoints using AWS CloudWatch (metrics, logs, alarms, dashboards) and Datadog (APM, log pipelines, SLO tracking, and anomaly detection)
- Define and track Service Level Objectives (SLOs) and error budgets for integration services; drive proactive improvements based on telemetry
- Lead incident response and root-cause analysis for integration failures, capacity events, and partner-impacting issues
- Instrument Lambda functions, Step Functions, and API Gateway stages with structured logging, distributed tracing (AWS X-Ray / Datadog APM), and custom metrics
- Serve as a technical anchor for integration-focused projects, driving architectural decisions and code quality through design reviews and pull request feedback
- Collaborate cross-functionally with product, mobile, data, and platform engineering teams to align integration patterns with business requirements
- Mentor junior and mid-level engineers on cloud-native integration principles, security best practices, and DevOps culture
- Evaluate third-party iPaaS tools, API management platforms, and partner SDKs; provide build-vs-buy recommendations
Skills
- Bachelor's degree in Computer Science, Software Engineering, Information Systems, or a related field — or equivalent professional experience
- 7+ years of professional software or cloud engineering experience, with at least 3+ years focused on API development, cloud integrations, and AWS services
- 5+ years of software engineering / development building customer facing systems
- Demonstrated experience delivering production integration platforms used by external customers or third-party partners at scale
- Deep expertise designing and delivering RESTful APIs, including resource modeling, pagination, error handling, and versioning strategies
- Hands-on experience building Webhook delivery systems with retry, exponential backoff, signature verification (HMAC), and event ordering guarantees
- Proficiency with WebSocket-based real-time communication patterns for bidirectional data streaming use cases
- Experience using OpenAPI/Swagger specifications to drive contract-first API design
- Working knowledge of GraphQL as an alternative query pattern is a plus
- AWS API Gateway (REST and HTTP APIs): custom authorizers, usage plans, throttling, stage variables, and VPC Link
- AWS Lambda: function design, concurrency management, cold-start mitigation, and event source mappings
- AWS Step Functions: Standard and Express workflows, error handling, wait states, and integration with other AWS services
- AWS EventBridge: event bus design, routing rules, schema registry, and cross-account event patterns
- AWS SQS: standard and FIFO queues, dead-letter queues, message visibility, and large-payload patterns
- AWS SNS: topic-based publish/subscribe, message filtering, and fan-out to SQS/Lambda
- AWS CloudFront: distribution configuration, origin access controls, cache policies, and WAF integration
- AWS CloudWatch: log groups, metric filters, dashboards, composite alarms, and Contributor Insights
- Proven implementation of OAuth 2.0 authorization flows (Authorization Code, Client Credentials, Device Flow) and OpenID Connect (OIDC) for identity federation
- Experience with HMAC-based request signing for Webhook authenticity verification
- Proficiency with bearer token issuance, validation, and revocation strategies
- Familiarity with WAF rule authoring, API-level rate limiting, and DDoS mitigation at the edge
- Knowledge of certificate management, mutual TLS (mTLS), and API key lifecycle management
- Strong Terraform skills: module authoring, remote state management, workspace strategies, and provider configuration for AWS
- CI/CD experience with Azure DevOps (ADO) Pipelines: YAML pipeline authoring, approval gates, artifact management, and environment promotion
- AWS CloudFormation and/or SAM experience for stack-level resource management and serverless deployments
- Experience integrating security scanning (SAST, dependency vulnerability checks, secrets detection) into CI/CD pipelines
- Git-based branching strategies (GitFlow, trunk-based development) and pull request workflows
- Proficiency with AWS CloudWatch for centralized logging, metric-based alerting, and operational dashboards
- Hands-on experience with Datadog: APM instrumentation, log management pipelines, monitors, SLOs, and dashboard creation
- Experience with distributed tracing (AWS X-Ray, OpenTelemetry, or Datadog APM) in serverless and microservices environments
- Serve as a technical anchor for integration-focused projects, driving architectural decisions and code quality through design reviews and pull request feedback
- Collaborate cross-functionally with product, mobile, data, and platform engineering teams to align integration patterns with business requirements
- Mentor junior and mid-level engineers on cloud-native integration principles, security best practices, and DevOps culture
- Evaluate third-party iPaaS tools, API management platforms, and partner SDKs; provide build-vs-buy recommendations
- Experience in the transportation, logistics, or fleet management industry — familiarity with telematics, ELD/HOS data, or freight document workflows is a strong plus
- AWS Certified Developer, Solutions Architect, or Advanced Networking certification
- Experience with AWS CDK (TypeScript or Python) for infrastructure as code
- Knowledge of service mesh patterns (AWS App Mesh, Istio) and container-based workloads (ECS, EKS) in addition to serverless
- Familiarity with API governance platforms (e.g., Apigee, Kong, AWS API Gateway developer portal) for API lifecycle management
Company Overview