Senior API Cloud Engineer

Transflo Terminal Services, Inc.
16 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote

Tech stack

API
Artificial Intelligence
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Application Integration Architecture
User Authentication
Automation of Tests
Azure
Cloud Engineering
Software Quality
Information Systems
Continuous Integration
DDoS Mitigation
DevOps
Amazon DynamoDB
Monitoring of Systems
Identity and Access Management
Python
Key Management
Microsoft Message Queuing
Node.js
OAuth
OpenID
Openid Connect
Azure DevOps Pipelines
Zero Trust Network Access
Swagger
Message Oriented Middleware
Amazon Web Services (AWS)
Software Engineering
Data Streaming
Systems Integration
TypeScript
Management of Software Versions
WebSocket
WebRTC
YAML
Openapi
Trunk-based Development
Datadog
SSL Certificate Management
Data Logging
Istio
Multi-Agent Systems
State Machines
Caching
AWS Lambda
Apigee
Amazon Web Services (AWS)
GIT
Cloudformation
Servicebus
Git Flow
Information Technology
TFS
Integration Frameworks
Real Time Data
GraphQL
Route53
Cloud Integration
BIG-IP Access Policy Manager (APM)
Api Design
Cloudwatch
Api Gateway
REST
Elastic Beanstalk
Amazon Web Services (AWS)
Terraform
Pagination
Software Version Control
Dynatrace
Devsecops
Api Management
Serverless Computing
Static Application Security Testing
Vulnerability Analysis
Microservices
Dynamic Application Security Testing

Job description

The Senior API Cloud Engineer is a hands-on technical leader responsible for designing, building, and operating the integration fabric that connects Transflo's platform to its customers and third-party partners. You will architect and deliver highly resilient, secure, and observable integration patterns using modern REST, Webhook, and WebSocket paradigms - backed by AWS-native PaaS services. You will lead the way though an AI-first building methodology, showing the art of the possible. This role sits at the intersection of cloud engineering, integration architecture, and DevSecOps, and requires someone who is equally comfortable leading design conversations and writing production-grade infrastructure-as-code. CORE AREAS OF RESPONSIBILITY API Design & Integration Architecture

  • Design and implement enterprise-grade REST APIs, WebSocket connections, and Webhook patterns to enable reliable, high-throughput connectivity between Transflo systems, customers, and third-party partners.
  • Define and enforce API contracts, versioning strategies, and backward-compatibility policies that support long-lived integrations.
  • Architect resilient integration patterns including retry logic, circuit breakers, dead-letter queues, and idempotency controls.
  • Evaluate and select appropriate integration patterns (synchronous vs. asynchronous, request/response vs. event-driven) based on SLA requirements and partner capabilities.
  • Produce clear API documentation, OpenAPI specifications, and integration playbooks for both internal teams and external partners.

AWS Cloud Platform Engineering

  • Build and maintain integration services using AWS API Gateway, Lambda, Step Functions, CloudFront, SQS, SNS, and EventBridge as primary building blocks.
  • Design event-driven architectures using AWS EventBridge to decouple services, trigger workflows, and enable real-time data propagation across the Transflo ecosystem.
  • Leverage AWS SQS and SNS for reliable asynchronous messaging, fan-out patterns, and cross-service communication.
  • Use AWS Step Functions to orchestrate multi-step integration workflows with built-in error handling, branching, and state management.
  • Optimize API Gateway configurations including throttling, caching, custom authorizers, usage plans, and request transformation.
  • Deploy and manage CloudFront distributions for low-latency API delivery and edge security enforcement.

Security & Authentication

  • Implement and govern modern authentication and authorization patterns including OAuth 2.0, OpenID Connect (OIDC), HMAC signature verification, and bearer token-based access control.
  • Enforce zero-trust security principles at the API layer, including mTLS, IP allowlisting, secrets management via AWS Secrets Manager or Parameter Store, and least-privilege IAM policies.
  • Conduct and support security design reviews, threat modeling, and remediation of API-layer vulnerabilities.
  • Partner with the security team to maintain compliance with relevant data protection standards and partner SLA commitments.

Infrastructure as Code & CI/CD

  • Author and maintain Terraform modules for all integration infrastructure - API Gateway stages, Lambda functions, event buses, queues, topics, and IAM roles.
  • Build and manage CI/CD pipelines in Azure DevOps (ADO) for automated testing, deployment, and rollback of integration services.
  • Use AWS CloudFormation (including SAM/CDK where applicable) for stack management and resource provisioning.
  • Enforce infrastructure drift detection, policy-as-code guardrails, and environment promotion gates (dev to staging to production).
  • Champion DevSecOps practices: integrate SAST/DAST scanning, dependency auditing, and secrets detection directly into pipeline workflows.

Observability & Operational Excellence

  • Establish comprehensive monitoring and alerting for all integration endpoints using AWS CloudWatch (metrics, logs, alarms, dashboards) and Datadog (APM, log pipelines, SLO tracking, and anomaly detection).
  • Define and track Service Level Objectives (SLOs) and error budgets for integration services; drive proactive improvements based on telemetry.
  • Lead incident response and root-cause analysis for integration failures, capacity events, and partner-impacting issues.
  • Instrument Lambda functions, Step Functions, and API Gateway stages with structured logging, distributed tracing (AWS X-Ray / Datadog APM), and custom metrics.

Technical Leadership & Collaboration

  • Serve as a technical anchor for integration-focused projects, driving architectural decisions and code quality through design reviews and pull request feedback.

  • Collaborate cross-functionally with product, mobile, data, and platform engineering teams to align integration patterns with business requirements.

  • Mentor junior and mid-level engineers on cloud-native integration principles, security best practices, and DevOps culture.

  • Evaluate third-party iPaaS tools, API management platforms, and partner SDKs; provide build-vs-buy recommendations., * AWS API Gateway (REST and HTTP APIs): custom authorizers, usage plans, throttling, stage variables, and VPC Link.

  • AWS Lambda: function design, concurrency management, cold-start mitigation, and event source mappings.

  • AWS Step Functions: Standard and Express workflows, error handling, wait states, and integration with other AWS services.

  • AWS EventBridge: event bus design, routing rules, schema registry, and cross-account event patterns.

  • AWS SQS: standard and FIFO queues, dead-letter queues, message visibility, and large-payload patterns.

  • AWS SNS: topic-based publish/subscribe, message filtering, and fan-out to SQS/Lambda.

  • AWS CloudFront: distribution configuration, origin access controls, cache policies, and WAF integration.

  • AWS CloudWatch: log groups, metric filters, dashboards, composite alarms, and Contributor Insights.

  • Supporting services: AWS Secrets Manager, IAM (policies, roles, permission boundaries), VPC, ACM, and Route 53., Representative technologies this role works with regularly: Area Technologies / Tools API & Integration REST, WebSocket, Webhooks, OpenAPI/Swagger, gRPC (awareness) AWS Core Services API Gateway, Lambda, Step Functions, EventBridge, SQS, SNS, CloudFront Auth & Security OAuth 2.0, OIDC, HMAC, Bearer Token, mTLS, WAF, Secrets Manager IaC & CI/CD Terraform, AWS CloudFormation / SAM, Azure DevOps Pipelines Observability AWS CloudWatch, Datadog APM, X-Ray, OpenTelemetry Languages / Runtimes Node.js, Python, or .NET/C# for Lambda authoring Source Control Git, Azure Repos Additional AWS IAM, VPC, ACM, Route 53, S3, DynamoDB (integration state), * Customer-first, delivery oriented mindset: Values delivery over theory; biased towards action.

  • Integration mindset: Thinks holistically about connectivity - considers partner constraints, failure modes, and retry semantics before writing a line of code.

  • Security-first: Treats authentication, authorization, and data protection as first-class requirements, not afterthoughts.

  • AI Powered delivery: Highly experienced with modern AI enabled IDE's, multi-agent AI coding workflows

  • Operational ownership: Monitors what they ship; defines alerts, runbooks, and SLOs before declaring a service production-ready.

  • Infrastructure discipline: Manages cloud resources as versioned, reviewed code - never clicks through the console for anything that should be reproducible.

  • Clear communicator: Able to document integration contracts precisely for both internal engineering teams and external partner developers.

  • Collaborative leader: Elevates teammates through review, partnering, and mentorship; brings a solutions-oriented perspective to cross-team challenges.

  • Continuous learner: Tracks the AWS service roadmap and emerging API standards; proactively proposes improvements before they become reactive needs.

Requirements

  • Bachelor's degree in Computer Science, Software Engineering, Information Systems, or a related field - or equivalent professional experience.
  • 7+ years of professional software or cloud engineering experience, with at least 3+ years focused on API development, cloud integrations, and AWS services.
  • 5+ years of software engineering / development building customer facing systems
  • Demonstrated experience delivering production integration platforms used by external customers or third-party partners at scale.

API & Integration

  • Deep expertise designing and delivering RESTful APIs, including resource modeling, pagination, error handling, and versioning strategies.
  • Hands-on experience building Webhook delivery systems with retry, exponential backoff, signature verification (HMAC), and event ordering guarantees.
  • Proficiency with WebSocket-based real-time communication patterns for bidirectional data streaming use cases.
  • Experience using OpenAPI/Swagger specifications to drive contract-first API design.
  • Working knowledge of GraphQL as an alternative query pattern is a plus., * Proven implementation of OAuth 2.0 authorization flows (Authorization Code, Client Credentials, Device Flow) and OpenID Connect (OIDC) for identity federation.
  • Experience with HMAC-based request signing for Webhook authenticity verification.
  • Proficiency with bearer token issuance, validation, and revocation strategies.
  • Familiarity with WAF rule authoring, API-level rate limiting, and DDoS mitigation at the edge.
  • Knowledge of certificate management, mutual TLS (mTLS), and API key lifecycle management.

Infrastructure as Code & DevOps

  • Strong Terraform skills: module authoring, remote state management, workspace strategies, and provider configuration for AWS.
  • CI/CD experience with Azure DevOps (ADO) Pipelines: YAML pipeline authoring, approval gates, artifact management, and environment promotion.
  • AWS CloudFormation and/or SAM experience for stack-level resource management and serverless deployments.
  • Experience integrating security scanning (SAST, dependency vulnerability checks, secrets detection) into CI/CD pipelines.
  • Git-based branching strategies (GitFlow, trunk-based development) and pull request workflows.

Observability & Monitoring

  • Proficiency with AWS CloudWatch for centralized logging, metric-based alerting, and operational dashboards.
  • Hands-on experience with Datadog: APM instrumentation, log management pipelines, monitors, SLOs, and dashboard creation.
  • Experience with distributed tracing (AWS X-Ray, OpenTelemetry, or Datadog APM) in serverless and microservices environments., * Experience in the transportation, logistics, or fleet management industry - familiarity with telematics, ELD/HOS data, or freight document workflows is a strong plus.
  • AWS Certified Developer, Solutions Architect, or Advanced Networking certification.
  • Experience with AWS CDK (TypeScript or Python) for infrastructure as code.
  • Knowledge of service mesh patterns (AWS App Mesh, Istio) and container-based workloads (ECS, EKS) in addition to serverless.
  • Familiarity with API governance platforms (e.g., Apigee, Kong, AWS API Gateway developer portal) for API lifecycle management.

About the company

Transflo is a leading provider of transportation technology solutions that connect shippers, carriers, and drivers through a powerful suite of mobile, cloud, and data analytics products. Trusted by thousands of fleets and millions of drivers across North America, Transflo's platform digitizes the entire freight lifecycle - from document capture and workflow automation to real-time shipment visibility and driver communication. We are a fast-moving, engineering-driven company where innovation, reliability, and customer impact are at the heart of everything we build.

Apply for this position