HiringCafe
Posted 1d ago

Senior API Cloud Engineer

@ Transflo
View All Jobs
United States
RemoteFull Time
Responsibilities:designing APIs, building integrations, operating integrations
Requirements Summary:7+ years software/cloud engineering (3+ years on APIs), experience designing REST/WebSocket/Webhook integrations, AWS platform expertise, Terraform and CI/CD (Azure DevOps), security/authentication knowledge, and observability with Datadog/CloudWatch.
Technical Tools Mentioned:REST, WebSocket, Webhooks, OpenAPI, Swagger, gRPC, AWS API Gateway, AWS Lambda, AWS Step Functions, AWS EventBridge, AWS SQS, AWS SNS, AWS CloudFront, AWS CloudWatch, AWS Secrets Manager, AWS Parameter Store, Terraform, Microsoft Azure DevOps, AWS CloudFormation, SAM, AWS CDK, Datadog APM, AWS X-Ray, OpenTelemetry, Node.js, Python, .NET, C#, Git, Microsoft Azure Repos, IAM, VPC, ACM, Route 53, S3, DynamoDB, Apigee, Kong, AWS API Gateway developer portal, OAuth 2.0, OpenID Connect (OIDC), HMAC, mTLS, WAF
Save
Mark Applied
Hide Job
Report & Hide
Job Description
ABOUT TRANSFLO
Transflo is a leading provider of transportation technology solutions that connect shippers, carriers, and drivers through a powerful suite of mobile, cloud, and data analytics products. Trusted by thousands of fleets and millions of drivers across North America, Transflo's platform digitizes the entire freight lifecycle — from document capture and workflow automation to real-time shipment visibility and driver communication. We are a fast-moving, engineering-driven company where innovation, reliability, and customer impact are at the heart of everything we build.
 
POSITION SUMMARY
The Senior API Cloud Engineer is a hands-on technical leader responsible for designing, building, and operating the integration fabric that connects Transflo's platform to its customers and third-party partners. You will architect and deliver highly resilient, secure, and observable integration patterns using modern REST, Webhook, and WebSocket paradigms — backed by AWS-native PaaS services. You will lead the way though an AI-first building methodology, showing the art of the possible.  This role sits at the intersection of cloud engineering, integration architecture, and DevSecOps, and requires someone who is equally comfortable leading design conversations and writing production-grade infrastructure-as-code.
 
CORE AREAS OF RESPONSIBILITY
API Design & Integration Architecture
  • Design and implement enterprise-grade REST APIs, WebSocket connections, and Webhook patterns to enable reliable, high-throughput connectivity between Transflo systems, customers, and third-party partners.
  • Define and enforce API contracts, versioning strategies, and backward-compatibility policies that support long-lived integrations.
  • Architect resilient integration patterns including retry logic, circuit breakers, dead-letter queues, and idempotency controls.
  • Evaluate and select appropriate integration patterns (synchronous vs. asynchronous, request/response vs. event-driven) based on SLA requirements and partner capabilities.
  • Produce clear API documentation, OpenAPI specifications, and integration playbooks for both internal teams and external partners.
AWS Cloud Platform Engineering
  • Build and maintain integration services using AWS API Gateway, Lambda, Step Functions, CloudFront, SQS, SNS, and EventBridge as primary building blocks.
  • Design event-driven architectures using AWS EventBridge to decouple services, trigger workflows, and enable real-time data propagation across the Transflo ecosystem.
  • Leverage AWS SQS and SNS for reliable asynchronous messaging, fan-out patterns, and cross-service communication.
  • Use AWS Step Functions to orchestrate multi-step integration workflows with built-in error handling, branching, and state management.
  • Optimize API Gateway configurations including throttling, caching, custom authorizers, usage plans, and request transformation.
  • Deploy and manage CloudFront distributions for low-latency API delivery and edge security enforcement.
Security & Authentication
  • Implement and govern modern authentication and authorization patterns including OAuth 2.0, OpenID Connect (OIDC), HMAC signature verification, and bearer token-based access control.
  • Enforce zero-trust security principles at the API layer, including mTLS, IP allowlisting, secrets management via AWS Secrets Manager or Parameter Store, and least-privilege IAM policies.
  • Conduct and support security design reviews, threat modeling, and remediation of API-layer vulnerabilities.
  • Partner with the security team to maintain compliance with relevant data protection standards and partner SLA commitments.
Infrastructure as Code & CI/CD
  • Author and maintain Terraform modules for all integration infrastructure — API Gateway stages, Lambda functions, event buses, queues, topics, and IAM roles.
  • Build and manage CI/CD pipelines in Azure DevOps (ADO) for automated testing, deployment, and rollback of integration services.
  • Use AWS CloudFormation (including SAM/CDK where applicable) for stack management and resource provisioning.
  • Enforce infrastructure drift detection, policy-as-code guardrails, and environment promotion gates (dev to staging to production).
  • Champion DevSecOps practices: integrate SAST/DAST scanning, dependency auditing, and secrets detection directly into pipeline workflows.
Observability & Operational Excellence
  • Establish comprehensive monitoring and alerting for all integration endpoints using AWS CloudWatch (metrics, logs, alarms, dashboards) and Datadog (APM, log pipelines, SLO tracking, and anomaly detection).
  • Define and track Service Level Objectives (SLOs) and error budgets for integration services; drive proactive improvements based on telemetry.
  • Lead incident response and root-cause analysis for integration failures, capacity events, and partner-impacting issues.
  • Instrument Lambda functions, Step Functions, and API Gateway stages with structured logging, distributed tracing (AWS X-Ray / Datadog APM), and custom metrics.
Technical Leadership & Collaboration
  • Serve as a technical anchor for integration-focused projects, driving architectural decisions and code quality through design reviews and pull request feedback.
  • Collaborate cross-functionally with product, mobile, data, and platform engineering teams to align integration patterns with business requirements.
  • Mentor junior and mid-level engineers on cloud-native integration principles, security best practices, and DevOps culture.
  • Evaluate third-party iPaaS tools, API management platforms, and partner SDKs; provide build-vs-buy recommendations.
REQUIRED EXPERIENCE & QUALIFICATIONS
Education & Experience
  • Bachelor's degree in Computer Science, Software Engineering, Information Systems, or a related field — or equivalent professional experience.
  • 7+ years of professional software or cloud engineering experience, with at least 3+ years focused on API development, cloud integrations, and AWS services.
  • 5+ years of software engineering / development building customer facing systems
  • Demonstrated experience delivering production integration platforms used by external customers or third-party partners at scale.
API & Integration
  • Deep expertise designing and delivering RESTful APIs, including resource modeling, pagination, error handling, and versioning strategies.
  • Hands-on experience building Webhook delivery systems with retry, exponential backoff, signature verification (HMAC), and event ordering guarantees.
  • Proficiency with WebSocket-based real-time communication patterns for bidirectional data streaming use cases.
  • Experience using OpenAPI/Swagger specifications to drive contract-first API design.
  • Working knowledge of GraphQL as an alternative query pattern is a plus.
AWS Services
  • AWS API Gateway (REST and HTTP APIs): custom authorizers, usage plans, throttling, stage variables, and VPC Link.
  • AWS Lambda: function design, concurrency management, cold-start mitigation, and event source mappings.
  • AWS Step Functions: Standard and Express workflows, error handling, wait states, and integration with other AWS services.
  • AWS EventBridge: event bus design, routing rules, schema registry, and cross-account event patterns.
  • AWS SQS: standard and FIFO queues, dead-letter queues, message visibility, and large-payload patterns.
  • AWS SNS: topic-based publish/subscribe, message filtering, and fan-out to SQS/Lambda.
  • AWS CloudFront: distribution configuration, origin access controls, cache policies, and WAF integration.
  • AWS CloudWatch: log groups, metric filters, dashboards, composite alarms, and Contributor Insights.
  • Supporting services: AWS Secrets Manager, IAM (policies, roles, permission boundaries), VPC, ACM, and Route 53.
Security & Authentication
  • Proven implementation of OAuth 2.0 authorization flows (Authorization Code, Client Credentials, Device Flow) and OpenID Connect (OIDC) for identity federation.
  • Experience with HMAC-based request signing for Webhook authenticity verification.
  • Proficiency with bearer token issuance, validation, and revocation strategies.
  • Familiarity with WAF rule authoring, API-level rate limiting, and DDoS mitigation at the edge.
  • Knowledge of certificate management, mutual TLS (mTLS), and API key lifecycle management.
Infrastructure as Code & DevOps
  • Strong Terraform skills: module authoring, remote state management, workspace strategies, and provider configuration for AWS.
  • CI/CD experience with Azure DevOps (ADO) Pipelines: YAML pipeline authoring, approval gates, artifact management, and environment promotion.
  • AWS CloudFormation and/or SAM experience for stack-level resource management and serverless deployments.
  • Experience integrating security scanning (SAST, dependency vulnerability checks, secrets detection) into CI/CD pipelines.
  • Git-based branching strategies (GitFlow, trunk-based development) and pull request workflows.
Observability & Monitoring
  • Proficiency with AWS CloudWatch for centralized logging, metric-based alerting, and operational dashboards.
  • Hands-on experience with Datadog: APM instrumentation, log management pipelines, monitors, SLOs, and dashboard creation.
  • Experience with distributed tracing (AWS X-Ray, OpenTelemetry, or Datadog APM) in serverless and microservices environments.
SKILLS & EXPERIENCE
Technical Skills Summary
Representative technologies this role works with regularly:





Area



Technologies / Tools





API & Integration



REST, WebSocket, Webhooks, OpenAPI/Swagger, gRPC (awareness)





AWS Core Services



API Gateway, Lambda, Step Functions, EventBridge, SQS, SNS, CloudFront





Auth & Security



OAuth 2.0, OIDC, HMAC, Bearer Token, mTLS, WAF, Secrets Manager





IaC & CI/CD



Terraform, AWS CloudFormation / SAM, Azure DevOps Pipelines





Observability



AWS CloudWatch, Datadog APM, X-Ray, OpenTelemetry





Languages / Runtimes



Node.js, Python, or .NET/C# for Lambda authoring





Source Control



Git, Azure Repos





Additional AWS



IAM, VPC, ACM, Route 53, S3, DynamoDB (integration state)





 
PREFERRED QUALIFICATIONS
  • Experience in the transportation, logistics, or fleet management industry — familiarity with telematics, ELD/HOS data, or freight document workflows is a strong plus.
  • AWS Certified Developer, Solutions Architect, or Advanced Networking certification.
  • Experience with AWS CDK (TypeScript or Python) for infrastructure as code.
  • Knowledge of service mesh patterns (AWS App Mesh, Istio) and container-based workloads (ECS, EKS) in addition to serverless.
  • Familiarity with API governance platforms (e.g., Apigee, Kong, AWS API Gateway developer portal) for API lifecycle management.
CORE COMPETENCIES
  • Customer-first, delivery oriented mindset: Values delivery over theory; biased towards action.
  • Integration mindset: Thinks holistically about connectivity — considers partner constraints, failure modes, and retry semantics before writing a line of code.
  • Security-first: Treats authentication, authorization, and data protection as first-class requirements, not afterthoughts.
  • AI Powered delivery: Highly experienced with modern AI enabled IDE’s, multi-agent AI coding workflows
  • Operational ownership: Monitors what they ship; defines alerts, runbooks, and SLOs before declaring a service production-ready.
  • Infrastructure discipline: Manages cloud resources as versioned, reviewed code — never clicks through the console for anything that should be reproducible.
  • Clear communicator: Able to document integration contracts precisely for both internal engineering teams and external partner developers.
  • Collaborative leader: Elevates teammates through review, partnering, and mentorship; brings a solutions-oriented perspective to cross-team challenges.
  • Continuous learner: Tracks the AWS service roadmap and emerging API standards; proactively proposes improvements before they become reactive needs.