Senior Developer Applications - API

Role Summary

The Senior Developer, Applications - API is responsible for designing and building business applications and support functions based upon identified business requirements and best practice. The role leads to the implementation of strategic business objectives with an emphasis on application architecture and applies advanced analysis skills and experience in principles of architecting, designing, demonstrating, and positioning. This position will help plan, coordinate, architect, and develop all activities related to the integration of software programs, applications, and third-party solutions as required to meet the business requirements of the organization.

Responsibilities

• Design and implement end-to-end API integrations, including authentication, error handling, rate limiting, and retries.
• Build and maintain scalable, secure, and well-documented RESTful and GraphQL APIs for internal and external consumption.
• Evaluate and integrate with third-party APIs from partners, vendors, and platforms (e.g., Stripe, Salesforce, Shopify, AWS, Twilio).
• Adhere to secure coding practices and ensure all integrations adhere to security and compliance standards (e.g., OWASP Top 10, data encryption, access control).
• Conduct regular code audits and security reviews of API implementations, both internal and third-party.
• Design authentication and authorization flows using best practices such as OAuth 2.0, API tokens, and JWT with expiration/refresh strategies.
• Develop reusable integration patterns and middleware services to streamline future API work.
• Ensure integration reliability with automated testing, monitoring, logging, and alerting.
• Collaborate with DevOps teams to manage API gateway configurations, reverse proxies, and load balancing (e.g., AWS API Gateway, NGINX, Kong).
• Secure API endpoints using industry-standard practices (e.g., OAuth2, OpenID Connect, HMAC, API key management).
• Optimize API performance and scalability using caching (e.g., Redis, CDN), pagination, and asynchronous processing where appropriate.
• Work with large datasets in transit and build resilient data synchronization mechanisms.
• Maintain backward compatibility and version control for public-facing APIs.
• Perform code reviews and enforce best practices around integration architecture and error handling.
• Create and maintain comprehensive documentation on all integrations, development, and changes.
• Participate in incident response and postmortems related to API outages or third-party failures.
• Create, edit and adhere to Standard Operating Procedures (SOPs), process improvements, and standardization of templates.
• Perform ad-hoc and cross-functional projects assigned to support business needs and provide developmental opportunities.

Education & Experience

• Bachelor‚Äôs degree in computer science, Engineering, or a related field with 5+ years of backend development experience with a strong focus on API architecture and integration required.
• Experience with API schema management tools like Swagger/OpenAPI, Postman, or Stoplight required.
• Experience with API Gateway platforms (e.g., AWS API Gateway, Kong, Apigee, NGINX) required.
• Experience with transport layer security (TLS), HTTPS, certificate pinning, and secure transmission of sensitive data required.
• Experience using static and dynamic analysis tools for security testing (e.g., Snyk, SonarQube, Burp Suite, OWASP ZAP) preferred.

Knowledge, Skills, & Abilities

• Proficiency in at least one backend language or framework: Node.js, Python (Django/Flask/FastAPI), Java (Spring Boot), or C# (.NET Core).
• Deep understanding of REST, GraphQL, Webhooks, WebSockets, and gRPC.
• Knowledge of HTTP/HTTPS protocols, status codes, CORS, content negotiation, and idempotency.
• Proficiency working with OAuth 2.0, JWT, API keys, and secure token exchange mechanisms.
• Familiarity with message brokers and event-driven architectures (e.g., Kafka, RabbitMQ, SNS/SQS).
• Strong Git/GitHub (or GitLab/Bitbucket) workflow experience, including branching strategies and CI/CD.
• Familiarity with serverless integration models using AWS Lambda, Azure Functions, or GCP Cloud Functions.
• Proficiency with data transformation tools (e.g., JSONPath, JQ, XML/XSLT).
• Understanding of OWASP API Security Top 10, with experience mitigating common vulnerabilities like injection, insecure object references, and excessive data exposure.
• Familiarity with IAM (Identity and Access Management) principles and tools (e.g., RBAC, ABAC, AWS IAM).
• Knowledge of API rate limiting, throttling, IP whitelisting, and other protective measures to prevent abuse.
• Understanding of middleware platforms (e.g., MuleSoft, Workato, Dell Boomi) or iPaaS tools.
• Exposure to monitoring and tracing tools like Datadog, New Relic, Prometheus, Grafana, or OpenTelemetry.
• Working knowledge of Docker and basic container orchestration with Kubernetes or ECS/EKS.

Education

• No additional education section beyond above.

Additional Requirements

• This position works in El Segundo, CA.
• Regular work schedule is Monday ‚Äì Friday, within standard business hours. Flexibility is available with manager approval.
• Must possess mobility to work in a standard office setting and to use standard office equipment, including a computer.
• Lift and carry materials weighing up to 20 pounds.