Key skills
CloudDistributed SystemsKubernetesTerraformAPI GatewayOAuthJWTKongGitOpsService MeshCommunicationCloud Security
About this role
Role Overview
- Designing, implementing, and operating identity and authorization platforms used across internal and external services
- Defining and evolving authentication and authorization patterns based on OAuth 2.0, OpenID Connect, and token-based security
- Supporting and improving API security using API Gateway technologies, preferably Kong, including authentication flows, rate limiting, and policy enforcement
- Collaborating with engineering teams to securely integrate identity solutions into APIs and services
- Building and maintaining infrastructure using Infrastructure as Code (Terraform)
- Operating and securing Kubernetes-based workloads and identity-related services
- Contributing to cloud architecture decisions with a strong focus on security, resilience, and scalability
- Partnering with DevOps and SRE teams to improve observability, incident response, and operational excellence
- Participating in security reviews, threat modeling, and architecture design discussions
- Defining best practices, documentation, and reference architectures for identity and access management
- Continuously learning and staying current with modern identity, cloud security, and platform engineering practices
Requirements
- 6 or more years of work experience with a Bachelor's Degree or 4 or more years of relevant experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or up to 3 years of relevant experience with a PhD
- Strong experience securing API Gateway platforms , with deep familiarity in architectures based on Kong Gateway (Enterprise or OSS) , including ingress and egress traffic patterns in cloud‑native environments.
- Proven expertise in Identity and service‑to‑service security , including the design, enforcement, and validation of mTLS‑based communication , certificate lifecycle management, and trust boundaries across distributed systems.
- Hands‑on experience working with Public Key Infrastructure (PKI) concepts and implementations, including certificate issuance, rotation, revocation, and integration with gateways and workloads.
- Deep understanding of API security controls implemented at the gateway layer, such as OAuth2, OpenID Connect, JWT validation, client credentials, rate limiting, traffic filtering, and abuse prevention.
- Strong experience securing Kubernetes‑based platforms , including API Gateway deployments running inside clusters, with knowledge of namespaces, workload isolation, network policies, and integration with service mesh when applicable.
- Solid experience reviewing and influencing Infrastructure as Code (IaC) used to provision API Gateways, identity components, and supporting infrastructure, particularly using Terraform and GitOps‑style workflows.
- Proven ability to perform security assessments, threat modeling, and architectural reviews for gateway and identity platforms, identifying systemic risks, misconfigurations, and scalability concerns.
- Strong understanding of observability and security monitoring for gateways and identity services, including logs, metrics, and traces used to detect anomalies, investigate incidents, and support audits.
- Excellent analytical and problem‑solving skills, with strong attention to detail when operating in high‑traffic, multi‑environment, and multi‑region platforms .
- Ability to clearly communicate security risks, architectural decisions, and remediation strategies to engineering teams, platform owners, and non‑technical stakeholders.
- Demonstrated ability to lead and influence cross‑functional teams , including platform engineering, SRE, and application teams, ensuring consistent security baselines across the API and identity ecosystem.
Tech Stack
- Cloud
- Distributed Systems
- Kubernetes
- Terraform
Benefits
- Employees can work remotely