Application Architect

Job Description

Application Architect (API Standards & Compliance Lead)

Contract-to-Hire Full Time

About the Role

We are seeking an experienced API Standards & Compliance Lead to define and drive enterprise-wide API governance frameworks. This role ensures consistency, security, and scalability across all APIs while advancing an API first strategy. You will partner with Architecture, Security, Platform Engineering, and Developer Experience teams to establish clear standards, lifecycle processes, and compliance policies.

This is a strategic, governance-focused role—not a hands-on engineering or development position.

Responsibilities

API Governance & Standards

Develop and maintain enterprise API design and governance standards (REST, OpenAPI, GraphQL).

Define naming conventions, versioning guidelines, documentation requirements, and lifecycle expectations.

Lead governance review boards, approval workflows, and operating models.

Create reference architectures, policy templates, and standards playbooks.

Lifecycle Governance & Platform Alignment

Oversee API onboarding, documentation quality, catalog management, and discoverability.

Define governance processes for publishing, runtime policies, and analytics.

Promote consistent use of API products, proxies, and catalogs.

Security & Compliance

Establish governance for OAuth2, JWT, JWKS, mTLS, and related security patterns.

Ensure alignment with regulatory frameworks such as HIPAA, GDPR, and Open Banking/PSD2.

Work with Security and Compliance teams to define controls, evidence, and audit processes.

Developer Experience & Support

Collaborate with DevEx teams to improve portal usability and API discoverability.

Provide training, documentation, and office hours to support teams delivering compliant APIs.

Create checklists, sample API specifications, and governance cheat sheets.

Analytics & Continuous Improvement

Define and track governance metrics (compliance %, approval times, policy adoption).

Use analytics to identify gaps and enhance standards.

Conduct maturity assessments and share updates with stakeholders.

Risk, Audit & Tooling

Establish design-time and runtime compliance controls.

Manage exceptions and remediation plans.

Support automation efforts including policy as code and CI/CD integration.

Required Qualifications

10+ years of IT experience with strong API expertise.

5+ years in API governance, architecture, or platform leadership roles.

Deep knowledge of REST, OpenAPI/Swagger, GraphQL, and API lifecycle management.

Strong understanding of security patterns (OAuth2, JWT, mTLS).

Experience with API management platforms (Apigee X preferred, others acceptable).

Excellent communication, standards-writing, and stakeholder alignment skills.

Preferred Qualifications

GCP or Apigee certifications.

Experience with IAM solutions (e.g., Ping Identity).

Familiarity with CI/CD automation, DevSecOps, and policy-as-code.

Experience improving developer portals or API catalogs.

Role Clarity

This role is:

Governance focused

Standards driven

Architecture aligned

This role is NOT:

Day-to-day engineering

Hands-on proxy development

Full-time